Gamers looking for voice chat software should be careful what they click on. Security firm Malwarebytes recently came across a new bit of malware that is pretending to be the installer for Razer Comms, the voice chat system from Razer.
Malwarebytes didn’t say how it came across the fake chat app, but security-conscious gamers shouldn’t have a hard time protecting themselves from this scam. The Razer Comms malware is basically an imitation site with a malicious download. Here’s how it works.
A player clicks a link to download and install Razer Comms, which is available for Windows and Android. Instead of landing on Razer’s site (RazerZone.com), however, you end up on a site that looks similar but with a different URL.
Click the Android app link on the phony site and you end up at Google Play, as you’d expect. Click the Windows download link and you get a .scr (Windows screensaver) file that is supposedly the Razer Comms installer—it’s supposed to be an EXE file.
The bogus download then fires a malicious script instead of installing the true Razer Comms software.
The impact on you at home: Gamers are becoming a popular new target for hackers, but targeting a third-party chat program is unique. Typically, you’ll see hacks like fake games with phishing attempts or malware links sent through gamer-specific chat programs. Malwarebytes believes this could be the first example of trying to lure people into downloading bogus gamer chat software as opposed to bogus games.
Not a threat, yet
Fortunately, this malware appears to be a work in progress for now. Malwarebytes says the script doesn’t do anything important right now and is full of bugs. It does contain code associated with password theft and also a reference to “Steam Fishing Tools.” With those clues it’s pretty clear this malware could one day go after your Steam logins and possibly other passwords and data.
While it may not work right now, the site could add more fully-featured code in the future. So watch yourself out there! If you download Razer Comms make sure you get it from the source and nowhere else. And be sure to read PCWorld's guide to protecting your PC from devious security traps to spot tricks like this more easily in the future.