In Russia, security researchers have identified a new family of malicious software that secretly uses victims’ devices to mine cryptocurrency while pretending to be free simulator games. The activity affected several thousand users over a period of weeks, with reports of degraded performance, stuttering, and rising device temperatures as the mining process ran in the background. The information comes from security briefings that cite findings from established cybersecurity laboratories, including Kaspersky Lab, and from independent researchers tracing the attack’s spread. Security briefings cite findings from Kaspersky Lab.
Attackers push the malware through cracked or freely distributed versions of popular simulator games that appear in Torrent viewers. The trojanized installers install a customized copy of the XMRIG miner on the victim’s computer. The campaign seems to have begun around the end of 2024, and new batches continued into the following weeks, expanding the pool of affected machines. Kaspersky Lab findings cited in security briefings indicate the same pattern of distribution and infection.
Once active, the miner consumes CPU cycles and, on many systems, also leverages GPU resources. This overload leads to slower performance, frequent freezes, and overheating of components such as the processor and graphics card. Some variants quietly load additional modules that access crypto wallets, browsers, and other software, increasing the risk of data exposure and further instability. Security monitoring notes indicate the threat can linger quietly for long periods, evading casual detection.
As a result, players may lose access to game accounts, in-game currencies, or saved payment methods. Infected devices can be recruited into a botnet controlled by the attackers to mine cryptocurrency at scale. To guard against this threat, users should download software only from official sources, keep the operating system and applications updated, and run reliable security tools with real-time protection. Regular full-system scans, monitoring for unusual CPU usage, and restricting unknown program permissions can help detect and stop the threat early. If infection is suspected, isolating the device, backing up important data, and seeking guidance from trusted security sources is recommended. Security advisories referencing Kaspersky Lab inputs emphasize these steps as practical safeguards.
Earlier in 2024, researchers highlighted a major vulnerability affecting Russian companies, underscoring how cyber threats can evolve by disguising criminal activities as ordinary software. This incident reinforces the need for layered defense, timely updates, and user awareness across homes and workplaces. The takeaway is clear: keep systems patched, verify downloads, and maintain robust endpoint protection to reduce exposure to crypto-mining malware. Industry briefings in 2024 noted the climate of risk for businesses and individual users alike, urging vigilance and proactive defense.