The PC version of the Grand Theft Auto V hasn’t been out for all that long and modders have already begun making changes to the game. However, a couple of mods have been discovered to contain keyloggers; including the reasonably popular “Angry Planes” that was making the rounds among fans.
Malware was first discovered by a user on the GTA5 forums who noticed a suspicious programme running on his system. A programme that seemed to reappear every time he played GTA 5 with mods turned on. He soon discovered that it was his Angry Planes mod that was depositing the Fade.exe keylogger onto his system whenever it was used. This soon lead to the discovery that Fade.exe was also hidden inside another mod known as “No Clip”.
An analysis of Fade.exe discovered that it had several active modules, and one GTA 5 player also reported that the keylogger apparently took over his computer to participate in a DDoS attack on a Twitch streamer. A feature that is rarely found in malware designed to quietly steal passwords. Other modules in the malware include credential stealing modules, code for assessing the value of Steam items, and the actual keylogging module.
GTA5-mods.com, the website that was hosting the offending mods, has already removed them and has issued a public apology. Anyone who has installed either of these mods, even if it was for a short while, has been asked to perform a full system scan on their computers. These people should also change all their passwords just to be sure.
[Source: GTA Forums]