Cybersecurity researchers from Sophos have uncovered a major hacking operation targeting other hackers and users of video game cheats.
Cybersecurity researchers from Sophos have uncovered a major hacking operation targeting other hackers and users of video game cheats.
Sophos has found that the Sakura RAT malware found on GitHub does indeed harm, but not ordinary users, but those who compile and distribute it, TechRadar reports.
«In other words, Sakura RAT has been hacked,» the researchers note.
Most of the RAT code was copied from the popular AsyncRAT, and many of the forms inside were left blank, meaning it didn’t even work properly on the target device. But researchers found it had a lot of «convoluted infection chains, identifiers, and multiple backdoor variants».
According to them, the hacker or hacker group behind the RAT (who goes by the nickname ischhfd83) actually created over a hundred variants of the malware, targeting beginners and people looking for cheats in games.
Sophos found 141 repositories from the same threat actors, 133 of which were infected in various ways. 111 contained Sakura. The majority (58%) of these were advertised as game cheats, 24% as malicious projects, 7% as bots, 5% as crypto tools, and 6% as other miscellaneous tools.
Researchers note that the campaign began in 2024 and was aimed at novices, as experienced hackers would launch such projects in a sandbox environment. Sophos believes it was quite successful.
Recall that last fall, the gaming company Activision announced that it had fixed a bug in its Ricochet anti-cheat system that had mistakenly blocked «a small number of legitimate player accounts.» According to a hacker with the nickname Vizor, the actual number of victims was not a bug, but an exploit that he found and used.
