Home » Software » Fake Razer Communication App With Malware!

A discovery by Malwarebytes that has made us aware of this fake voice comms app. Software
by

If you’re used to using Razer communication software to connect with gaming friends online then you might probably want to double check where you’re getting it from.

Malwarebytes reported of checking out a site steamccommynity(dot)com that was said to be an exact replica of Razer Comms website. The only difference is that the fake site will let you download a bogus file called image.scr instead of the real RazerComms5.5.14.exe file.

Malwarebytes also stated that this was their first time to have seen a gaming voice comms services used to lure gamers to malware attacks. While the site was caught at an early stage, thanks to Malwarebytes, let it be a warning to us to take precautions on visiting unfamiliar sites.

Razer Comms homepage

What does image.scr do?

The file is named image.scr. Some of us may already know that this is a common in-game trading scam. Unfortunately, there are times when we lack the concentration and we accidentally download and install it. Thankfully this file is said to be erratic and no real threat was visible. When executed, the file will occasionally pop out a screensaver box and will always trigger a .NET framework error message. During the testing, Malwarebytes didn’t see any data being stolen or compromised (maybe due to errors), but this doesn’t mean that the file is no threat, as whoever responsible can improve on the file and update it.

img.scr screenshot

Checking the code inside the .scr file, it has been found that the files are similarly associated with password theft. Also, a reference to a URL that leads to some intriguing places that lets you login on something called “Steam Fishing Tools” (basically a Steam hack). Other pages were also found but were non-functional; however, there’s this one link that will take you to a Russian gaming portal with a number of threads on hacking related topics.

Tips on How to Avoid Malware Attacks

Stay Smart Online

It is best to be safe than sorry, here are some reminders or some new tips to keep in mind:

  • When logging into your accounts, however it may be important or not important, always be vigilant as these non-important accounts maybe used to gain access to your important ones.
  • Always check your system for unwanted applications that automatically runs when you start your system like a keylogger.
  • When accessing important accounts (i.e. PayPal), you could use copy-paste method especially when you don’t have access to any applications that are running on the system. For example, you can just open any document or webpage containing your password and simply copy a letter or word and paste it on your log-in screen. It may be a time-waster but it’s quite effective.
  • Double check or even better, triple check the site you are in.
  • Never download on unfamiliar and untrusted sites.
  • Don’t open files emailed to you from complete strangers or check their email address.
  • Read any notifications or warnings that you need to run on your system.
  • Trading and phishing scams usually always are giving out a good trade or deal to lure victims to not read or think twice. So when you do need something off the web, do it the right way and go to their official sites instead of getting them from 2nd or 3rd party websites, unless of course the site is officially an affiliate.
About James

James' is a freelance writer with a passion for PC gaming, hardware and software. When he is not writing or gaming, he will always find a way to do one of either or even both.

Related

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>