Acclaimed MOBA League of Legends’s official game installer recently (January, 2015) caught a nasty case of malware, as per a report by Trend Micro, a security company specializing in software. Trend Micro names another popular game as a victim of the attack – Path of Exile. PoE and LoL were infected with a trojan type virus called PlugX, with both the virus and this case being considered uncommon.
PlugX is well known for allowing users to remotely access other systems without permission and steal data or perform other malicious acts. It and its offshoots commonly latch onto legitimate applications, so the use of PoE and LoL isn’t surprising. The only difference in this case is that PlugX actually created its own service for autostarting rather than using that of the games.
Before you guys spit out your drink and start scanning your PC faster than a Korean’s APM, I should say this: over 80% of the reported infections come from Taiwan. The rest are from similar regions around Asia, namely Singapore, Thailand, Malaysia and Hong Kong.
Reportedly the security breach came from Garena, a provider for consumer internet platforms in Asia. Garena is well known for having strategic partnership deals with major developers like Electronic Arts, S2 Games and Riot Games. It has the rights to exclusive releases of several games of the aforementioned developers.
The company officially responded to the controversy by saying that some of their computers and patch servers were infected with the trojans, hence all distributed installers were also contaminated. The geography of the cases makes sense after you read that last part. Still, it makes one ask why whoever cooked up this virus didn’t spend more effort and go for the Mecca of Esports – Korea. But then if that were to happen, we wouldn’t be looking at an investigation by a security company, would we? It would probably be closer to a witch hunt.