Warning! Bogus Razer Comms game chat app comes loaded with malware

This may be the first time attackers have used bogus game communication doppelgangers to get at gamers, Malwarebytes says.

Gamers looking for voice chat software should be careful what they click on. Security firm Malwarebytes recently came across a new bit of malware that is pretending to be the installer for Razer Comms, the voice chat system from Razer.

Malwarebytes didn't say how it came across the fake chat app, but security-conscious gamers shouldn't have a hard time protecting themselves from this scam. The Razer Comms malware is basically an imitation site with a malicious download. Here's how it works.

A player clicks a link to download and install Razer Comms, which is available for Windows and Android. Instead of landing on Razer's site (RazerZone.com), however, you end up on a site that looks similar but with a different URL.

Click the Android app link on the phony site and you end up at Google Play, as you'd expect. Click the Windows download link and you get a .scr (Windows screensaver) file that is supposedly the Razer Comms installer--it's supposed to be an EXE file.

The bogus download then fires a malicious script instead of installing the true Razer Comms software.

The impact on you at home: Gamers are becoming a popular new target for hackers, but targeting a third-party chat program is unique. Typically, you'll see hacks like fake games with phishing attempts or malware links sent through gamer-specific chat programs. Malwarebytes believes this could be the first example of trying to lure people into downloading bogus gamer chat software as opposed to bogus games.

Not a threat, yet

Fortunately, this malware appears to be a work in progress for now. Malwarebytes says the script doesn't do anything important right now and is full of bugs. It does contain code associated with password theft and also a reference to "Steam Fishing Tools." With those clues it's pretty clear this malware could one day go after your Steam logins and possibly other passwords and data.

While it may not work right now, the site could add more fully-featured code in the future. So watch yourself out there! If you download Razer Comms make sure you get it from the source and nowhere else. And be sure to read PCWorld's guide to protecting your PC from devious security traps to spot tricks like this more easily in the future.

Join the CSO newsletter!

Error: Please check your email address.

Tags identity theftchattingGooglesecurityMalwarebytesRazerIdentity fraud / theftmalware

More about ClickGoogleMalwarebytesRazer

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ian Paul

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place