Some League of Legends players recently got a lot more than they asked for.
The malware appears to have targeted Asian users, specifically those in Taiwan, though other countries such as Singapore and Malaysia were also affected. Fortunately, only a small percentage of players who downloaded the clients were exposed.
Once the malware had been accidentally installed by an unknowing user, the game’s compromised launcher, which was used to deliver the malware would be overwritten with a clean version, making the intrusion difficult to detect.
The malware, called PlugX, is notable for attaching itself to legitimate software. Companies such as Microsoft and Lenovo have been targeted with PlugX in the past, and the issue does appear to be local to Asia.
The problem apparently began with an infiltration at Garena, an Asian software distributor that hosts titles like League of Legends and Path of Exile, as well as Heroes of Newerth and FIFA Online 3. With the distributor itself affected, there was a chance that any user downloading a game from Garena could be at risk.
Thankfully for those who found themselves dealing with unwanted malware infections, Trend Micro was able to work with individuals at Taiwanese security conference called Hacks in Taiwan, which originally discovered the problem, to find a solution. The pair shortly released a tool to clean up the infection.
This episode may leave many in the region feeling a bit uneasy about downloading these games in the future. But int he case of Garena, at any rate, Trend Micro says the company’s installers have been free of malware since Dec. 29.
The inclusion of malware is a common problem for those who download games such as League of Legends through illegitimate means. But problems like this show that on the internet, there’s just no escaping the threat of malware.
Photo via League Of Legends | Remix by Jason Reed