viruses in gta 5 asi mods

you should have a look at this and research iit

http://gtaforums.com/topic/794383-possibility-of-trojan-downloaderspyware-installed-via-gta-v-mod/page-4

upload and check suspicious file(s) at www.virustotal.com / www.metascan-online.com
if scanned before, click rescan for a fresh result

it was scanned by the owner of gta5-mods.com

oh and it made it to kotaku now

http://kotaku.com/psa-some-top-gta-v-mods-have-nasty-viruses-1704480631

it seems avast picked up on the virus i have a fade.exe file in the quarantine since day 1 of using this mod

i can though say i was about to quit using avast i had no intention of renewing my over 7 year now subscribtion as i was tired of the constant pay addons on the highest paying version but seeing how avast was the only antivirus that picked up on this file i think i’ll accept the bloat

here is the analysis
https://www.virustotal.com/en/file/5c6a32b89bc8a83ae6724703698a795fa88293653d5701811e9c7491054a4e43/analysis/

and now it’s on pcgamer

http://www.pcgamer.com/gta-5-mods-angry-planes-and-no-clip-contain-malware/

i’d say it’s time to make this a priority

check your My Messages button at forum top …

i’ve sent you a sample now note it is a mod file not sure what you can do with it as it will only be activated when running it in the game

2015-05-15 03:38:09 UTC ( 2 hours, 28 minutes ago )
https://www.virustotal.com/en/file/96fc6e090cb28dc36c35607fd8f189d62f044d2be18f43e39c58fd1ce2aa9336/analysis/

the other files are not malicious
https://www.virustotal.com/en/file/5c6a32b89bc8a83ae6724703698a795fa88293653d5701811e9c7491054a4e43/analysis/
https://www.virustotal.com/en/file/3f8fc79be726ad2063006dbe955ea96b2209c427059f7103fbb7ef95f385e437/analysis/

zzcool, would you also PM me the files in question. I have a few other sites to try them at.

Or Pondus :slight_smile:

you have a malwr account? … search MD5

The .ASI doesn’t seem malicious at first glance, but further analysis reveals otherwise as per the thread zzcool linked to.

Loading .ASI libriaries are a common practice amongst Grand Theft Auto modders for the past decade, even long after Rockstar discontinued support for the Miles Sound System. Besides natively-compiled ones, scripts written in .NET are used especially with newer games in lieu of writing gameplay logic using the engine’s scripting language.

I know not everyone here’s arsed to shell out $60 to buy a game just to isolate and analyse viruses using said applications as vectors, but given the recent rise in gaming-related threats these days I’m sure it wouldn’t hurt to run GTA V on a VM. 'Sides, some of the folks who posted on the linked thread did do their own sleuthing, which should be a starting point.