'As a rule, proxy servers show a lower ping, so other players will see them at the top of the list. It turned out that a Russian gaming server developer, nicknamed 'Belonard,' has been exploiting these vulnerabilities in the wild to promote his business and create a botnet of compromised gamers' systems by infecting them with a custom Trojan.ĭubbed Belonard, the Trojan named after its developer has been designed to gain persistence, replace the list of available game servers in the vulnerable game client installed on the infected systems, and create proxies to further spread the Trojan.
According to the researchers, Counter-Strike 1.6, a popular game that's almost two decades old, contains unpatched multiple remote code execution (RCE) vulnerabilities in its client software that let attackers execute arbitrary code on the gamer's computer as soon as they connect to a malicious server, without requiring any further interaction from the gamers.