Mods are a big part of the reason why PC gaming is so great. But occasionally, someone takes advantage of how widespread they can get to slip some malicious code in unbeknownst to those who download it.
The popular Angry Planes and No Clip mods for Grand Theft Auto V have been found to contain malicious code. It highlights the importance of scanning any files you download with anti-virus and anti-malware tools before you run them.
GTA Forums member aboutseven did some digging after noticing Angry Planes misbehaving. He found an odd C# compiler program running in his system processes, sending and receiving data across the web. A Fade.exe executable buried in his PC’s Temporary Files folder kept tabs on his activity and altered his Windows registry to silently launch at system boot.
Another user checked out the malware and claims that it used his PC to participate in a DDoS attack against a Twitch game streamer. He found the following modules active inside the malware:
- Facebook spam/credential stealing module
- Twitch spam/credential stealing module
- Messenger.com spam/credential stealing module
- A Steam spamming module
- A Steam module that evaluates the items in your inventory and their value based on current market value
- A Keylogger module that logs individual button presses in an XML like format, it also includes information about context switches (switching from one app/window to another)
- A UDP flooding module
If you have used Angry Planes or No Clip with GTA V, or any mod really, you should perform an anti-malware scan with one of the AV programs that detects the malicious file. It is also for the best if you change your passwords.