Downloading a ‘cracked’ version of Fifa 23 or Hogwarts Legacy for free? It’s probably malware

Screengrab of a scam video disguised as a Fifa 23 guide. PHOTO: SCREENGRAB FROM YOUTUBE

SINGAPORE - The wide availability of artificial intelligence (AI) has led to more realistic and easily produced scam video tutorials, helping fraudsters to better target potential victims online.

The target of the season: Gamers.

This comes on the back of the recent launch of popular game titles like Fifa 23 and Hogwarts Legacy, which have together sold at least 20 million copies worldwide.

AI-generated fake video game tutorials, designed to ensnare gamers looking for pirated or “cracked” versions of video games, carry links to folders embedded with malware.

Clicking on these folders will give hackers control of the victim’s computer and data, including passwords and credit card information, said Singapore-based cyber-security firm CloudSEK.

The firm found 15,000 such fake videos on YouTube in February, following the launch of Hogwarts Legacy earlier that month and Fifa 23 last September.

Comparatively, under 1,000 such videos were recorded last October.

CloudSEK tracked scam links planted in hijacked YouTube accounts and AI-generated scam videos to monitor the number of clicks each received between October and February.

It is not known how many devices were affected by the malware. However, at least 550 people in Singapore have clicked on links in these videos, the firm said.

Another cyber-security firm, Zscaler, said it blocks more than 200,000 AI-generated videos each month.

Users are usually directed from YouTube to file-sharing sites where they are invited to download files containing viruses, said Zscaler’s chief information security officer Deepen Desai.

The use of AI eases the load for fraudsters, as the software helps to automatically animate and program human avatars to read speeches aloud, specific to each variation of the scam.

This is done more efficiently and convincingly than similar videos in the past, which were typically in the form of a screen recording with instructions in the foreground, said CloudSEK threat intelligence researcher Pavan Karthick.

The bogus videos also commonly pose as guides for popular online games such as Grand Theft Auto V, as well as digital workplace tools like Microsoft Office and Adobe Creative Cloud, luring victims who may be keen to learn more – or download cracked versions of the games or program.

Screengrab of a scam video disguised as a Hogwarts Legacy installation guide. PHOTO: SCREENGRAB FROM YOUTUBE

“The scammers target popular games that are usually expensive. It is possible that young children, hoping to get a free copy of the game, are being tricked by these scams while they use their family computers,” said Mr Karthick.

To reach more users, fraudsters often upload these videos on hijacked YouTube accounts with a substantial following, he added.

For instance, a video claiming to provide free download links to Hogwarts Legacy was broadcasted to about 287,000 followers of the compromised account.

The videos typically feature a presenter providing tips on a program or game, guiding the viewer to download malware-infected files from a link in the comments section or video description.

The presenter’s voice is monotonous and sometimes out of sync with the movement of his lips – a telltale sign of a bot.

In a video of instructions to install a cracked version of Fifa 23, an AI-generated human says: “In this video, I will tell you how to download Fifa 23 on your computer… The download link is in the description below.”

The video continues to provide instructions on how to install the software – a virus – with gameplay footage from Fifa 23 in the background. Viewers are directed to install an .exe file, which is potentially dangerous as it can unleash unexpected commands to freeze a user’s computer and steal information, unlike a standard image or media file.

Many of these videos are actively taken down by YouTube for violating its terms of service, although some still remain public.

Screengrab of a scam video disguised as a GTA V guide. PHOTO: SCREENGRAB FROM YOUTUBE

Mr Reuben Wong, 40, who works in the public service, said he has encountered many suspicious videos on YouTube, TikTok and Facebook disguised as gaming tutorials.

Scammers would lure gamers with free content for their games, such as character skins and loadouts, he said.

Mr Wong added that it is common to see swindlers targeting gamers to steal high-level accounts to sell to other gamers.

Another user, who wanted to be known only as En Hui, sees such videos whenever she searches for cracked versions of computer programs like Adobe Photoshop, available under a subscription model.

The 26-year-old, who works in the finance industry, said: “I saw those links and knew they were fishy, so I didn’t click on them.”

“But some of my friends did, and the virus caused them to have to reformat their computer,” she said, adding that this is a risk users take when looking for unlawful versions of apps and games.

Cyber-security experts fear such videos may appear more real as AI develops, despite them being easy to spot for now.

AI-generated services online, like ChatGPT and image generator Midjourney, can also make it easier for fraudsters to create scam content, said Mr Ondrej Kubovic, a security awareness specialist at cyber-security firm ESET.

“We can expect more believable deep fakes and automated generation of basic malware.”

Join ST's Telegram channel and get the latest breaking news delivered to you.