hijackloader Archives

TrendTechie

February 12, 2026

Хакеры начали активно распространять стилеры на торрентах через популярные игры

Cybersecurity specialists have identified a long-running malware campaign that disguises itself as installers for pirated games, utilizing a malicious component called the RenEngine Loader. This loader operates stealthily, embedding itself within the system while allowing the game to run without disruption, thus evading detection. The campaign has been active since at least April 2025 and primarily targets popular titles from Electronic Arts and Ubisoft, such as Far Cry, FIFA, Need for Speed, and Assassin’s Creed. The malicious code appears as a harmless launcher based on Ren’Py, leading users to believe the installation is normal. Once installed, the loader can facilitate further exploits without immediate data exfiltration. Telemetry has recorded over 400,000 inquiries related to this distribution chain, with an average detection rate of around 5,000 incidents per day, and Russia ranks fourth in these observations.

Tech Optimizer

November 4, 2025

3,000+ YouTube videos deliver malware disguised as free software

YouTube has been identified as a platform for a sophisticated malware distribution network known as the Ghost Network, which has been active since 2021 and surged in activity in 2025. This network uses over 3,000 videos disguised as software cracks and game hacks to spread information-stealing malware, targeting users searching for free software or cheat tools. Cybercriminals utilize compromised accounts and social engineering tactics to create a false sense of security, with videos featuring positive comments from fake accounts. The malware includes programs like Lumma Stealer, Rhadamanthys, StealC, and RedLine, which harvest sensitive information. Two significant campaigns were highlighted: one involved the Rhadamanthys infostealer through a channel with nearly 10,000 subscribers, and the other offered cracked software via a channel with around 129,000 subscribers, with one video gaining over 291,000 views. Users are advised to avoid cracked software, use strong antivirus protection, never disable antivirus software, be cautious with links, use password managers and two-factor authentication, keep systems updated, and utilize trusted data removal services to protect against these threats.

Winsage

August 19, 2025

Microsoft Windows Warning—Stop Playing These Free PC Games

Windows users are at risk when downloading large files, particularly free games from sites like Dodi Repacks, which have been linked to malware distribution. An investigation revealed that downloading these games involves multiple redirects leading to a ZIP file containing a malicious .dll file. This file triggers the installation of HijackLoader malware, designed to bypass antivirus protections and install additional malicious software. HijackLoader employs advanced techniques to evade detection, including checks for virtual machines and monitoring system resources. It manipulates environment variables and executes payloads to maintain persistence on infected PCs. The malware has been associated with various families, including Danabot and RedLine Stealer, and is capable of delivering secondary payloads, with LummaC2 being a recent example. Users are advised to exercise caution when engaging with pirated downloads.