Hearthstone Add-Ons Summon Malware to Attack Gamers

You can always leave it to the Internet to take a good thing and try to ruin it for everyone else. Take Hearthstone: Heroes of Warcraft, for example: a polished, fun digital card game that, in any sane universe, would cost lots of money to play.

Blizzard, however, has kept the game free, with optional micro-transactions, and naturally, this has led people to try to cheat the system. Installing third-party add-on software to the game is often a violation of the game's terms, but moreover, these programs are often little more than shells for dangerous malware.

Symantec, the Mountain View, California-based information-security giant, researched the topic and shared the troubling news on its Security Response blog yesterday (Feb. 9). The results are a classic case of "cheaters never prosper." People who try to game Hearthstone's system are invariably getting thrashed with malware, but it seems that even those with more mild, information-based add-ons may not be safe.

MORE: Most Anticipated Games

For the uninitiated, here's how Hearthstone works. The Warcraft spin-off title is a collectible card game, like a videogame version of Magic: The Gathering. Players gather cards, build decks and compete with other players to score bragging rights as well as additional cards. While real money is the fastest way to build your deck, you can also earn "gold" and "dust" — two kinds of hard-won in-game currency.

Cybercriminals have developed Hearthstone "add-ons" that claim to earn gold and dust for the player. Some work, some don't, but most are vectors for malware.

There are two kinds of dust- and gold-earning applications. The first kind claims to "hack" Hearthstone to simply give you more of the two currencies. Given Blizzard's almost airtight security, this is a laughable claim. Programs like the Hearthstone Hack Tool are nothing but malware in disguise — in this case, the Trojan.Coinbitclip, which hijacks computers to mine and steal Bitcoins.

The second kind of Hearthstone cheat is a "bot," and includes programs such as Hearth Buddy and the now-defunct HearthCrawler. These programs play Hearthstone games for a user who's otherwise preoccupied, going so far as to emote occasionally to give the impression of a real player.

Hearthstone bots can indeed earn players more currency, but they're also firmly against the rules, and Blizzard has been fairly ruthless about banning players for making use of bots. Symantec pointed out that bots are also a prime target for malware distribution, but did not specify which bots usually come with malware.

There's another kind of Hearthstone add-on: a deck tracker, which both players and Blizzard view with mixed eyes. Deck trackers do not try to cheat the system, but instead keep track of which cards players haven't yet drawn during a match. Some people consider this form of card-counting to be bad sportsmanship, while others consider it strategic.

Blizzard doesn't condone deck trackers, but doesn't take a hardline stance against their use, either. Still, disreputable deck trackers can come with malware, such as Backdoor.Breut. This malware includes a keystroke logger as well as a way to steal footage from webcams.

The only way to completely avoid Hearthstone malware is to play the game fairly, without add-ons, as its creators intended. Otherwise, fearsome orcs, mysterious night elves, and relentless undead could be the least of your PC gaming problems.

Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

  • RoyTaylor
    I play heartstone but i didn't know that there are dangerous malware add on. Good to read this post.