Kaspersky Lab Discovers Tsundere Botnet Targeting Gamers via PowerShell and MSI Installers

Kaspersky Lab has uncovered a new botnet named Tsundere, targeting Windows users through PowerShell scripts and MSI installers. The malware spreads via trojanized installers for popular games like Valorant, CS2, and Rainbow Six Siege, potentially leading to large-scale infections. The use of legitimate Windows tools for malware deployment underscores the attackers' sophistication and the challenge of detecting such threats. This botnet poses a significant risk, particularly to gamers who may download software from unofficial sources. From a technical standpoint, the exploitation of PowerShell and MSI installers highlights the need for enhanced monitoring and verification of software integrity. Organizations should implement robust security measures to detect and prevent such attacks, including monitoring PowerShell usage and validating software installers. This discovery serves as a reminder of the evolving threat landscape and the importance of proactive cybersecurity measures.