The Fade.exe executable file is a keylogger that may be used to collect passwords, login information for online accounts, banking and credit card information and other data. Fade.exe was recently being distributed through two mods for Grand Theft Auto V. These two mods, named 'Angry Planes' and 'No Clip' offered new features for this popular game. However, they actually were being used to distribute Fade.exe, which was used to collect the computer users' information.
Fade.exe and Its Connection to Grand Theft Auto V Modding
Grand Theft Auto V is an extremely popular PC game in which computer users can freely explore and carry out all kinds of missions. This game has an extensive library of user-made mods that add new features such as better graphics or tweaks to the game's behavior. The presence of Fade.exe in the mods named 'No Clip' and 'Angry Planes' first came to light on the game's popular forums, GTAForums. Later, Fade.exe was confirmed by another Grand Theft Auto V website specializing in mods for this game, GTA5-Mods.com. Unfortunately, these were not unpopular mods. Angry Planes, in particular, was downloaded and executed by thousands of people on GTA5-Mods.com alone, and countless more times from other websites distributing Grand Theft Auto V mods. In fact, Angry Planes was even featured on important gaming publications like PC Gamer and Kotaku, giving it a legitimacy that may have encouraged computer users to download it despite having reservations about possible threatening content in the mod.
How Fade.exe Attacks Your Computer
The Angry Planes mod is designed to make planes in Grand Theft Auto V behave more aggressively. Unfortunately, it also installs threats on the victim's computer. This threat, running as the Fade.exe executable, logs the victim's keystrokes in order to gather any important information. This attack is well hidden. Scanning the ASI file (this is the extension for Grand Theft Auto V mods) through an anti-virus program did not detect the presence of Fade.exe and other threatening content. This attack was very well hidden and is completely unprecedented in the way it was hidden in the mod file.
What to do if You are at Risk for a Fade.exe Infection
If you have installed any of the infected mods on your computer, PC security researchers strongly recommend removing them immediately. Then it is important to run a full check on the affected computer for the presence of the Fade.exe file. A strong anti-malware program that is fully up-to- date should be used to perform a full, in-depth scan of the affected computer and all drives that have come into contact with Fade.exe. Since Fade.exe is a keylogger that will try to get your passwords, malware analysts strongly recommend that at-risk computer users change their passwords, especially since computer users have started to indicate that their online accounts have been compromised. For example, on several GTAForums computer users have reported that their Steam accounts were hijacked after installing the infected Grand Theft Auto V mods.
The Aftermath of the Fade.exe Attack
All links to the infected mods have been removed from GTA5-Mods.com, and this website has indicated that they will monitor mods more closely. They also recommend computer users to use LUA or CS source files rather than ASI, DLL or NET.DLL extensions since they are easier to verify. Computer users concerned about possible hidden content in their mods would do well to avoid third-party mods and tools completely, at least until they have been confirmed extensively to be free of any unwanted components such as the Fade.exe file. Malware analysts recommend that computer users affected by Fade.exe take steps to change their passwords and monitor their online accounts to look for any unauthorized usage.