The incident comes as cryptojacking heists become increasingly common and sophisticated alongside the rise and popularity of cryptocurrency.
"We believe this is the next team to watch," FireEye's director of intelligence analysis John Hultquist said.
Authorities said thousands have already fallen victim to the scheme described as a "new twist on an old scam".
The finding immediately triggered fierce uproar with many saying "there is absolutely no justification" for including a password stealer in a flight simulation add-on.
Hackers have been found targeting several vulnerabilities in different servers to secretly install cryptomining software and generate digital currencies using victims' resources.
Hackers have targeted a slew of banks worldwide in recent years to gain illegal access to the Swift network and initiate fraudulent money transfers.
"We take the security of personally identifiable information very seriously," California's Department of Fish and Wildlife said.
For their roles in what US prosecutors have called "one of the largest" known cybercrime schemes, two Russian nationals were handed lengthy prison terms this week.
GPU manufacturers are scrambling to deal with rapidly rising demand for graphics cards.