“Unmasking the Illusion: Gamers Lured by Phony Offers to Sample Upcoming Titles”

A phishing initiative is aiming at users with deceptive proposals to participate in beta testing for new video games, researchers from Malwarebytes have reported.

The phishing communications are distributed through Discord, email, or SMS. These messages claim to originate from a game publisher and contain a link to download a file that allegedly holds the game’s installer.

“The files are made available for download on various platforms such as Dropbox, Catbox, and frequently on the Discord content delivery network (CDN), utilizing compromised accounts to lend added legitimacy,” Malwarebytes elaborates. “What the target will inevitably download and install is essentially a credential-stealing Trojan.”

The operation is disseminating multiple variants of malware, each capable of extracting users’ credentials or financial details.

“There are numerous variations in circulation,” the experts assert. “Some utilize NSIS installers, while we have also observed MSI installers. Several types of information stealers, including Nova Stealer, Ageo Stealer, and Hexon Stealer, are also being circulated through these channels.”

The Nova Stealer and Ageo Stealer are considered Malware-as-a-Service (MaaS) stealers, wherein criminals lease the malware and necessary infrastructure to other offenders. It excels in extracting credentials stored in most browsers, stealing session cookies for platforms such as Discord and Steam, along with data theft concerning cryptocurrency wallets.”

The analysts highlight that the assailants can exploit the compromised accounts to initiate further phishing efforts against the victim’s acquaintances.

“One of the primary targets for the stealers appears to be Discord credentials, which can be used to broaden the network of compromised accounts,” the analysts note. “This also assists them since some of the stolen data includes victims’ friends’ accounts.

Through the breach of a growing number of Discord accounts, criminals can deceive other Discord users into thinking their usual friends and connections are communicating with them, thereby emotionally manipulating these users into falling prey to even more scams and malware operations.”

KnowBe4 empowers your workforce to make more informed security choices daily. Over 70,000 organizations around the globe rely on the KnowBe4 platform to enhance their security culture and diminish human-related risks.

Malwarebytes has the story.