Fake Game Sites Trick Users Into Installing Malware

A new online scam is targeting unsuspecting users with fake video game invitations that lead to malware downloads, stealing sensitive personal information.

The scam, first reported by MalwareBytes, begins with a direct message (DM) on platforms like Discord, where the attacker poses as a game developer asking if the target would be interested in testing a new game they’ve created. Sometimes, victims may also receive the message via text or email.

If the target expresses interest, they are sent a download link and a password to access the game’s installation file. These files are often hosted on cloud storage platforms like Dropbox or even on compromised accounts within Discord itself, lending the scam an air of credibility.

However, instead of a game, what the victim actually downloads is an information-stealing Trojan. This story highlights the recent report showing a rise in cyberattacks aimed at young gamers.

MalwareBytes says that these Trojans can come in different forms, often disguised as simple installer files, and they are designed to steal sensitive information from the victim’s computer. The malware is typically disguised in installer formats like NSIS or MSI.

The primary purpose of these Trojans is to gather personal information, such as login credentials, session cookies, and data related to cryptocurrency wallets.

MalwareBytes explains that one of the most common types of malware used in this scam is the Nova Stealer, which specializes in stealing login details from web browsers, Discord, Steam, and even cryptocurrency wallets.

MalwareBytes adds that the Ageo Stealer operates similarly, allowing hackers to access users’ credentials and personal information.

Additionally, some versions of the Trojan, like the Hexon Stealer, are even more dangerous. They can collect a wide range of data, including saved passwords, credit card information, and Discord tokens, which hackers can use to further compromise victims’ accounts, as reported by MalwareBytes.

The stolen information often includes contact details for the victim’s friends, which criminals use to trick other users into believing they are communicating with a trusted friend. This emotional manipulation helps the scammers spread their malicious campaigns even further.

MalwareBytes says that the ultimate goal of these scams is financial gain. The hackers hope to either directly steal money or use the stolen information for fraudulent activities. If you’ve fallen for this scam, MalwareBytes says it’s crucial to keep an eye on your bank accounts and cryptocurrency wallets.

Recognizing these fake game sites can be challenging, but there are common signs to look out for. MalwareBytes says that many of the fraudulent websites use a template, which cybercriminals can easily modify to suit their needs. These sites are often hosted on unreliable platforms and are protected by services like Cloudflare, making them hard to take down.

MalwareBytes adds that some scams even use popular platforms like Blogspot to host their malicious sites, although these sites still follow a recognizable template.

MalwareBytes suggest that to protect yourself, always use up-to-date anti-malware software, and verify any suspicious messages from “friends” via other communication channels. Avoid downloading files from unsolicited messages, and stay cautious when asked to install something unexpectedly.