A new cybersecurity threat has emerged in the form of a malware campaign targeting users with fake web3 gaming projects. This Russian-language cybercrime operation aims to distribute infostealers across macOS and Windows platforms by mimicking legitimate gaming initiatives.
The malware, dubbed βWeb of Deceit: The Rise of Imitation Web3 Gaming Scams and Malware Infections,β leverages the popularity of blockchain-based gaming to lure victims into downloading malicious software. Cybersecurity analysts from Insikt Group uncovered this campaign and identified artifacts in the HTML code that suggest the threat actors may be based in Russia or the Commonwealth of Independent States.
The cybercriminals behind this operation create fake web3 gaming projects with minor changes to names and branding to appear authentic. They also establish fake social media accounts to add credibility to their scams. Once installed, the malware infects usersβ devices with infostealer malware like Atomic macOS Stealer, Stealc, Rhadamanthys, or RisePro, depending on the operating system.
This campaign specifically targets web3 gamers who may have weak cybersecurity practices, posing a significant cross-platform threat. The malware can adapt quickly to avoid detection, and variants like AMOS can target both Intel and Apple M1 Macs to steal cryptocurrency from desktop wallets or extensions.
After harvesting private data such as operating system type, user-agent, IP address, and browser-connected crypto wallets, the information is sent to a Telegram channel established by the threat actors. This latest malware campaign highlights the intersection of emerging technologies and social engineering tactics, emphasizing the need for enhanced cybersecurity measures among cryptocurrency users.
Stay informed about the latest cybersecurity threats and trends in the cryptocurrency industry to protect yourself from potential risks.