Insikt Group’s cybersecurity analysts recently disclosed details about a new malware campaign designed to target both macOS and Windows users. The malware exploits the growing popularity of blockchain-based gaming in an attempt to steal sensitive information and generate financial profit.
This operation, dubbed “Web of Deceit: The Rise of Imitation Web3 Gaming Scams and Malware Infections,” is suspected to be orchestrated by Russian-speaking hackers, based on evidence found in the HTML code. To entice potential victims, the perpetrators create fake social media accounts to add credibility to their fraudulent activities.
Once the malware is installed on a victim’s device, it deploys various types of infostealer malware, including Atomic macOS Stealer (AMOS), Stealc, Rhadamanthys, or RisePro, tailored to the victim’s operating system. Private data, such as the user’s operating system type, user-agent, IP address, and browser-connected crypto wallets, are extracted and sent to a pre-configured Telegram channel established by the threat actors, which operates in Russian.
This allows the hackers to access and exploit the stolen information for their nefarious purposes.