Pretend blockchain video games, which are being actively promoted by cybercriminals on social media, are literally designed to contaminate the computer systems of unsuspecting Mac customers with cryptocurrency-stealing malware.
Safety researcher Iamdeadlyz was the primary to describe how Web3 play-to-earn video games with names similar to “Brawl Earth”, “WildWorld”, “Dawnland”, “Destruction”, “Evolion”, “Pearl”, “Olymp of Reptiles”, and “SaintLegend” – have been aggressively promoted through web sites, “verified” Twitter accounts, and Discord channels within the hunt for victims.
The attackers have even used non-public direct messages to supposed targets, providing purported “entry codes” permitting obtain of the pretend video games. In all probability, victims are being chosen based mostly upon their enthusiasm for all issues cryptocurrency-related.
The newest model of the Mac malware, which has been named “Realst”, even works on the macOS 14 Sonoma, which hasn’t even been formally launched but – indicating that the risk continues to be actively developed by its creators.
As soon as put in, Realst steals data from victims’ Firefox, Chrome, Opera, Courageous, and Vivaldi internet browsers, in addition to cryptocurrency wallets, and sends it again to the cybercriminals. On the time of writing, the Safari browser seems to not be focused by the malware.
Safety researchers at SentinelOne, who’ve additionally examined the Realst malware, say that they’ve identified 16 distinct variants of the threat for macOS.
A Home windows model of the malware, often known as “RedLine Stealer”, has additionally been distributed.
Clearly the perpetrators of this malware marketing campaign are banking on investor’s enthusiasm to earn free cryptocurrency over-riding their commonsense.
Discovered this text attention-grabbing? Follow Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we publish.
