Application security, Threat Management

RedLine stealer spread using Valorant gaming cheat lures

Threat actors have been leveraging cheat lures for the Valorant first-person shooter game to distribute the RedLine information stealer, according to BleepingComputer. Researchers from ASEC discovered that Valorant players are being lured by YouTube videos offering Valorant cheats that could be used from an auto-aiming bot available in the video's description. However, attempted downloading of the file will prompt redirection to an anonfiles page with a RAR archive featuring the "Cheat installer.exe" executable, which is a RedLine stealer copy. RedLine stealer does not only exfiltrate basic data including computer names and IP addresses, but also steals information from web browsers, cryptocurrency wallets, and VPN clients, as well as other apps and programs, such as Discord, Steam, FileZilla, and Minecraft, researchers said. They added that data collected by the information stealer will be compiled in a ZIP archive before being exfiltrated through a WebHook API POST request sent to a Discord server.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.