Info-stealers distributed through phony ‘Cthulhu World’ project

Info-stealing malware AsyncRAT, Raccoon Stealer, and RedLine, are being deployed by threat actors through a fraudulent play-to-earn gaming community dubbed 'Cthulhu World,' which includes websites, social accounts, and a Medium developer site, as well as Discord groups, BleepingComputer reports. Attackers have been promoting Cthulhu World through direct messages to Twitter users asking them to test and promote the new game in exchange for a reward in Ethereum, said cybersecurity researcher iamdeadlyz, who first identified the malware distribution campaign. While the fake P2E game's website, which has already been taken down, shows an interactive map of the game, it was later found to be a copy of the Alchemic World project and clicking an arrow in the site's upper-right hand corner would redirect users to a webpage seeking a code for an "alpha" test download. Inputting any of the access codes would prompt downloads of any of three files from DropBox, which result in the installation of the info-stealing malware. Immediate antivirus scans and password resets have been advised for anyone who has visited Cthulhu World and downloaded any of the project's software.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.