"Fake 'Cthulhu World' P2E Project Used to Push Info-Stealing Malware"

Hackers have set up a fake 'Cthulhu World' play-to-earn community, with websites, Discord groups, social accounts, and a Medium developer site, to infect unsuspecting victims with the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware. Scammers and threat actors are increasingly targeting these new platforms for malicious activities as play-to-earn games gain popularity. This is a new malware distribution campaign discovered by cybersecurity researcher iamdeadlyz, in which threat actors created an entire project to promote a fake play-to-win game called Cthulhu World. To promote the "project," threat actors are sending direct messages to Twitter users, asking if they want to test their new game. According to the researcher, the threat actors promise a reward in Ethereum in exchange for testing and promoting the game. When visiting the Cthulhu World site, users will see a well-designed website containing information about the project and an interactive map of the game's environments. This site, however, is a clone of the legitimate Alchemic World project, which has warned users to avoid the fake project. The Cthulhu World website also has a significant difference. When a user clicks on the arrow in the upper right-hand corner of the site, the visitor is directed to a page that requests a code in order to download the project's "alpha" test. Threat actors share these codes with potential victims via Twitter direct messages. Depending on the code entered, one of three files from DropBox will be downloaded. Each of the three files installs a different piece of malware, allowing threat actors to pick and choose how they want to target a specific user. This article continues to discuss the fake Cthulhu World play-to-earn project developed to distribute information-stealing malware.

Bleeping Computer reports "Fake 'Cthulhu World' P2E Project Used to Push Info-Stealing Malware"