![]() Some of the fake app’s Twitter page images were also directly taken from the legitimate app’s social media page, and was just created in October 2022 - relatively new compared to the legitimate app’s account, which was created in 2021. We checked the website’s background and found that the fake app’s page was only created in January 2023, and all the graphics and text were lifted directly from a different P2E app’s website. A quick search online showed the website being heavily promoted on Twitter. Our sensors picked up on the high-risk samples for analysis during a routine check a closer inspection revealed the website worldofcreaturesio connected to the sample. Once the malware executes, specific pieces of information stored in the device are stolen as soon as the user inputs their respective password in the GUI prompt. The Twitter account and the websites are just fronts to entice users to download MacStealer. Unlike other fake app routines that redirect users while infecting devices, the cybercriminals took no pretense to create a game and simply copied from existing P2Es. The threat actors behind the malware pose as a legitimate game company looking for testers and enticing potential victims to download their app. The malware is currently spreading via third party websites using images and graphics ripped off from real P2E applications, and promoted on social media and messaging platforms Twitter, Discord, and Telegram. ![]() We have since discovered that MacStealer's source code has been leaked via an online public scanning service. Our analysis was done on the original reported sample. ![]() We posted a warning for users to avoid this threat early this article discusses the technical details of the malware and the distribution techniques that threat actors use to infect devices and steal users’ information. We analyzed a Mac malware called MacStealer (detected by Trend Micro as ), a cryptocurrency wallet and information stealer disguised as a plagiarized version of a legitimate play-to-earn ( P2E) game app.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |