- Network analyst iamdeadlyz thinks this is a huge scheme. Attackers use fake GameFi projects to distribute them.
- When installing the client of such a game on the device, a malicious block of files and several scripts are unpacked.
- This way, hackers gain access to all of the user’s personal information, including keys to cryptocurrency wallets.
A cybersecurity expert with the pseudonym iamdeadlyz reported finding malware on macOS devices. The program is called Realst, and it aims to steal personal data about users’ accounts and cryptocurrency wallets.
The application is written in the Rust programming language. Attackers use fake Play-to-Earn (P2E) games to distribute them.
“Before this, I was asked about a project called Pearl Land Metaverse. The funny thing is that it’s the same game I’ve exposed before – PureLand, but with a different name,” the expert noted.
In his report, he cited several other examples – Destruction, Evolion, Olymp of Reptiles, Brawl Earth, WildWorld, Dawnland and SaintLegend. These are all fake projects, but each has a separate website, as well as Twitter and Discord pages.. Those are offered the opportunity to test the new game for a fee. This was also confirmed by another user under the pseudonym 0xGuy.
He downloaded the game Brawl Earth and 10 minutes later his wallet was zeroed out. The incident occurred back in late May 2023.
According to iamdeadlyz’s findings, Mach-O and three related scripts are unpacked when installed on the device:
These scripts are needed to hack and siphon personal data. The malware targets various browsers and marketplaces.
The exact scope of the scheme is not yet known. However, the group of attackers put significant effort into orchestrating the process, which could indicate a huge potential damage, according to analysts at Sentinel One platform.
Remember, in early July, we covered a report from the Binance exchange that hackers’ behavior had changed. They’ve shifted their focus from protocols to end users.