A new malware variant, disguised as a game cheat named “Cheat Lab,” has emerged, enticing gamers to unwittingly spread infostealer malware, known as Redline. This malicious software is adept at harvesting sensitive data from infected systems, including passwords and cryptocurrency wallet information. Despite its association with Redline, this variant diverges from typical behaviors, raising concerns about its potential for widespread damage.
McAfee researchers have identified Lua bytecode as the tool of choice for this malware’s stealth capabilities, allowing it to infiltrate legitimate processes undetected. The malware leverages deceptive tactics, distributing itself through URLs linked to Microsoft’s GitHub repository under the guise of demo cheating tools. Once installed, the malware establishes persistence on the system and communicates with a command and control server, awaiting instructions for further malicious activity.
One alarming aspect of this campaign is its social engineering element, promising users a fully licensed copy of the cheating program if they convince their friends to install it as well. This tactic not only spreads the malware exponentially but also adds a layer of legitimacy to the initial lure. Despite the distribution method not being definitively determined, the prevalence of infostealers underscores the importance of exercising caution when downloading software, even from seemingly reputable sources.
