Grand Theft Auto VI (GTA VI) fans are being targeted by a sophisticated phishing scheme involving fake beta download ads circulating on social media platforms. Bitdefender researchers have uncovered a series of deceptive Facebook ads promising early access to a non-existent GTA VI beta, designed to lure users into downloading malware disguised as game installation files. These ads exploit the anticipation surrounding the highly anticipated game, which Rockstar Games has slated for release in Autumn 2025 for PS5 and Xbox Series.
The fraudulent ads are particularly deceptive, showcasing stolen gameplay footage and convincing visuals to create a false sense of authenticity. They promise early access to the GTA VI beta for the first 100 respondents, creating an urgency that lures users into clicking the ads. Once users engage with the ad, they are redirected to a fake download page that closely mimics a legitimate site. This page prompts users to download an ‘exclusive beta client’ or complete a survey to gain access. Instead of receiving a genuine beta version of the game, users inadvertently download malware that mimics the installation process of the GTA VI installer.
Security researcher Andrei Mogage has analyzed the malware distributed through these ads and found it to be a variant of FakeBat loader. This malicious software is designed to deploy additional payloads, including info-stealers and remote access tools (RATs), by utilizing PowerShell scripts. The malware establishes a connection with a command-and-control server, allowing attackers to gain control over the victim’s system. The malicious domains associated with these ads were created on June 27, 2024, and also hosted other scams, including Ethereum frauds. The ads predominantly targeted users in various European countries, including France, Poland, Romania, Germany, Spain, Hungary, Italy, Greece, the Netherlands, and Sweden.
While the specific malicious ads have been removed as of July 19, 2024, the incident highlights ongoing security concerns related to social media platforms, particularly Facebook, which has a history of approving harmful advertisements. Previous instances include ads promoting investment scams, malware, and phishing schemes. To safeguard against these types of scams, users are advised to be cautious of sponsored ads offering unrealistic promises or early access to highly anticipated games. It is crucial to download games only from official sources, such as the developer’s website or reputable retailers, and to be wary of unsolicited communications and dubious download links. By staying informed and cautious, users can better protect themselves from falling victim to these elaborate and deceptive schemes.
Reference:
