Viruses disguised as blockchain games have targeted macOS and Windows

According to IT experts, cybercriminals have created more than a dozen variations of the virus in the form of blockchain games only for macOS-based devices

Devices based on Windows and macOS operating systems are at risk of a new virus, which is hidden under the guise of blockchain games. This drew the attention of an IT security expert under the pseudonym iamdeadlyz.

He found out that a virus called RedLine Stealer (on macOS devices it is known as Realst) steals victims' data under the guise of blockchain games Brawl Earth, WildWorld, Dawnland, Destruction, Evolion, Pearl, Olymp of Reptiles and SaintLegend. Sometimes scammers use other programs to steal data, such as Raccoon Stealer and AsyncRAT.

To lure victims, scammers create a whole network of projects, advertising them through Twitter and Discord. The virus itself hides in a video game installer that cybercriminals distribute through websites.

Who exactly is behind the scheme is unclear. However, iamdeadlyz noted that there are comments in Russian language in the source code of the scripts on the cybercriminals' websites. The extent of infections remains unclear, but the expert found out that there are already 16 varieties of the virus for macOS devices. What's more, the malicious software is even capable of infecting a version of macOS 14 Sonoma that is still under development.

As a result of infecting the computer, the virus steals the victim's data from Firefox, Chrome, Opera, Brave, Vivaldi browsers. The virus also targets cryptocurrency browser extensions like MetaMask, Trust Wallet, Binance Wallet, Phantom, TronLink, and so on. It is noteworthy that in the cases studied by the analyst, the Realst virus for some reason did not attack Safari browsers, but hunted for data from the desktop version of Telegram.