The security thread
Out of context: Reply #33
- Started
- Last post
- 39 Responses
- sted0
A game named Valorant, which is currently under development and runs on Windows systems, is being used as bait in a campaign that targets Android devices. In the campaign, YouTube videos are being used to promote what is alleged to be mobile version of the game, available for Android and iOS devices. The videos are complete with fake user reviews and comments. Potential victims are directed to a website that is a spoofed version of the actual Valorant site. Two download links are provided on the spoofed site, one for iOS version, the other for the Android version. If the iOS link is clicked, the user is redirected to an affiliate site. If the Android link is clicked, and the Android device is configured to allow installation of apps outside of Google Play, the fake app will be installed. When the app is executed it imitates the game's loading screen but informs the victim the game needs to be unlocked which requires downloading another two apps. If the infection process is completed and the Android.FakeApp.176 payload is installed, the victim is redirected to the same affiliate site the iOS devices are directed to.