The mobile version of Valorant is set to release in Summer 2020, anything before that should be considered malware.
In October 2019, Riot Games announced the launch of a new game named “Valorant“ for June 2020 to be available on Microsoft Windows. A 2-month beta version was also available for certain users which just came to end about a day ago. With this, the statistics reveal that it happened to be very well received with over 3 million players every day.
However, capitalizing on this opportunity, malicious actors have also kicked in their schemes, one which has been uncovered recently by researchers at Doctor Web.
See: Hackers spread password stealer malware from YouTube comment section
What these threat actors are doing is that they are advertising a mobile version of the gaming app which, in reality, is a trojan as no real app of the game exists. To help convince users, several videos are being propagated on YouTube which falsely showcases the gaming experience on a smartphone.
One such example can be seen below:
Fake tutorials such as these as shown above take users through a series of steps in order to install the game. For example, firstly they would require users to install the trojanized game’s APK file from an online third party store such as apkworld[.]live.
Once installed, the fake game asks users to complete two offers before they can proceed which also requires the additional installation of two apps. Once these are done, it claims that the game will start working.
Image: Dr. Web
In another instance, as was identified by Doctor Web, viewers may be asked to download the app from a lookalike website of the real game project as shown in the photos below.
See: Counter-Strike 1.6 game client 0-day exploited to spread Belonard trojan
Regardless, the users are still redirected to install other malicious apps or participate in activities that are designed to make the malicious actors earn money.
