CyberSecurityBoard
Sponsor Register Login

New Arcane infostealer infects YouTube, Discord users via game cheats

A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers. The campaign distributing Arcane Stealer relies on YouTube videos promoting game cheats and cracks, tricking users into following a link to download a password-protected archive. Previously, the attacks used another stealer malware family called VGS, a rebranded version of the Phemedrone trojan, but they switched to Arcane in November 2024. The Arcane malware campaign started in November 2024, having gone through several evolutionary steps, including primary payload replacements. According to Kaspersky, the malware has no links or code that overlaps with the Arcane Stealer V, which has been circulating on the dark web for years. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. All conversations and public posts by its operators are in Russian, with Kaspersky's telemetry showing that most Arcane infections are in Russia, Belarus, and Kazakhstan. Kaspersky also found recent changes in the distribution method, including the use of a fake software downloader, supposedly for popular game cracks and cheats, named ArcanaLoader. Kaspersky comments that Arcane's broad data theft makes it stand out in the populous infostealer space. Arcane also captures screenshots that can reveal sensitive information about what you are doing on the computer and retrieves saved Wi-Fi network passwords. This is particularly notable, as most threat actors based in Russia typically avoid targeting users within the country and other CIS nations to prevent conflicts with local authorities. Even though Arcane currently has specific targeting, its operators could expand it to cover additional countries or themes.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 19 Mar 2025 17:55:04 +0000


Cyber News related to New Arcane infostealer infects YouTube, Discord users via game cheats

New Arcane infostealer infects YouTube, Discord users via game cheats - A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers. The campaign distributing Arcane Stealer relies ...
3 hours ago Bleepingcomputer.com
Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla - Security experts advise users to be extremely cautious when downloading supposed game cheats or cracks from YouTube videos, particularly those that require extracting password-protected archives or running batch files. The malware, discovered in late ...
8 hours ago Cybersecuritynews.com
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters | Imperva - In recent research on compromised and malicious PyPI packages, Imperva Threat Research has identified an ongoing malware campaign specifically targeting Roblox hackers. Over time, vast communities have assembled on various platforms such as Reddit, ...
5 months ago Imperva.com
Regenerate and Conquer: Wolverine's Real-Time Damage System to Dominate the Gaming Landscape - Marvel's Wolverine has leaked details which suggest that the game will use advanced features, even those that are not available on current PlayStation 5 hardware, to play the game. In the recent Insomniac data breach, a new rumour has been ...
1 year ago Cysecurity.news
Discord adds Security Key support for all users to enhance security - Discord has made security key multi-factor authentication available for all accounts on the platform, bringing significant security and anti-phishing benefits to its 500+ million registered users. The popular social platform first highlighted the ...
1 year ago Bleepingcomputer.com
Hijacked: How hacked YouTube channels spread scams and malware - As one of today's most popular social media platforms, YouTube is often in the crosshairs of cybercriminals who exploit it to peddle scams and distribute malware. Thefts of popular YouTube channels up the game further. By extending the reach of the ...
8 months ago Welivesecurity.com
YouTube warns of AI-generated video of its CEO used in phishing attacks - The description of the video linked in the phishing emails asked those who open it to click a link that brings them to a page (studio.youtube-plus[.]com) where they're asked to "confirm the updated YouTube Partner Program (YPP) terms ...
2 weeks ago Bleepingcomputer.com
Bloomberg Crypto X account snafu leads to Discord phishing attack - The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link ...
1 year ago Bleepingcomputer.com Scattered Spider
Hackers Breach Steam Discord Accounts, Launch Malware - On Christmas Day, the popular indie strategy game Slay the Spire's fan expansion, Downfall, was compromised, allowing Epsilon information stealer malware to be distributed over the Steam update system. Developer Michael Mayhem revealed that the ...
1 year ago Cysecurity.news
YouTube Not Working on iPhone? Here's How to Fix It - If the YouTube app on your iPhone is crashing or will not open, there are various fixes you can try, such as force quitting the app, rebooting your device, and updating its version. Restarting your device provides a fresh start and can address minor ...
1 year ago Hackercombat.com
Fragging: The Subscription Model Comes for Gamers - The video game industry is undergoing the same concerning changes we've seen before with film and TV, and it underscores the need for meaningful digital ownership. Twenty years ago you owned DVDs. Ten years ago you probably had a Netflix subscription ...
1 year ago Eff.org
Apex Legends pro tourney canned following cheaty cyberattack The Register - Esports pros competing in the Apex Legends Global Series Pro League tournament were forced to abandon their match today due to a suspected cyberattack. In the early hours of Monday morning, two professional Apex Legends players competing in two ...
1 year ago Go.theregister.com
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters | Imperva - In recent research on compromised and malicious PyPI packages, Imperva Threat Research has identified an ongoing malware campaign specifically targeting Roblox hackers. Over time, vast communities have assembled on various platforms such as Reddit, ...
5 months ago Imperva.com
Game mod on Steam breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
1 year ago Bleepingcomputer.com
Steam game mod breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
1 year ago Bleepingcomputer.com
Google to crack down on third-party YouTube apps that block ads - YouTube announced yesterday that third-party applications that block ads while watching YouTube videos violates its Terms of Service, and it will soon start taking action against the apps. Google exposes numerous APIs allowing developers to integrate ...
11 months ago Bleepingcomputer.com
What is Word Unscrambler In Gaming? - Are you tired of getting stuck on those tricky word puzzles in your favourite mobile game? Have you ever wished for a tool to help unscramble those seemingly impossible words? Look no further because the word unscrambler is here to save the day! This ...
2 years ago Hackread.com
Protect your Discord account with a Security Key - Users of the chat app Discord may now protect their accounts using security keys. The developers of Discord have added the option to the existing arsenal of multi-factor authentication options that the service supports. Discord users are encouraged ...
1 year ago Ghacks.net
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Ransomware attack on indie game maker wiped all player accounts - A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. Ethyrial: Echoes of Yore is a free-to-play old-school MMORPG developed by indie game ...
1 year ago Bleepingcomputer.com Metaencryptor Black Basta
Latest Adblock update causes massive YouTube performance hit - Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension. Adblock and Adblock Plus are two ad blockers created by the same developer for ...
1 year ago Bleepingcomputer.com
GTA Online Bug Grants Players the Ability to Ban Corrupt Accounts - A new bug discovered in the popular game “Grand Theft Auto Online” (GTA Online) has granted players the ability to ban corrupt accounts. The exploit was discovered by a group of players who had been frustrated by the fact that some players were ...
2 years ago Bleepingcomputer.com
Ukrainian Raccoon Infostealer Operator Extradited to US - A Ukrainian national charged with operating the Raccoon Infostealer malware-as-a-service has made an appearance in a US court after being extradited from the Netherlands. The man, Mark Sokolovsky, 28, was arrested in March 2022, after the FBI and law ...
1 year ago Securityweek.com
How Hackers are Auctioning Off the Alleged Source Code for League of Legends - An alarming security risk has surfaced as hackers are auctioning off an alleged source code for the popular video game League of Legends (LoL). It is reported that the hackers have accessed this code through illegally obtaining administrator access ...
2 years ago Bleepingcomputer.com
New FrigidStealer infostealer infects Macs via fake browser updates - Windows users get an MSI installer that loads Lumma Stealer or DeerStealer, Mac users receive a DMG file that installs the new FrigidStealer malware, and Android users receive an APK file that contains the Marcher banking trojan. FakeUpdate ...
1 month ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)