As the recent GTA 5 release made headlines worldwide and even increased the number of “sick” employees as workers stayed home for the game, cyber-criminals launched their own exquisite offer of bogus serials, kits and beta versions.
The fake websites are disseminated worldwide, and some are hosted on Russian domains. Considering the global interest for the game, malware writers and fraudsters crafted the baits in English, then redirected gamers to dubious websites that identified their IP and delivered the scam in their native language.
Our colleagues at the Bitdefender Labs in France discovered an interesting detail at one website offering GTA serials.Â To give the scam more legitimacy, cyber-criminals take advantage of the reputation of antivirus companies and pretend to offer a free security scan.
When gamers click the download button, they are redirected to the bogus antivirus scan that will allegedly prove the website is secure. Of course, the “analysis” only takes a couple of seconds and no antivirus company (Bitdefender included) finds any problem. Tech-savvy users may also spot that scammers used an old Bitdefender logo, which was replaced by a new one almost three years ago.
After the fake antivirus scan, gamers in search of their much-awaited serial are redirected to another scam. “Complete a short survey to get GTA 5 serial”, the web site reads. The surveys include questions such as “Coke vs Pepsi! Which Soda is your Favorite?” and “iPad retina vs iPad Mini! Which is better?”
Other scammy websites that Bitdefender blocks with a fraud warning propose downloads for Facebook customization and Starbucks gift cards. Users are asked to give away their personal information, which may further trigger identity theft. They may also be subscribed to pay for services they didn’t want.
Here’s the scam analysis from the Bitdefender France Laboratories:
First Case – Fake Download
If users manage to get to the famous serial generator, they end up on an executable file with a “download” button. When clicking it, a fake progress bar becomes active to simulate an alleged progression of the download. In the end, gamers receive a pop-up with a “thank you” message, but never get to see the actual GTA serial.
Second Case – Social Scam
The other file that has been tested is malicious and was crafted to grab personal information, including Facebook credentials. Bitdefender has detected the malware as Trojan.Keylogger.MWP.
A week ago, the Bitdefender Laboratories in France also discovered that impatient gamers were infected with another Trojan while trying to download free GTA kits on torrents and peer-to-peer networks.
Users are advised to disregard GTA copies “accidentally” leaked on the Internet, as they are probably fake, leading to fraudulent or malicious websites. Bitdefender recommends gamers keep their security solution and other software updated to avoid malware infections, phishing and fraud.
Grand Theft Auto V was released on 17 September for the PlayStation 3 and Xbox 360 consoles. Thousands of employees took the day off work “sick” to queue for a copy of the much-awaited Rockstar game. The new title in the series is expected to smash previous records, reaching over 25 million copies in its first year and generating Â£1bn worth sales.
This article is based on the technical information provided courtesy of Tristan Vanel, Malware Analyst at the Bitdefender Laboratories in France, and the writing skills of David Sygula, Bitdefender Social Media Manager in France.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.