A GitHub page that pretends to be a PUBG bypass hack project has been discovered by Cyble Research and Intelligence Labs (CRIL). Users who download the project’s solution file unknowingly install a malicious information-stealing malware called “Legion Stealer.” This malware steals sensitive information from victims’ computers by manipulating settings, extracting data from the registry, and targeting web browsers.
Malicious actors have been using various tactics to deceive users on GitHub. They create repositories that appear useful or legitimate, but actually contain hidden malware and code. These repositories trick users into executing malicious code, leaving them vulnerable to malware infections. The CRIL report warns that using bypass hacks like these is against the game’s terms of service and can result in penalties, including temporary or permanent bans.
When users visit the deceptive GitHub page, they are prompted to download a file that contains different types of files, including source code and icons. However, one of the files, named “Karogour_BypasrcS.sln,” is actually a harmful executable file. When executed, it drops two other files in a hidden location on the user’s computer. One file opens in the Visual Studio editor to deceive the user, while the other runs in the background as the Legion Stealer malware payload.
PUBG bypass hacks are illicit methods used by players to gain an unfair advantage in the game. These hacks bypass the game’s security measures and anti-cheat systems, allowing players access to cheats like aimbots, wallhacks, and speed hacks. However, the use of bypass hacks is strictly prohibited by the game’s terms of service and can result in severe consequences.
GitHub, a reliable web platform for version control and software development, has become an attractive hub for malicious actors to disseminate malware and exploits. The platform’s collaborative nature can be exploited to trick users into downloading and executing hidden malware. To protect against such attacks, it is important to be cautious when downloading files and to stick to trustworthy sources. Regularly clearing browsing history, changing passwords, enabling automatic software updates, and installing reputable antivirus software are also recommended to minimize the risk of compromise.
In conclusion, the discovery of a deceptive GitHub page masquerading as a PUBG bypass hack project highlights the ongoing threat posed by malicious actors on platforms like GitHub. Users must remain vigilant when downloading files and take steps to protect themselves from malware and information theft.