A supply chain attack compromised the official installer for the game "Do at Night Abyss," delivering the open-source Umbrel Stealer malware. This info-stealer exfiltrates browser cookies and session data via Discord webhooks, enabling account takeover even on sites with 2FA, as it captures active authenticated sessions. The article highlights the broader risk of such attacks in the gaming sector but does not provide specific CVSS scores, affected software versions, patch details, or interim workarounds.
An update to Duet Night Abyss quietly installed an UmbralStealer Infostealer Malware on users computer, what the company characterized as an "abnormal login" issue. Games are often the target of Malware with Discord Webhooks. Try Any.Run and analyze malware on Mac (sponsor): https://any.run/features/?utm_source=youtube_pc_security_channel&utm_medium=video&utm_campaign=7zip_malware&utm_content=features&utm_term=240226#contact-sales Buy the best antivirus: https://thepcsecuritychannel.com/best-antivirus Join the discussion on Discord: http://discord.tpsc.tech/ Get your business endpoints tested by us: http://tpsc.tech/ Contact us for business: https://thepcsecuritychannel.com/contact