Skip to main content

Browse GamesGame JamsUpload GameDeveloper LogsCommunity
Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines
WompWomp312360 days ago(+4)

Got one today and I did an image search to contact the Devs, if you get one of these scams try to mess with them as much as possible to waste their time.

Reply
JordanPlayz158360 days ago(+5)

Just be careful, the initial payload, the setup is what steals your cookies, discord token, a screenshot of your screen, wallets (I assume crypto wallets by the file name), and apparently it... might try to download your desktop, documents, etc when looking at the files it creates/created then it also has a nodejs app which acts as a persistent rat, it is in your appdata temp, has the nodejs icon, it is run via the open vbs script and that is opened/called by a vbs script in your startup folder, so while it is easy to disable once you figure it out, it is not something you want to risk getting infected with either

Reply
NBTrouble276 days ago(+2)

Can just having the file mess with shit? they got me to download the file but i didn't install it because I woke up enough to understand wtf was going on

Reply
JordanPlayz158267 days ago(+2)

I don't think it should but you can always check your startup folder just to be safe. Also could you by chance send me the file and/or password? I found one of the new sites they use but they have it password protected and this time, they didn't provide the password on the page so I can't access the executable or see the domain they are exporting the data to (so I can report it to the domain registrar's and such)

Reply
Morfeel266 days ago(+2)

The password they told me was yomirabeta

Reply
Misfit Games293 days ago(+3)

Got one myself, and it was from a friend with a history of being hacked...so I had them do circles trying to prove their innocence. 

Reply
JordanPlayz158267 days ago(+2)

Could you let me know the url where they hosted the file? And if they gave you a password, could you let me know that as well so I can see the domain they are using and try to get it taken down

Reply
Misfit Games267 days ago(+1)

Unfortunately my friend's account has already been deleted, and I ended up hiding the profile thinking I wouldn't need to reference it anymore.
I'm sorry.

Reply
ariebe9115266 days ago (1 edit) (+2)

I found this game through image search I did on a scam link today

⚠️ Just a warning that the links below lead to a malicious file ⚠️

The link would be "sytodepth dot blogspot dot com/2025/03/sytodepth.html", password being "sytodepthfull", rar link would be "dropbox dot com/scl/fi/dz9xi4objv0dfzyneq8fi/SytoDepth.rar?rlkey=ktbkzih1g68tun29sadrav9z8&st=ot2ef4fa&dl=1"

Have fun analyzing the file, hope it helps you or your curiousity out, analyzed it in triage already and it does sussy wussy stuff

A shame people use game assets to promote a scam executable file

Reply
ObsidianGatorTM258 days ago (1 edit) (+2)

Just got sent one today from an old friend.
⚠️⚠️malicious files below
The link i was given was  "https://mulenugame dot blogspot dot com/2025/03/mulenu-game dot html" and the password given was "mulenubeta"

After this they sent a second link "https://www dot dropbox dot com/scl/fi/zfbncnd2hgison5p0ext8/Yomira dot rar?rlkey=3pgpvtdohb3mnbj1ybjvj33qs&st=9lzhcou2&dl=1" and the password for this one was "yomirabeta"

Reply
AboutFAQBlogContact us
Copyright © 2025 itch corp · Directory · Terms · Privacy · Cookies