An update to Duet Night Abyss quietly installed an UmbralStealer Infostealer Malware on users computer, what the company characterized as an "abnormal login" issue. Games are often the target of Malware with Discord Webhooks. Try Any.Run and analyze malware on Mac (sponsor): https://any.run/plans/?utm_source=youtube_pc_security_channel&utm_medium=video&utm_campaign=macos_announcement&utm_content=plans&utm_term=240326

Buy the best antivirus: https://thepcsecuritychannel.com/best-antivirus
Join the discussion on Discord: http://discord.tpsc.tech/
Get your business endpoints tested by us: http://tpsc.tech/
Contact us for business: https://thepcsecuritychannel.com/contact

YouTube

A supply chain attack on the indie game 'Night Abyss' delivered the Umbral Stealer, an open-source info stealer written in C that exfiltrates browser cookies and credentials via Discord webhooks. The malware bypasses 2FA by stealing active session cookies, potentially compromising all online accounts. The game developer downplayed the incident as an 'abnormal login.' The post explains how the stealer works, why gamers are high-value targets, and advises affected users to wipe their systems and reset all credentials. Windows Defender has a detection signature, but antivirus evasion remains trivial. The video is sponsored by ANY.RUN sandbox, which now supports macOS analysis.

Official Game Installs Malware