everything happened on discord
A person wrote to me in dm asking me to play his “game” so that I could review it later
he sent me the site where you can download the game and instead of the game there was only one file that caused some kind of java error and then this person who send the game send my discord data, search history and all my passwords from sites
the github page for the games site
https://playarenawarsgame.github.io/
password is ARENAWARS
video gameplay:
there was also github page of the game:
https://github.com/playarenawarsgame/playarenawarsgame.github.io
and even malware github page by the same guy:
https://github.com/playarenawarsgame/jhgfdsadsw/blob/main/kjhgvfcds.js
a person helped me partially deobfuscate the malware code and showed me these segments from it:
I checked netplwiz in run command and didn't find other suspicious users
it also installed a logger of some sorts, I deducted that from the malware's code and that screenshot
also in two suspicious programs were also found in the task manager in startup (Launcher and startApp.vbs)
inside startapp vbs was this: Set WshShell = CreateObject("WScript.Shell")
WshShell.Run "C:\Users\899A~1\AppData\Local\Temp\1cffed197ac052e9cb0c4c1e27c0e275.exe", 0
Set WshShell = Nothing
the path leads to nothing
What do I do now?
