New Realst malware targets PC and Mac users through blockchain-based games, harvests confidential data

Security researchers have uncovered a new piece of malware, named Realst, that targets both PCs and Macs, including those running the macOS 14 Sonoma iteration, currently in beta testing. The discovery follows the emergence of the ShadowVault Malware as a Service, which is sold online and ready for use. The new malware was identified by security researcher iamdeadlyz and the SentinelOne team.

Realst disguises itself as blockchain-based games to infiltrate the systems of unsuspecting users. The malware is hidden within games such as Olymp of Reptiles, Brawl Earth, WildWorld, Dawnland, Destruction, Evolion, Pearl, and SaintLegend. Each game is accompanied by an official website, a Discord channel with several hundred users, and a Twitter account with a significant following, all of which serve to give the games a veneer of legitimacy and deceive targeted users.

While these games are real and playable, they come with a hidden threat. Once installed, the embedded Realst malware is capable of harvesting confidential data. This includes passwords stored by Google Chrome, Mozilla Firefox, Brave, Vivaldi and Opera browsers. The malware is particularly focused on gaining access to users' cryptocurrency accounts.

So be aware when installing such games, do your due diligence before installing anything outside the official Mac App Store in order to stay safe.