Summary
- Malicious actors are taking advantage of the excitement surrounding GTA 6 pre-orders by targeting PC and mobile users with fraudulent applications.
- As per NordVPN's findings, attackers are replicating popular piracy sites to spread counterfeit game packages embedded with malware.
- While there are speculations about GTA 6 incorporating cryptocurrency, these claims remain unverified as the game's November release approaches.
Cybercriminals are leveraging the heightened anticipation for Grand Theft Auto 6, inundating the online space with phishing schemes and malware-laden repacks ahead of the much-anticipated November launch.
Research conducted by NordVPN’s Threat Intelligence team reveals that these malicious actors have swiftly moved to exploit the buzz surrounding the potential opening of pre-orders, using it as a chance to extract sensitive information from unsuspecting victims—or worse.
The threats range from basic phishing websites to advanced malware campaigns targeting platforms that may not even support the game at launch, according to NordVPN. The company emphasized that various forms of threats are emerging for gamers.
While the VPN provider’s researchers found campaigns aimed at PC and mobile users—platforms where the release of GTA 6 is not confirmed—several sites are advertising “exclusive beta keys” for PS5 and Xbox Series console owners. In some instances, users looking for access are asked to pay for subscriptions or download software.
NordVPN CTO Marijus Briedis highlighted how cybercriminals often exploit the fear of missing out (FOMO). "When individuals are eager for early access to something, they tend to let their guard down," he stated. "That’s the opportunity attackers seize."
Additionally, some cybercriminals are targeting gamers who wish to obtain Rockstar Games’ upcoming title for free: NordVPN discovered numerous clones of established piracy websites designed to distribute malware masquerading as game files for Windows systems.
In one case, executing a fraudulent package activated a harmful file disguised as an Nvidia graphics driver, which covertly enabled cybercriminals to modify a device's memory, download additional malware, and receive remote commands, according to NordVPN.
Moreover, a counterfeit Android app—which does not contain the actual game—exploits the game's branding to display full-screen advertisements. Users of the app are also directed to websites encouraging subscriptions or the download of additional malware, as stated by NordVPN.
Lastly, NordVPN reported tracking “hundreds of amateur phishing pages” aimed at capturing Rockstar Social Club credentials through fake login forms. The firm pointed out that these accounts can be resold on the dark web or utilized for in-game fraud.
Researchers from the company traced one counterfeit GTA 6 app for Android users back to a domain known for distributing banking trojans, ransomware, and infostealers—which pose a significant risk to cryptocurrency holders who protect their assets with private keys.
Although rumors have circulated for years about GTA 6 incorporating cryptocurrency, these assertions have not been substantiated as the game nears its November release. Nevertheless, Bitcoin gained traction in connection to the game when a trailer was manipulated and leaked several years ago.