Thomas Daniels

Published On: 16/01/2024
Share it!
Web3 Gaming Scam Exposed: Developer Unmasks Sophisticated MythIsland Download Scheme
By Published On: 16/01/2024

A recent disclosure by a software engineer unveiled an elaborate scam involving game downloads, particularly targeting web3 gaming platforms. This scheme was initiated through a message from a now-inactive Twitter account, @ameliachicel, offering a job. The role was for a Solidity developer for a web3 game named MythIsland, with its details on a professional-looking website, mythisland[.]io.

The site featured striking visuals and active links, presenting an in-depth overview of the game, encompassing its digital economy and NFT components. The project team, appearing fully disclosed, added a sense of trustworthiness. This incident gained prominence when 0xMario, an independent developer and victim of the scam, shared it online, leading to a surge in similar scam reports.

Subsequent discussions about the game and the job offer moved to Telegram, involving interactions with supposed team members. The deception escalated when the developer was prompted to download a launcher to test an alpha version of MythIsland.

Opting for safety, the developer used a virtual Windows environment for the launcher, which seemed authentic with its high-quality graphics and typical interface. However, a request to update the .NET Framework emerged when registering, signaling something amiss.

Upon reporting this to the alleged team, the developer was advised to try a different Windows computer. The same error on another laptop led to the scammers deleting all communications and blocking the developer, likely realizing their failure to compromise the systems.

The developer prudently treated the second laptop as compromised, planning to erase it entirely. Intriguingly, the scammers had elaborately constructed their social media presence on Telegram and Instagram, with one even claiming past employment at Cosmos Network.

This event highlights cautions issued by blockchain security experts about downloading files, especially executables and scripts. They recommend using virtual machines or disposable computers for such activities, or safer alternatives like Google Docs for sharing documents.

source