“Can you try a game I made?” Fake Game Sites Lead to Information Stealers

Malwarebytes reports an active campaign where attackers lure victims with fake videogame beta invites (via Discord DMs, SMS, or email) and host passworded archives on services like Discord CDN, Dropbox, Catbox, and Blogspot. The downloaded installers (NSIS/MSI) deliver information-stealing trojans — notably Nova Stealer, Ageo Stealer, and Hexon — that exfiltrate Discord tokens, browser credentials/cookies, autofill data, credit card details, 2FA backup codes, and cryptocurrency wallet data; the report includes example templated fake sites and a list of known malicious download domains and mitigation advice.