Infected by GTA 5 Cheats: How an Infostealer Infection Unmasked a North Korean Agent

This report describes how a LummaC2 infostealer infection on a machine operated under an Indonesian front exposed a suspected North Korean (‘fake IT worker’) campaign: stolen CDN credentials, administrative access to scam panels, multiple segregated crypto wallets (one with ~$65k), tooling for deepfakes and identity synthesis, and detailed search/history artifacts that map an industrial-scale fraud operation and proxy “IP seasoning” tradecraft.