Starfield themed malware blasts off

A security researcher found trojanized Starfield game installers uploaded to VirusTotal that are remote access trojans masquerading as the game; the sample (hash ea6af173a3577fa192821f746d701365b759689eb3562ad546230f6da99a18ae) contacts three C2 domains (blank-cbxur.in, blank-jvqsr.in, blank-o7mwe.in), disables Microsoft Defender protections, performs hardware reconnaissance, and attempts to steal Discord tokens. The report warns users against pirated downloads and notes low antivirus detection for at least one sample.