SlowMist Detects Trojan in the Apocalypse Metaverse Game

SlowMist has conducted a security check on the file associated with the blockchain game and discovered a Trojan that can compromise Mac computers.

A horse breaking out from a computer screen
Apocalypse Metaverse has already gathered a community of followers eagerly anticipating the game's release.

Yesterday, the Web3 security firm SlowMist posted a warning about the Apocalypse Metaverse game on the X platform.

"The Apocalypse Metaverse game is a Trojan! It's the same old scam with a new face," the SlowMist team claims, adding, "Do not be tricked — no matter how slick the design is, feeling tempted could mean your wallet takes a hit."

VirusTotal Apocalypse Metaverse Scan
Source: SlowMist, VirusTotal

SlowMist shared the results of the security scan with the X community, which was provided by the cybersecurity platform VirusTotal. This tool allows users to analyze URLs, as well as IPs, and upload suspicious files for assessment.

Read also: Aave Pauses Assets on Avalanche, Polygon, Optimism, and Arbitrum

According to the VirusTotal report, "Fourteen security vendors flagged the Apocalypse Metaverse game file as malicious." Common threat labels used by cybersecurity tools like DrWeb, eScan, Kaspersky, AVG, Arcabit, Avast, BitDefender, ALYac, GData, Emisoft, and others, identified the threat as "trojan.stealer/amos."

SecureMac, a service specializing in the privacy and security of Mac devices, explains that "AMOS is a trojan capable of stealing various pieces of information from a macOS system, including iCloud keychain passwords, system information, browser cookies, and more."

Note that SlowMist's security experts likely conducted an analysis of the game's file. If you attempt to assess the game's website using the same tool, the website is likely to be labeled as "clean" by many scanners employed by VirusTotal.

SlowMist also mentions that the team received a tutorial on the installation of the infected file and was persuaded by the Apocalypse Metaverse developers that "the 'game' works." However, the mere presence of two ENS addresses, which are human-readable domain names associated with Ethereum wallet addresses, raises suspicion according to SlowMist.

In its posts about the trojan, SlowMist references the X account known as "Apocalypse Cool," supposedly the team behind the game. This account was created in January 2014 and had almost 11,000 followers at the time of publication.

Read also: Onyx Protocol May Be Acquired by Strike Finance

It is unclear at what official stage of development the game was during the time of this publication, as there have been no updates since September 14. However, on June 7, the team posted an announcement regarding the postponement of the release date, stating, "Due to difficulties with installing our servers on Amazon systems, we have to postpone the release by a certain date."

In the meantime, on November 6, SlowMist posted another warning on X. The blockchain security experts identified numerous phishing sites impersonating their own team.

"Scammers are pretending to be us and tricking users into buying fake tokens," SlowMist explained, emphasizing that the team "has never created a token and has no intention of doing so."