The upcoming release of the highly anticipated Grand Theft Auto VI, scheduled for Autumn 2025 on PS5 and Xbox series, has created a buzz in the gaming community. However, this excitement has also opened the door for cybercriminals to exploit eager fans.
Recent reports from cybersecurity experts have uncovered a series of deceptive Facebook advertisements targeting GTA enthusiasts. These ads falsely promise early access to a GTA VI beta version for PC despite no such beta existing. The fraudulent promotions often feature enticing gameplay elements and unrealistic release dates, using footage that may have been obtained from previous security breaches.
A particular Facebook campaign, active for a few days in mid-July, offered supposed beta access to a limited number of users. This campaign targeted a wide age range across several European countries, using a recently created malicious domain that also hosted cryptocurrency-related scams.
Security researcher Andrei Mogage’s analysis revealed that the MSI file downloaded from these ads masqueraded as a legitimate GTA VI installer. This file, resembling the FakeBat loader malware, simulated the installation process and deployed malicious payloads and PowerShell scripts to download additional malware, such as info-stealers and Remote Access Trojans (RATs).
Intriguingly, the malicious files distributed through these ads were found to be non-functional, unable to carry out their intended harmful actions. By mid-July, the fraudulent ad campaign had been taken offline.
It’s crucial to remember that the game’s developer has not announced any beta testing for GTA VI. This situation serves as a reminder for gamers to remain vigilant against too-good-to-be-true offers, especially those related to highly anticipated game releases.
