DANGEROUS Discord SCAM spreads to itch.io!

Popup (BANNED) - http://gamedev2021.itch.io/crystal-islands

There has been a resurgence of the “feedback on my game” scam across Discord, in which the scammer will pose as a game developer to try and get victims to download their “game” Crystal Islands in exchange for feedback. The program, however, contains several trojans designed to hijack the victim’s account and use it to further spread the scam to other victims.


Luckily for users, the itch.io download page for the game appears to have been removed for containing said malware. However, use caution if you find such a game on another digital storefront, such as Steam or GoG.

Yah I have received a sample of it as well, it looks like an old repackage (change date is 17th July)
Btw the samples I got are VirusTotal and VirusTotal (no don’t ask for them from me, I am not sending you any malware you freak)
Also the kids stopped putting music into it. To you, levidev or whoever you are: you are mean, I like listening to music while working, add some music next time, please.

I got sent this and fell for it since they disguised as my friend. Discord is working on getting my account back but there didn’t seem to be any viruses with the download and the PC doesn’t seem to be finding any? Am I OK to continue as normal with a new discord account? I changed some passwords since, too.

1 Like

When dealing with malware it’s always recommended to backup ALL of your data you may need to a new blank media (such as an empty flash drive or a DVD) and then remove the OS entirely and start fresh as you never know what’s lurking around.

But from a personal opinion (don’t take me for the word, like ever) it should be fine as long as you remove Discord fully and then install again, these malware samples are relatively tame compared to what could actually end on your PC. You also may want to upload the sample (program) you got hacked by into some multi-AV service like Virustotal (ON A SEPARATE COMPUTER THAT YOU DON’T MIND GETTING COMPROMISED AS THERE IS STILL A POSSIBILITY OF THAT HAPPENING) and post the detection link here. It will make many malware analysts’ job much easier and may actually help you not get hacked again in the future.