*TL;DR*
Someone on Twitter invited me to be a game community admin → gave me an activation code to download a so-called game → the client didn’t run on Windows or macOS → the website and whitepaper look polished, but the accounts have mostly bot followers → running the client showed encrypted scripts that generate local files → highly suspicious, possibly a scam or malware.
---
Here’s what happened:
A few days ago, I received a DM on Twitter from someone asking if I was interested in becoming an *admin for a game community*. At first, I declined since I wasn’t really interested. But he insisted that I could at least “give it a try,” and then connected me with someone claiming to be HR. That “HR” person provided me with an *activation code*.
Following their instructions, I used the activation code to download a so-called *game client* from their website. I tried it on both Windows and macOS, but the game wouldn’t run at all.
I dug deeper. After running the software, I found that it executes some *encrypted/obfuscated scripts*, which eventually generate files locally. I can’t be certain if this is malware, but it definitely looks risky.
* Did I just encounter a *well-packaged scam*?
* If it’s really a scam, why go to the trouble of building such a polished site, whitepaper, and Discord presence?
* Or is the real purpose simply to *distribute malicious software* disguised as a game client?
If anyone has a sandbox environment, you might want to run this client and see if it triggers any suspicious behavior.
---
Here’s what happened:
A few days ago, I received a DM on Twitter from someone asking if I was interested in becoming an *admin for a game community*. At first, I declined since I wasn’t really interested. But he insisted that I could at least “give it a try,” and then connected me with someone claiming to be HR. That “HR” person provided me with an *activation code*.
Following their instructions, I used the activation code to download a so-called *game client* from their website. I tried it on both Windows and macOS, but the game wouldn’t run at all.
Here’s where it got strange:
* Their *website and whitepaper* look well-designed and professional, not like the usual sloppy scam setup.
* The person who DM’d me has a *Discord account created in 2018*, not a throwaway account.
* However, their Twitter account has *tons of bot followers*, clearly mass-registered. The same pattern applies to the person who messaged me.
I dug deeper. After running the software, I found that it executes some *encrypted/obfuscated scripts*, which eventually generate files locally. I can’t be certain if this is malware, but it definitely looks risky.
This left me with more questions than answers:
* Did I just encounter a *well-packaged scam*? * If it’s really a scam, why go to the trouble of building such a polished site, whitepaper, and Discord presence? * Or is the real purpose simply to *distribute malicious software* disguised as a game client?
If anyone has a sandbox environment, you might want to run this client and see if it triggers any suspicious behavior.
I’d love to hear the community’s take: was this just a failed attempt at a *web3 game project*, or a *scam hidden behind the façade of a game*?