Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data

A new report from Bitdefender Labs has brought unsettling news for the gaming community, especially those looking for free or hacked versions of popular titles. Cybercriminals are using the hype around the major first-person shooter, Battlefield 6, to trick players into downloading malicious software that can steal their private information and even take over their PCs.

Battlefield 6, developed by DICE and published by Electronic Arts (EA), hit the market in October and was, as we know it, one of the year’s most anticipated releases. Unfortunately, this popularity became a perfect target for attackers who started spreading infected files the moment the game became available.

** **Counterfeit Games and Malicious Cheats****

The researchers found fake pirated versions of the game, installers, and phoney “game trainers” being spread across torrent sites and other easily found domains. For your information, a game trainer is a program (sometimes real) that gives a player an advantage, like unlimited coins or health. However, in this case, the fake ones do the opposite; they steal your data. Also, none of the fake files actually work as a game or a cheat.

Bitdefender Labs’ research, shared with Hackread.com, further revealed that the attackers made their malicious downloads appear legitimate by using the names of real, well-known game cracking groups, like InsaneRamZes and RUNE.

Researchers assessed a pirated version using the RUNE name, which was disguised as a Battlefield 6 ISO image and deployed a dangerous Command-and-Control (C2) agent. This agent allows an attacker to remotely control an infected computer for future exploitation.

One sample, disguised as a trainer, acted as an aggressive infostealer, focused on secretly gathering personal data. Another file, distributed as Battlefield 6.GOG-InsaneRamZes used a completely different strategy that involved stealth and environmental awareness.

It then checked regional settings and shuts down if it detects Russian or CIS countries (like Armenia, Belarus, etc.). This evasion, common for some groups, helps them avoid legal issues and detection by security programs.

****Data at Risk****

This infostealer specifically targets sensitive data. Researchers noted that this malware aggressively targets “Crypto Wallets and Cookie Sessions from Chrome, Edge, Firefox, Opera,” session tokens from Discord, and crypto-wallet extension data from Chrome add-ons like iWallet and Yoroi. Bitdefender’s analysis also found that hundreds of people (potential victims) were actively downloading the malicious torrent files.

** **How to Stay Safe****

Bitdefender’s advice is clear: always buy and download Battlefield 6 and other games only from official sources like the EA App, Steam, or GOG. They strongly recommend avoiding third-party utilities, torrents, or any unknown programs, warning that: “attackers are exploiting players’ curiosity and impatience for newly launched titles.”