Here at Hexxium Creations, our many volunteers are frequently finding new malicious domains, but it is rare that we discover an entire network of malicious domains as well as the source behind them. We recently noticed a tweet from an Electronic Arts developer on Twitter that was exposing a Twitter account that was pretending to be an 'official' account for Rockstar's not yet released game Red Dead Redemption 2
PSA: This is 100% fake & a scam! R* does not do open betas, and if they decide to it'll be done through them
(RT's appreciated) https://t.co/vNd96BD7g9
— Sean 🎮 (@BiggSean66) September 17, 2017
The fake Twitter account (now suspended) was promoting a goo.gl short link that lead to "livebetaservers[DOT]com", a domain with the intent to trick users into thinking they will get early access to play-test "Red Dead Redemption 2". If a user fell for this trick, they would get sent to endless ads demanding the user's personal information and promising to give them access to this non-existent play-test. As a result of this, our team immediately took action and looked into who was in control of this domain & its hosting.
We'll add this domain to our blacklist & reach out to the domain/hosting provider in an attempt to get this domain shut down if valid.
— Hexxium Creations (@HexxiumWeb) September 18, 2017