Blitz Malware: A Tale of Game Cheats and Code Repositories
Essential information
- Published
- 06/06/2025 12:45
- Modified
- 08/06/2025 17:35
- Tags
- 2025-06-06 blitz cryptocurrency mining ddos game cheats hugging face information-stealing telegram xmrig
- Related entities
- 80 observables, 16 techniques (mitre), 3 others
Description
Blitz is a new Windows-based malware discovered in 2024 consisting of a downloader and bot payload. The latest version was spread through backdoored game cheats for Standoff 2 distributed via Telegram. Blitz abuses Hugging Face Spaces to host components of its C2 infrastructure and payloads. The malware performs information stealing and DDoS attacks. An XMRig cryptocurrency miner was also deployed as follow-up malware. By May 2025, the developer claimed to have abandoned the project. Russia accounted for the highest number of infections among 289 victims across 26 countries. Palo Alto Networks customers are protected through various security products and services.