Release_fortnite_.zi...

When a user extracts and runs the executable file (often named Anatomy.exe or Fortnite Skin Changer.exe ) inside the ZIP, it initiates several harmful processes:

Some variants emulate the official Epic Games launcher to bypass security suspicion.

Other versions might just force the user to watch endless ads or complete "mobile verification" surveys that generate revenue for the scammer without ever providing the promised game file. Security Recommendations Swindle royale: Fortnite scammers get busy - Kaspersky Release_fortnite_.zi...

It specifically searches for sensitive data, including Bitcoin wallets , Steam sessions , and Epic Games account credentials .

Once harvested, the stolen data is sent via a POST command to remote servers, often located in the Russian Federation (e.g., using IP 5.101.78.169). When a user extracts and runs the executable

Disguised as tools to unlock premium cosmetics for free.

The primary payload is typically a "stealer" that targets browser session info, cookies, and saved passwords. Once harvested, the stolen data is sent via

The file (and similar variations like Fortnite Skin Checker.zip ) is widely recognized as a malicious archive designed to trick players into installing data-stealing malware. These files are often distributed through YouTube videos, Discord communities, or fake websites promising free V-Bucks, "skin changers," or cheats. Technical Breakdown of the Threat