This fake Pokemon NFT game just wants to take over your Windows PC
Fake Pokemon NFT game actually distributes a RAT
Hackers are utilising the continued popularity of the Pokemon universe and the bizarre rise of non-fungible tokens (NFT) to trick people into installing remote access tools (RAT), take over their devices, and steal any valuables they might find.
Cybersecurity researchers from ASEC recently discovered at least two malicious websites - beta-pokemoncards[.]io, and pokemon-go[.]io pretending to host a Pokemon game that also offers NFT cards that can be traded, eventually for profit.
The websites have since been taken down, but while they were active they had a download button called “Play on PC” that distributed NetSupport.
Distributing NetSupport
In theory, NetSupport is legitimate software. It’s built on Windows, and allows cross-platform remote access, giving IT administrators and technicians a way to remotely access various endpoints and fix any potential problems. The program supports Windows, Windows Mobile, Mac, Linux, and Solaris.
In practice, NetSupport is being used by threat actors to gain unauthorized access to target systems. The first signs of activity on this campaign were in December last year. Earlier samples from VirusTotal, the publication also found, showed the same operators pushing a fake Visual Studio file instead of the Pokemon game.
The identity of the threat actor behind the campaign remains unknown.
Non-fungible tokens are part of a wider cryptocurrency market and as such are a major target for fraudsters and hackers. Recent research has shown that the Web3 industry (decentralized internet based on the blockchain, the same tech that powers NFTs) lost almost $4 billion last year to fraud and cybercrime.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
As more organizations started building new systems, fraudsters were quick to come out of the woodwork, and now Web3 bug bounty provider Immunefi has claimed exactly $3,948,856,037 worth of cryptocurrencies was lost in the Web3 ecosystem in 2022, to fraud, hacks, and scams. The silver lining, the researchers are saying, is the fact that the overall losses dropped by more than half (51.2%) year-on-year. In 2021, the industry had lost $8,088,338,239.
The constant battle against fraudsters isn’t slowing the industry’s growth, though. Immunefi expects it to grow from $3.2 billion last year, to $81.5 billion in the next seven years, increasing 43.7% CAGR.
- Check out the best firewalls today
Via: BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.