Fake Pokémon NFT games infect users’ computers with DailyCoin malware

Fake Pokémon NFT games infect users’ computers with malware
  • A fake Pokémon NFT game has been reported to infect users’ computers with malware.
  • Korean security firm AhnLab found hackers exploiting a remote control tool to take control of users’ devices.

The security firm alerted the community that the reported malware was distributed through a phishing site disguised as a Pokémon NFT card game. By downloading the game, users’ computers were put at risk and they would lose control to hackers.

Team Rocket? Roots? Or hackers?

AhnLab shared a detailed report on January 6. The security firm’s analysis team revealed that the hackers used a NetSupport Remote Administration Tool (RAT) to take over users’ computers.

NetSupport Manager is a remote control tool that businesses and regular users use to manage systems remotely. While developers may not have designed remote management tools like NetSupport with malicious intent, many threat actors use them for malicious purposes. These include installing additional malware and extorting information.

The security firm shared that hackers have consistently used the NetSupport RAT. It is distributed via spam emails, phishing sites and other means.

The alleged Pokemon game would install a NetSupport RAT when users would try to play the game. The downloaded file, disguised as a Pokémon card game icon, allegedly tricked users into thinking they had downloaded the game.

Additionally, AhnLab revealed that the Fauxkémon installer would allegedly create hidden NetSupport RAT-related files on users’ computers, allowing the malware to run even after a reboot.

After investigation, the security firm found another phishing page with the same format as the fake Pokémon card game that exploited the same method, installing the NetSupport RAT malware on users’ computers.

At the time of reporting, the alleged sites are redirecting to the official Pokemon website. However, it is reasonable to conclude that the risk of another attack is imminent.

On the other side

  • The Pokémon Company International (TCPI) recently sued Pokémon Pty Ltdan Australian company that claims to launch an NFT-based game in partnership with TCPI.
  • Pokemon NFT card games tend to lure many enthusiasts into downloading malware. Also, this is not the first time users have been tricked into downloading a fake game.

Why you should care

Pokémon is one of the most influential franchises of the 21st century. The popularity of the franchise is also a big factor in luring innocent enthusiasts and collectors into traps. Scams are easier to sell to unsuspecting fans, whether it’s Pokémon card trading, NFTs, or traditional games, due to the platform’s popularity. Therefore, the increasing number of Pokémon-related scams in the Web3 is a frightening problem. But users can protect themselves by doing due diligence and taking the right precautions.

Read about other Pokemon scams:

Pokemon puts unlicensed Web3 replica to the test; The defendant fails to appear

Read how auditors detect fraud:

How Auditors Spot the DeFi Rug Pull Scam: Can You Do It Yourself?

See the original on DailyCoin

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *