The terms “pokemon-go” and “beta-pokemoncards” were used in the URLs of two different websites that housed convincing false presentations and PC downloads, according to ASEC. Not only has there been no sign that Game Freak, the company behind Pokemon and Nintendo, is interested in joining the non-fungible bandwagon, but NFTs themselves are plagued with pump-and-dump investment scams and plain old larceny. How Fake ‘Pokémon NFT’ Spreads Malware On ComputersĪlthough distributing false copies of well-known games in order to spread harmful software is nothing new, luring users in with the promise of money from NFTs with the Pokemon name is particularly impolite. However, previous samples obtained from VirusTotal revealed that the same operators had really been pushing a fake Visual Studio file rather than the Pokemon game. The first indications of this campaign’s activity surfaced in December 2022. The operation was discovered by analysts at ASEC, who also claim that a second website, “beta-pokemoncardsio,” was used in the campaign but has since been taken offline. When users click the “Play on PC” button, an executable that appears to be a legitimate game installer is really installed on the victim’s computer by NetSupport, a remote access tool. It shouldn’t be difficult for the owners of the malicious portal to attract users to the site through malspam, social media posts, etc., given the popularity of both Pokemon and NFTs. The “pokemon-goio” website, which is still active as of this writing, advertises a brand-new NFT card game based on the Pokemon franchise that gives players both strategic enjoyment and NFT investment gains. A skillfully designed website for the Pokemon NFT card game is being used by threat actors to disseminate the NetSupport remote access tool and commandeer victims’ devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |