Hackers are using the continued popularity of the Pokémon cosmos and the bizarre rise in non-fungible tokens (NFTs) to trick people into installing Remote Access Tools (RATs), seizing control of their devices, and stealing any valuables that they can locate.
ASEC cybersecurity scholars recently uncovered at least two malicious sites: beta-pokemoncardsio and pokemon vanio claiming to host a Pokemon game that also features NFT cards that can be traded, likely for profit.
The sites have since been taken down, but while they were active they had a download button called "Play on PC" which was distributed by NetSupport.
NetSupport Distribution
In theory, NetSupport is legitimate software. It is built on Windows and allows for remote cross-platform access, giving administrators and IT technicians a way to remotely access multiple endpoints and address any potential issues. The program is compatible with Windows, Windows Mobile, Mac, Linux and Solaris.
In practice, hackers use NetSupport to gain unauthorized access to target systems. The first traces of activity in this campaign date from December of last year. According to the post, previous VirusTotal samples showed the same operators pushing a fake Visual Studio file instead of the Pokemon game.
The identity of the threat actor behind the campaign is unknown.
Non-fungible tokens are part of a larger cryptocurrency market and, as such, are an essential target for scammers and hackers. Recent research has proven that the Web3 industry (blockchain-based decentralized internet, the exact same technology that powers NFTs) lost almost €XNUMX billion last year due to fraud and cybercrime.
As more organizations started building new systems, scammers quickly sprouted out of the forest, and now Web3 bug bounty distributor Immunefi has claimed that precisely €3,948,856,037 worth of cryptocurrency was lost in the Web3 ecosystem in 8,088,338,239. , due to fraud, hacking and scams. On the bright side, scholars say, is the fact that total losses fell by more than half (XNUMX%) year after year. By XNUMX, the industry had lost €XNUMX.
However, the relentless battle against scammers does not slow down the development of the industry. Immunefi expects it to grow from €3,200 billion last year to €81,500 billion over the next 7 years, increasing the CAGR by XNUMX%.
Via: BleepingComputer (opens in a new tab)