Hackers are using the continued popularity of the Pokémon universe and the bizarre rise of non-fungible tokens (NFTs) to trick people into installing Remote Access Tools (RATs), hijacking their devices, and stealing anything of value. that they can find.
ASEC cybersecurity researchers recently uncovered at least two malicious websites: beta-pokemoncards(.)io and pokemon-go(.)io that claim to host a Pokemon game that also offers NFT cards that can be traded, eventually with profit.
The websites have since been taken down, but while active they had a download button called “Play on PC” which was distributed by NetSupport.
In theory, NetSupport is legitimate software. It is based on Windows and enables cross-platform remote access, giving IT administrators and technicians a way to remotely access multiple endpoints and troubleshoot any potential issues. The program is compatible with Windows, Windows Mobile, Mac, Linux and Solaris.
In practice, threat actors use NetSupport to gain unauthorized access to target systems. The first signs of activity in this campaign were in December of last year. Previous VirusTotal samples, the post also found, showed the same operators pushing a fake Visual Studio file instead of the Pokémon game.
The identity of the threat actor behind the campaign is unknown.
Non-fungible tokens are part of a broader cryptocurrency market and as such are a major target for scammers and hackers. Recent research has shown that the Web3 (blockchain-based decentralized internet, the same technology that powers NFTs) industry lost nearly $4 billion last year to fraud and cybercrime.
As more organizations began building new systems, scammers quickly came out of the woodwork, and now Web3 bug bounty provider Immunefi has claimed that exactly $3,948,856,037 worth of cryptocurrency was lost in the Web3 ecosystem in 2022, per fraud, hacking and scams. On the bright side, the researchers say, is the fact that overall losses were cut by more than half (51.2%) year-over-year. In 2021, the industry had lost $8,088,338,239.
However, the constant battle against scammers is not slowing down the growth of the industry. Immunefi expects it to grow from $3.2 billion last year to $81.5 billion over the next seven years, increasing a 43.7% CAGR.
Via: BleepingTeam (opens in a new tab)