A new scam involving Pokémon has been discovered by ASEC cybersecurity experts. Pirates make Internet users believe that they are downloading a game inspired by a successful license, with the addition of an NFT overlay to attract the most gullible. Of course, the so-called installation file contains malware that allows the victim’s PC to be controlled remotely.
We will no longer surprise anyone by saying that NFT games available on the web often hide scams. Logan Paul himself paid the price recently, and other Internet users risk falling into the trap with a new trap spotted by the ASEC teams. The comparison with the famous Youtubeur is also in order, since it is an alleged Pokémon game which is this time at the heart of the scam.
On the dedicated site, pirates indeed promise a game based on the principle of Pokémon cards. To this, the hackers have added an NFT overlay which, it must be said, fits relatively well with the speculation that is already rampant in the industry. The least attentive Internet users will therefore not see the threat that hides behind the button to download the game.
Don’t Download This Fake Pokemon NFT Game
Once the executable file is opened, an installation process is launched. Unfortunately, it’s not that of the game, but that of a malware that hides in the Windows AppData system folder. The scheme is actually based on the use of NetSupport, an application that allows a third party user to take control of a PC remotely.
Related: Logan Paul Spends $5.4 Million on Pokemon Card, New World Record
While NetSupport isn’t originally hacking software, it can be dreadful when it ends up in the wrong hands. However, it is precisely this tool that the victim will install when thinking of installing a Pokémon game. Worse still, the malware will also configure the target PC so that it can run as soon as it starts up, all without the victim realizing it.
You guessed it, once access to the PC is gained, hackers will take advantage of it to install other malware, recover sensitive data, in short, perform various actions that will undermine the security of their target. So we can never tell you enough: be very careful about what you download on the web, especially when it involves NFTs.
Source: ASEC