Winter holidays are the time of family gatherings, meet-and-greets with friends, festive NFT mints, and exceptional challenges in P2E web3 games. But while most users are enjoying an exciting web3 adventure, scammers never celebrate or even sleep, lurking to screw unexpecting gamers and minters up.
That was exactly how the popular Pokemon NFT trading card game was attacked by hackers to conduct phishing attacks on players. Thus, the malicious software was also inserted into a duped NFT marketplace, with a link to buy tokens and even an area to stake NFTs to access the players' and minters' computers remotely.
The warning on the phishing attack arrived on January 6th via the South Korean cybersecurity firm ASEC AhnLab blog post. Thus, instead of proceeding to the game upon clicking on the ‘Play on PC’ button, the users installed malicious PO. Upon doing so, the gamers were opening free access to their devices via the legitimate NetSupport RAT. The latter is a useful program created with good purposes, namely to provide system administrators with remote access to users' devices. This makes the RAT unseen for the PC's antivirus system.
That was how the hackers of the Pokemon NFT game got control over the gamers' mice and keyboards, program files, and download history, and even could give commands, which allowed them to install additional malware or steal data. With the overwhelming popularity of the Japanese Pokemon franchise, the hacker campaign was, unfortunately, a success.
Thus, to avoid such scams in the future and stop the current attack, ASEC advises users to be wary of the threat group and spread the word among the community about the current state of things.
Improve your cyber intelligence and download, mint, and install data from official sources and avoid spamming messages on socials and email, even though the links in them go to the pages that seem legit. Stay safe!