Fake Pokemon NFT game is used to infect computers and steal data

Fake Pokemon NFT game is used to infect computers and steal data

Fake card game Pokemon The com NFT is being used in a campaign to steal data from remote access software. With at least two malicious domains, criminals have announced a title with popular battle cards featuring characters and big money as well, with download available to harm Windows PC.

Instead of the promised game, the name of the famous was also used pokemon go As a way to lure users, the download link available on the fake website brings the NetSupport Manager tool. It is legitimate and allows remote access to Windows devices for technical support tools, maintenance, and updates; However, it appears here in a tampered version that could allow data theft, lateral movement across the network, and installation of additional malware.

Once installed, the pest takes steps to stay stealth, hiding the folders created on the system, while adding itself to the list of programs that will run with the computer. After that, it remains available to criminals for malicious activities, while maintaining connection to the criminals’ servers to carry out their desired compromises.

According to ASEC digital security experts, who are responsible for detecting the malicious campaign, the first signs of contamination date back to December last year. Prior to that, however, the same malware signatures for this process had already appeared in contaminants related to Visual Studio, a software development tool from Microsoft The idea would be the same, pretending to be a legitimate application to contaminate Windows computers.

The two sites used to promote the fake game of Pokemon The com NFT has already been removed, but as it usually happens, new domains can appear at any time. The campaign may also include dangerous ads in search engines, posts on social networks, or phishing emails and messages, which are common vectors for the spread of attacks of this kind.

See also  Sony will launch Xperia Ace 3 to compete with the iPhone 13 mini

All of this, of course, seems to promote a game that simply doesn’t exist, something that really is the first sign of danger. ASEC also released pointers to the settlement to finally help infected users, as well as the original links used to download the malware.

Users should be careful when downloading games, software and other solutions from the Internet. This should be done only from recognized and certified websites, preferably from the official marketplaces or the pages of the developers themselves. Keeping your operating system updated, along with active antivirus and security software, helps keep your computer safe from such threats.

Source: ASIC

By Chris Skeldon

"Coffee trailblazer. Social media ninja. Unapologetic web guru. Friendly music fan. Alcohol fanatic."