Hackers have capitalized on the continued popularity of the Pokemon universe and the bizarre rise of non-fungible tokens (NFTs) to trick people into installing remote access tools (RATs), taking over their devices and stealing any valuables they might find.
Cybersecurity researchers at ASEC recently discovered at least two malicious websites – beta-pokemoncards[.]io and pokemon-go[.]io pretends to host a Pokemon game that also offers NFT cards that can be traded for an eventual profit.
These sites have been shut down, but while they were active they had a download button called “Play on PC” which distributed NetSupport.
Distribute NetSupport
In theory, NetSupport is legitimate software. Built on Windows, it allows cross-platform remote access, giving IT administrators and technicians a way to remotely access various endpoints and fix any potential issues. The program supports Windows, Windows Mobile, Mac, Linux and Solaris.
In fact, threat actors are using NetSupport to gain unauthorized access to targeted systems. The first signs of this activity came last December. The publication also found that earlier samples from VirusTotal showed the same operators pushing a fake Visual Studio file instead of a Pokemon game.
The identity of the threat actor behind this campaign remains unknown.
Non-fungible tokens are part of the wider cryptocurrency market and as such are a prime target for fraudsters and hackers. Recent research shows that the Web3 industry (the blockchain-based decentralized internet, the same technology that powers NFTs) lost nearly $4 billion to fraud and cybercrime last year.
As more organizations start building new systems, fraudsters quickly come to the fore, and now Web3 bug bounty provider Immunefi claims that $3,948,856,037 worth of cryptocurrency will be lost to fraud, hacks, and scams in the Web3 ecosystem in 2022. The silver lining, the researchers said, was that overall losses more than halved year-on-year (51.2%). In 2021, the industry lost $8,088,338,239.
Still, the ongoing battle against fraudsters hasn’t slowed the industry’s growth. Immunefi expects it to grow from $3.2 billion last year to $81.5 billion over the next seven years, a CAGR of 43.7%.
pass: Beep computer (opens in a new tab)
