Author

Topic: Hackers hide malware in fake NFT game (Read 275 times)

copper member
Activity: 2156
Merit: 983
Part of AOBT - English Translator to Indonesia
February 05, 2023, 01:23:15 AM
#23
The lesson is very simple.  Yet, nobody learned it.  I do not even understand.  How can you click random stuff and consciously click that Yes button when Windows tells you the program wants to make changes to your computer.  How can you open stuff when you have no idea where it comes from.

Believe me, some people learn it some people don't or there's some people that will learn after did happen to them.  Grin

and in this case I think they got clicked game look playful or get free nft after play some hours. You know the ads nowadays.its very colorful and attractive the best way is keep educating ourself right  Cool
legendary
Activity: 3122
Merit: 1140
February 02, 2023, 04:41:28 PM
#22
But I think if I'm still in the same state for these play to earn games then sure that I may fall for this type of scam. And to those that like it that much, verify the source and the contents of what you're downloading before you proceed to press that accept and download button.
How it's possible to verify the source and contents? you have no way to verify since the source is closed, using virus total to scan the file doesn't effective because sometime it can't detect a malware or regularly show false positive result. The best way is never download any NFT game in your personal phone, if you really interested to play the game, it's better to bought another phone which you will use to download any unsecure apps or clicking random links.
This is why im not really that downloading any wallet into my phone or any that is really connected into my crypto wallet because im that really a fan on downloading games and not into those NFT but also in other
games that could be found neither on playstore or in various places on net as long it does interest me then i would download it.Just like you had mentioned which i do have separate mobile device
for personal use and for crypto wallet which i could make out some transaction without worrying if your mobile phone is infected with some malware or not but its not really that
common for android viruses but this is really that very common on personal computers.
hero member
Activity: 1148
Merit: 796
January 30, 2023, 04:23:26 AM
#21
But I think if I'm still in the same state for these play to earn games then sure that I may fall for this type of scam. And to those that like it that much, verify the source and the contents of what you're downloading before you proceed to press that accept and download button.
How it's possible to verify the source and contents? you have no way to verify since the source is closed, using virus total to scan the file doesn't effective because sometime it can't detect a malware or regularly show false positive result. The best way is never download any NFT game in your personal phone, if you really interested to play the game, it's better to bought another phone which you will use to download any unsecure apps or clicking random links.
hero member
Activity: 2478
Merit: 695
SecureShift.io | Crypto-Exchange
January 23, 2023, 01:59:54 PM
#20
Damn hackers will always come up with new ways to make people pay for their actions. This is such an important piece of information that will be helpful to anyone especially those who are chasing after NFTs. Hackers are looking at the weak point of people to strike, since almost every crypto person is into nft they decided to come up with this terrible idea of reckking their victims. Unbelievable.
hero member
Activity: 3066
Merit: 629
Vave.com - Crypto Casino
January 16, 2023, 02:58:43 PM
#19
Being an investor in an NFT game for the last 2 years and when they required me to download their software and game, I did. The good thing is that it's Axie and doesn't have the same malware.
But I think if I'm still in the same state for these play to earn games then sure that I may fall for this type of scam. And to those that like it that much, verify the source and the contents of what you're downloading before you proceed to press that accept and download button.
legendary
Activity: 3052
Merit: 1168
Leading Crypto Sports Betting & Casino Platform
January 16, 2023, 11:42:40 AM
#18
And they also seem to use other fake programs like OBS screencapture/streaming software to target influencers from streaming services

https://cryptoslate.com/wallets-of-nft-influencer-gets-drained-in-obs-malware-attack/

I sympathise but at the same time and can't keep serious face that someone called something as pompous as "NFT God" fails on such a basic level fails OpSec.
But truth to be told, i got one of my wallets drained just yesterday for the first time so maybe you should laugh at my Opsec.
My explanation is that i was was being greedy and hasty and trusted wrong person.
legendary
Activity: 1974
Merit: 2124
January 12, 2023, 10:47:58 AM
#17
What's new here? I thought once adding NFT to the wallet, hackers would be able to remotely monitor the device and thus know the seed and password when entered.
The most of the times when you are victim of these phising links the hackers install malware into your device or like you said whenever you type any password or seed phrases on that device they have access to it through keylogger which has been into your system through these viruses and your whole wallet is drained by the scammers yet we do such things.

Installing a random games for fun on a device that has a hot wallet is stupid, you should be more careful or buy a separate phone for such things..
The basic problem with most of the people is they have funds stored in same device they use for all the purposes and they click on various links on the internet becoming prone to such hacks.The best practice is to use air gapped devices for storing your funds that is never connected to internet so as to remain safe but if not then use hardware wallets or as said different device with non custodial wallets and funds in them.

You want to play NFT game, visit any site click on the links from random users or pop ups on the site do it but just have in mind the consequences it can have as you have funds in your wallet but I think most of the people don't imagine such things.They see game rewards like P2E earn concept and just to earn some shit token from the game they download full virus into the system and also run it on administrator allowing to make changes without a doubt but this is what happens afterwards.You gain nothing from the game but also loose what you have.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
January 12, 2023, 08:46:01 AM
#16
Imagine using the same device for saving seed phrases and downloading random NFT games from unknown mail senders.

I've read warnings like this for a long time, but I'm not moving to learn Linux right away. hope to have more time to learn Linux from now on.
It is recommended to move to Linux, but hear me out: it's free if you don't value your time.

Just want to add to OP post, this is why its really important for people to learn a bit of network monitoring, and deny access on some port in your network, since there are lots of opensource firewall that we can use free, i have been using free opensource firewall since, aside from installing apps , they also inject or to links and emails, so knowing a bit on what to allow and won't is really an advantage this days, aside from your anti virus.
But this doesn't have to do with firewalls. As far as I understand, the virus spreads on emails, and nobody hosts their own email server from home now more.
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
January 12, 2023, 08:36:44 AM
#15
Another discovery of fraudulent activities was made by Korean specialists from AhnLab. The game is distributed through phishing sites or through a mailing list; it is a simple Pokémon NFT card game. After installing the game, RAT, a computer remote control virus, is installed on the victim's computer, which ultimately allows hackers to fully monitor all the victim's actions, including stealing passwords and seed phrases.

Quote
Hackers have been using a fake NFT game claiming to be Pokémon-branded to spread malware to unsuspecting users, according to cybersecurity firm AhnLab. The phishing website, which is still active at the time of writing, appears to offer a legitimate NFT marketplace and the option to buy tokens and stake NFTs based on the popular Japanese media brand. However, users who download the site's content are actually installing a remote access program called NetSupport Manager that gives hackers control over their device
https://metaverse.sg/nft-news/fake-pokemon-nft-game-distributes-malware

The remote control can be configured as the most common process on Windows, which the user will never mistake for malicious, which also applies to antivirus software, although some completely refuse to detect it.

As a result, the simple truth rings again: do not open anything on the Internet, do not open attachments from strangers, and start self-education on Linux systems in order to completely abandon leaky Windows.
Just want to add to OP post, this is why its really important for people to learn a bit of network monitoring, and deny access on some port in your network, since there are lots of opensource firewall that we can use free, i have been using free opensource firewall since, aside from installing apps , they also inject or to links and emails, so knowing a bit on what to allow and won't is really an advantage this days, aside from your anti virus.
legendary
Activity: 1792
Merit: 1296
Crypto Casino and Sportsbook
January 12, 2023, 07:50:59 AM
#14
~snip
As a result, the simple truth rings again: do not open anything on the Internet, do not open attachments from strangers, and start self-education on Linux systems in order to completely abandon leaky Windows.
I can add that need to separate your devices for everyday tasks and entertainment, and for working with finances. In the first case, it will most often be Windows, and in the second, Linux or Mac is more desirable. Of course, on each of the devices, perform only certain tasks, in order to avoid troubles, such as hacking with the help of NFT games. You can get a used hardware of past generations, the capacities of which will be enough and will not cost much at all. But it will allow to avoid the effects of malware if you reduce the use of this PC to only work with crypto currencies.
legendary
Activity: 1904
Merit: 1563
January 12, 2023, 07:33:57 AM
#13
but I'm not moving to learn Linux right away. hope to have more time to learn Linux from now on.
Try Linux Mint with cinnamon desktop environment! Its interface is similar to Windows 10 which makes the experience of switching from Windows to Linux a tad easier. Plus, the community is pretty active which makes troubleshooting a lot easier.

Here are the resources I used!
- https://linuxcommand.org/tlcl.php - More on CLI to allow you become flexible on using the OS.
- https://youtube.com/@ChrisTitusTech - for general education about Linux system.

Hope that helps.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
January 12, 2023, 06:28:47 AM
#12
~snipped
Thanks for the tips. I think for simple desktop users these virus is really not good and can really deceived them. Not all are proficient to execute those of you suggested to avoid this kind of malicious files. So the safest way is always check what you download online cause with a simple site, it could ruin your asset once he able to set up those click baits.


Maybe this will help you a little with the settings. Smiley
https://blog.eldernode.com/activate-and-use-sandbox-in-windows-10/
https://www.youtube.com/watch?v=UywHb0rOHVI
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
January 12, 2023, 06:23:20 AM
#11
~snipped
Thanks for the tips. I think for simple desktop users these virus is really not good and can really deceived them. Not all are proficient to execute those of you suggested to avoid this kind of malicious files. So the safest way is always check what you download online cause with a simple site, it could ruin your asset once he able to set up those click baits.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
January 12, 2023, 04:26:10 AM
#10

Thats a strong malicious virus, I think monitoring ones activity is common but the ability to steal passwords and phrase, is that can be done for example there are saves files on his folders? Or only if he can sees the activity where the phrases are been look up into?

Is there any news of this fraudulent in apps and mobiles already or only on pcs and laptops? Thanks Op this is a great news another one to avoid.

At one time, I studied how these viruses are created and hidden, and the fact that they can create the most common screenshots and instantly send these screenshots in stealth mode to a hacker is already dangerous. In another case, I think a hacker can set up surveillance specifically for certain applications in order to receive a signal in time when the user opens it. On the internet, this virus quietly spreads in free mode on specific subject forums Smiley (there is a simple guide to creating it), the task manager on Windows rarely detects it, and it is because of this that you must always monitor what and where you download. The best option would be to install a virtual machine, if necessary, download something, and also use a sandbox so that if malware enters, it is deleted when the application is closed.
legendary
Activity: 3052
Merit: 1168
Leading Crypto Sports Betting & Casino Platform
January 12, 2023, 02:26:22 AM
#9
Another discovery of fraudulent activities was made by Korean specialists from AhnLab. The game is distributed through phishing sites or through a mailing list; it is a simple Pokémon NFT card game. After installing the game, RAT, a computer remote control virus, is installed on the victim's computer, which ultimately allows hackers to fully monitor all the victim's actions, including stealing passwords and seed phrases.

Quote
Hackers have been using a fake NFT game claiming to be Pokémon-branded to spread malware to unsuspecting users, according to cybersecurity firm AhnLab. The phishing website, which is still active at the time of writing, appears to offer a legitimate NFT marketplace and the option to buy tokens and stake NFTs based on the popular Japanese media brand. However, users who download the site's content are actually installing a remote access program called NetSupport Manager that gives hackers control over their device
https://metaverse.sg/nft-news/fake-pokemon-nft-game-distributes-malware

The remote control can be configured as the most common process on Windows, which the user will never mistake for malicious, which also applies to antivirus software, although some completely refuse to detect it.

As a result, the simple truth rings again: do not open anything on the Internet, do not open attachments from strangers, and start self-education on Linux systems in order to completely abandon leaky Windows.
I have been contacted by same kind of scammers several times, to do review of their obscure NFT game for money. I've always rejected the offer because real intentions shows miles away. And when you think about it, crypto people who connect their wallets for playing are the perfect target for the scam. You don't even have to get the banking details and hope banks don't reverse money transfers. You literally get everything without any work because others end up giving their wallets for you. I wonder how these won't happen all the time.

And funny enough people don't seem to care when some unknown game designers decide to use stolen trade mark. Like that wasn't a huge red flag.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
January 12, 2023, 12:06:36 AM
#8
but it is strange that the wallets allow screen recording while writing passwords in the wallets.

For seeds, the situation is easier.
Even more scarier if this is true. Yes and thats really dangerous for any users. Imagine if this kind of virus pass on millions of platforms that are popular and some users might not be able to figured out this sooner. Lots of money will be compromise.
legendary
Activity: 1596
Merit: 1288
January 12, 2023, 12:02:09 AM
#7
Another discovery of fraudulent activities was made by Korean specialists from AhnLab. The game is distributed through phishing sites or through a mailing list; it is a simple Pokémon NFT card game. After installing the game, RAT, a computer remote control virus, is installed on the victim's computer, which ultimately allows hackers to fully monitor all the victim's actions, including stealing passwords and seed phrases.

What's new here? I thought once adding NFT to the wallet, hackers would be able to remotely monitor the device and thus know the seed and password when entered.
Installing a random games for fun on a device that has a hot wallet is stupid, you should be more careful or buy a separate phone for such things..

Thats a strong malicious virus, I think monitoring ones activity is common but the ability to steal passwords and phrase, is that can be done for example there are saves files on his folders? Or only if he can sees the activity where the phrases are been look up into?
If you give them access to your files, then they may be able to access the wallet file, which is still encrypted with your password, then monitoring your device is enough for them to obtain that password, but it is strange that the wallets allow screen recording while writing passwords in the wallets.

For seeds, the situation is easier.
hero member
Activity: 3024
Merit: 680
★Bitvest.io★ Play Plinko or Invest!
January 11, 2023, 05:27:37 PM
#6
I am a fan of games not NFT games but this could also happen into some other games that are common and popular for which the devs can fake it out as the official one and then will insert any malware like RAT.

Well, these hackers will really do anything that they can to steal people's money and those that are hyper and keeps on installing any game as they wish especially the NFT games. You better be curious at all times and still verify anything that's related to the project you're interested with.
hero member
Activity: 952
Merit: 555
January 11, 2023, 04:18:20 PM
#5
There has been a lot of scam related activities associated with NFT right from time because they know it's one of the easy means they can penetrate in for an attack, this begin to pop in after the discovery that newbies are too eager on the search on NFT because they believe those tokens will not only last but will pay them big amount of money which at the end doesn't work that way anymore, games download and NFTs are one of the easiest means for an attack and all they do is to introduce the attack virus in form of malware against the user system through what they download.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
January 11, 2023, 10:58:35 AM
#4
After installing the game, RAT, a computer remote control virus, is installed on the victim's computer, which ultimately allows hackers to fully monitor all the victim's actions, including stealing passwords and seed phrases.
Thats a strong malicious virus, I think monitoring ones activity is common but the ability to steal passwords and phrase, is that can be done for example there are saves files on his folders? Or only if he can sees the activity where the phrases are been look up into?

Is there any news of this fraudulent in apps and mobiles already or only on pcs and laptops? Thanks Op this is a great news another one to avoid.
hero member
Activity: 1246
Merit: 699
January 11, 2023, 10:53:23 AM
#3
The game is distributed through phishing sites or through a mailing list; it is a simple Pokémon NFT card game.

fortunately, I'm not too keen on games. but I see on social media some accounts share similar pokemon games. I don't know if it's fake or true, because I'm not a person who likes games, I just missed it.
because nowadays there are more and more people who are interested in NFT games. there may be more ways scammers commit theft in the future.

start self-education on Linux systems in order to completely abandon leaky Windows.
damn, I'm still a Windows user until recently.
I've read warnings like this for a long time, but I'm not moving to learn Linux right away. hope to have more time to learn Linux from now on.
hero member
Activity: 882
Merit: 1873
Crypto Swap Exchange
January 11, 2023, 10:38:48 AM
#2
How many decades since phishing mails became a thing?

The lesson is very simple.  Yet, nobody learned it.  I do not even understand.  How can you click random stuff and consciously click that Yes button when Windows tells you the program wants to make changes to your computer.  How can you open stuff when you have no idea where it comes from.

People get Antivirus software and they think it magically solves any problem so they can click on anything and there is a magical shield protecting you.  NO!  Part of the security and safety is your behavior too.  I still have devices running Windows and I never had an Antivirus on them.  Yet they are clean.  I can install Bitcoin Core and not even encrypt my wallet and no fund will be stolen.

-
Regards,
PrivacyG
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
January 11, 2023, 12:42:30 AM
#1
Another discovery of fraudulent activities was made by Korean specialists from AhnLab. The game is distributed through phishing sites or through a mailing list; it is a simple Pokémon NFT card game. After installing the game, RAT, a computer remote control virus, is installed on the victim's computer, which ultimately allows hackers to fully monitor all the victim's actions, including stealing passwords and seed phrases.

Quote
Hackers have been using a fake NFT game claiming to be Pokémon-branded to spread malware to unsuspecting users, according to cybersecurity firm AhnLab. The phishing website, which is still active at the time of writing, appears to offer a legitimate NFT marketplace and the option to buy tokens and stake NFTs based on the popular Japanese media brand. However, users who download the site's content are actually installing a remote access program called NetSupport Manager that gives hackers control over their device
https://metaverse.sg/nft-news/fake-pokemon-nft-game-distributes-malware

The remote control can be configured as the most common process on Windows, which the user will never mistake for malicious, which also applies to antivirus software, although some completely refuse to detect it.

As a result, the simple truth rings again: do not open anything on the Internet, do not open attachments from strangers, and start self-education on Linux systems in order to completely abandon leaky Windows.
Jump to: