-: FOLLOW US :- @theinsaneapp
You should be cautious if you find a Pokemon card game that claims to give you non-fungible tokens or NFTs.
-: FOLLOW US :- @theinsaneapp
Threat actors are using a legit-looking Pokemon game to distribute NetSupport remote accessibility tool (RAT) and take control of their systems.
-: FOLLOW US :- @theinsaneapp
ASEC analysts first discovered the fake game. It is an NFT card game that allows users to play with Pokemon cards and profit from their NFT investments.
-: FOLLOW US :- @theinsaneapp
Users will receive an executable file when they click the "Play on PC” button on the website.
-: FOLLOW US :- @theinsaneapp
Although the file appears to be a game installation, it contains NetSupport's RAT.
-: FOLLOW US :- @theinsaneapp
Once the file has been executed, it creates a folder under the %APPDATA% directory and creates hidden NetSupport RAT files.
-: FOLLOW US :- @theinsaneapp
This makes it difficult for users who want to remove the malware.
-: FOLLOW US :- @theinsaneapp
This file creates a Startup folder entry so that the malware can be run after each boot.