At the same time, I am optimistic about the upsurge of Pokémon games and the future development of NFT non-homogeneous tokens after returning to normal. There are counterfeit official franchise Pokémon NFT card game websites on the Internet (https://pokemon-go.io/ ), when a user accesses a website, they may inadvertently download a seemingly harmless RAT remote access tool that downloads malicious software behind the scenes, allowing hackers to control the victim’s device.
A well-established Pokémon NFT card game website appeared on the Internet, claiming to be a new NFT card game base created by the Pokémon Company franchise series, providing users with strategic offensive and defensive fun and NFT investment profits. Hackers can easily lure users to fake websites simply by spreading spam emails and social media posts. According to the South Korean security company AhnLab Security Emergency Response Center (ASEC), which exposed fake websites, the hackers also set up a second website “beta-pokemoncards.io”. Fake websites are now offline.
When the user clicks the “Play on PC” button, an executable file that looks like a legitimate game installer will be downloaded, but a folder will be added to the “%APPDATA%” path of the victim’s system, and the name will be Install NetSupport’s common legal RAT tools and related files in the market. Since NetSupport itself is legitimate, and hackers will further set these files and folders as “hidden”, it is very likely to avoid system detection or manual inspection by users. Not only that, but in order to ensure that the RAT executable file will be automatically executed when the system starts, the hacker will copy the RAT link to the Windows startup folder.
The most frightening thing is that NetSupport Manager supports remote screen control, screen capture, system monitoring, remote system grouping and other functions to improve control efficiency, and also supports many connection options such as network packet encryption. This also makes hacker attacks more widespread and serious. The most important security concern is the hijacking of user devices by downloading malicious programs, which eventually leads to the leakage of personal sensitive data.
(Source of the first picture: Science and Technology News)
