"Gotta Catch 'Em All: Cybercriminals Target Victims With Fake Pokémon Game"

Cybersecurity researchers at the AhnLab Security Emergency Response Center (ASEC) in South Korea have found a phishing campaign that aims to spread malware using a fake Pokémon NFT game. ASEC discovered at least two phishing pages masquerading as a Pokémon game that distribute the NetSupport Remote Access Tool (RAT) to seize control of victims' devices. Although NetSupport RAT is a legitimate program, in the wrong hands, it can be exploited for malicious purposes, including the installation of additional malware and information extortion. ASEC noted that the threat actors could be using apps other than Pokémon to distribute malware, as was recently the case with a phishing website masquerading as an update page for SocGholish software. This article continues to discuss threat actors exploiting the popularity of the Pokémon franchise and the NFT card trading market to spread malware.

Cybernews reports "Gotta Catch' Em All: Cybercriminals Target Victims With Fake Pokémon Game"