Hackers have been using a fake NFT game claiming to be Pokémon-branded to spread malware to unsuspecting users, according to cybersecurity firm AhnLab. The phishing website, which is still active at the time of writing, appears to offer a legitimate NFT marketplace and the option to buy tokens and stake NFTs based on the popular Japanese media brand. However, users who download the site's content are actually installing a remote access program called NetSupport Manager that gives hackers control over their device.
This utility allows hackers to remotely control the device's mouse and keyboard, access its file management and history, and even execute commands that allow them to install more malware. As a result, AhnLab has warned the public to be cautious and only download apps from official websites, and to avoid opening attachments from suspicious emails. It's important to exercise caution when downloading content online, as hackers will often try to disguise their malicious software as something harmless in order to trick people into downloading it. By following best practices for internet safety, you can protect yourself and your device from these types of attacks.