With the increase popularity of the Hamster Kombat game, the threat actors are now targeting the players with fake Android and Windows software that results in installation of spyware and information stealing malware. Hamster Kombat game has grasped the world of cryptocurrency game enthusiasts with a stroke.
What is Hamster Kombat?
Hamster Kombat is a clicker mobile game for Android, where players are rewarded with fictional currency by completing simple tasks, which is mainly tapping the screen. The game entails repeatedly tapping the screen of the mobile device with the increased possibility of earning big once Hamster Kombat's creators unveil the promised new crypto coin linked to the game.
The game was launched in March 2024, which has gained a massive popularity due to the potential to earn a new TON-based crypto token linked to it, which is scheduled to be introduced later this year. Hamster Kombat is a Telegram-based game, requiring players to join its channel on Telegram, thereafter, scan a QR code provided by a bot, and then launch a web app on their Android device to play it.
The game has reached a massive growth after its successful launch, with over 250 million players and 53 million users on it's Telegram channel. Due to its success, the game has already attracted limitless copycats that duplicate its name and icon, and has similar gameplay.
It is discovered by the ESET researchers that threat actors have also started to capitalize on Hamster Kombat's popularity. Many of the players are trying to obtain games and related software from unofficial sources, thus, exposing them to the risks. It was found various threats abusing Hamster Kombat's reputation in many places as remotely controlled Android malware spread through an unofficial Hamster Komabt Telegram channel, fake app stores that provide unwanted advertisements, and GitHub repositories distributing Lumma Steater for Windows devices.
Threat Analysis
The success of Hamster Kombat has mostly benefitted the cybercriminals, who are attempting to deploy malware targeting the players of the game. ESET Research has found that hidden threats are going after both Android and Windows users. The game is on the radar of the cyber security experts and government officials, where they are warning of potential financial risks involved in playing.
Threats to Android
There are two types of threats that has targeted the Android users- the first one is a malicious app that contains the Android spyware Ratel and second is fake website that impersonate app store interfaces claiming to have Hamster Kombat available for download.
- Ratel Spyware- A Telegram channel (http://t[.]me/hamster_easy) was found by ESET researchers that is distributing Android spyware, named Ratel, disguised as Hamster Kombat. The malware, mentioned, is enough capable of stealing notifications and sending SMS messages. The malware operators use this feature to pay for subscriptions and services with the victim's funds without the knowledge of the victim. The app only requires notification access permission, and asks to be set as the default SMS application. Once, the permissions are granted, the app gains the access to all SMS messages and is capable of intercepting all displayed notifications.
- Fake Websites- Beside the application containing the Ratel spyware, there are many fake application storefronts are discovered that claim to offer Hamster Kombat for download. As the users taps on the install button, the user sees many unwanted advertisements.
Threat to Windows
Hamster Kombat is basically a mobile game, but it is found the malware abusing the game's name to spread on Windows. The threat actors try to entice Windows users with auxiliary tools, claims to maximize in-game profits easier for players. It was also revealed that GitHub repositories are offering Hamster Kombat farm bots and auto clickers, which auto click the game. These repositories has turned out to conceal cryptors from the infamous Lumma Stealer malware.
What is Lumma Stealer?
Lumma Stealer is an info stealer that offers malware-as-a-service. This is available on dark web and on Telegram. It was first observed in 2022, which was then distributed via pirated software and spam and targeted cryptocurrency wallets, user credentials, two-factor authentication browser extensions and other sensitive information. There are three different versions of Lumma Stealer cryptors lurking within the repositories: C++ applications, Go applications and Python applications, among which only the Python applications have a graphical user interface (GUI).
Caution you should take
If you are interested in Hamster Kombat project, you should get the app from its official channel on Telegram or visit the project's website. Along with this, you must also remember that even the genuine game itself has not been scrutinized for its security, as neither it is available on Google Play nor in the App Store. The projects-'s whitepaper has not been published yet, and the token launch promises remain unfinished.
It is to be noted that the clone app on Google Play has many reports claiming that it scams users asking for withdrawal fees and never performs the money withdrawal. Users must distrust Hamster Kombat copycat apps that may contain malware and can cause fraudulent scams.
Conclusion
As we talked, the rising popularity of Hamster Kombat makes it ripe for abuse, which is likely to attract more and more malicious actors in the coming days. We see many Hamster Kombat copycat apps exists that appear to be malware-free. It was discovered that a remotely controlled trojan is distributed through Telegram disguised as a game. The malware is capable of sending SMS messages, making phone calls and concealing its actions by hiding notifications that may suggest the device is compromised. Beside the Android trojan, many fake app stores are found that claims to offer Hamster Kombat for download, the links, however, lead to unwanted advertisements. As last, we see the Windows platform is not left behind. There are many GitHub repositories, mostly uncovered, that lures gamers in with the promise of Hamster Kombat farm bots and auto clickers but, in real, they serve the victims with cryptors containing Lumma Stealer.
.png)
Comments
Post a Comment