Hamster Kombat Malware Puts 250 Million Players at Risk 

2 Mins Read

PureVPNNewsHamster Kombat Malware Puts 250 Million Players at Risk 

Cybercriminals are capitalizing on the popularity of the mobile game Hamster Kombat, targeting its extensive player base with spyware and data-stealing malware. With over 250 million users, the game involves completing simple tasks to generate fictional currency. Launched earlier this year, Hamster Kombat has quickly attracted a strong following due to the prospect of earning a new TON-based crypto token, which is set to arrive later this year.

How Players are Being Targeted?

Despite its vast following, Hamster Kombat is not available on Google Play or App Store, but rather operates through a Telegram-based setup. Players must join a specific Telegram channel, scan a QR code, and launch a web app on their Android devices. This unique method of distribution has made it easier for threat actors to exploit unwary users.

Hamster Kombat’s game interface (Source: ESET)

Security firm ESET has discovered several deceptive tactics employed by these cybercriminals. One involves a clone app named ‘Hamster Kombat – Earn Crypto,’ which mimics the official game on Google Play, thus misleading players. Moreover, numerous malicious channels on Telegram have been found to distribute Android malware under the guise of the official game. 

ESET specifically mentions a channel named ‘HAMSTER EASY’ that distributes the Ratel Android spyware through an APK file named ‘Hamster.apk,’ which lacks any legitimate functionality.

Ratel spyware is particularly insidious, capable of intercepting SMS and device notifications. It primarily tricks victims into subscribing to premium services, allowing malware operators to profit. The malware is designed to hide notifications from over 200 apps, ensuring the victims remain unaware of these unauthorized subscriptions.

Another malicious campaign uses deceptive websites like ‘hamsterkombat-ua.pro’ and ‘hamsterkombat-win.pro.’ These sites pretend to offer the game but instead redirect visitors to ads, generating money for the scammers.

Extending Beyond Android to Windows Platforms

ESET reports that scams under the name Hamster Kombat are also targeting Windows users, distributing Lumma Stealer via deceptive GitHub repositories that claim to provide farming bots for the cryptocurrency game.

“The GitHub repositories we found either had the malware available directly in the release files, or contained links to download it from external file-sharing services,” revealed ESET.

The Lumma Stealer malware comes in three versions—C++, Go, and Python applications—with the Python version being notably sophisticated, featuring a graphical installer that deceives users until the malware is fully installed.

Fake installer (Source: ESET)

How to Stay Safe

For players genuinely interested in Hamster Kombat, the safest way to access the game is directly through its official Telegram channel or the project’s website. However, even the legitimate version of the game has yet to be thoroughly vetted for security since it is not hosted on major app platforms. 

Moreover, the project’s whitepaper remains unpublished. Additionally, users should be wary of the clone app on Play Store, which has multiple reports of scamming users by charging withdrawal fees without actually processing transactions.

author

Anas Hasan

date

July 24, 2024

time

7 months ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.