Any Pokémon fans duped into downloading the software would instead find themselves installing a disguised NetSupport Remote Administration Tool on their computer. While this software does have legitimate use cases in support environments, it is one of a selection of such commonly used tools that have been co-opted by scammers to gain remote access to people's computers to facilitate a variety of scams, including identify theft, as well as adding infected computers to botnets. Typically distributed by scammers through links and attachments in phishing emails, the software allows attackers complete control over a system, including basic functions such as access to files and web browsing history, clipboard contents, and capturing the user's screen, as well as the ability to execute arbitrary commands and code.
By presenting their software as a Beta, the hackers in this instance may have been trying to take advantage of the ongoing Beta for the Pokémon TCG Live, which is expected to replace the Pokémon Trading Card Game Online software some time during 2023, to present their game as legitimate to fans who may have been confused about changes happening with the new software.
Pokémon has sadly had to deal with several scams related to supposed NFT games in the recent past. In December, The Pokémon Company International sued one fraudster in the Federal Court of Australia for misrepresentation and misuse of Pokémon Trademarks in the advertising and creation of a Pokémon NFT game, which the fraudsters had claimed would be released this year on January 23rd.
- Sources
Distribution of NetSupport RAT Malware Disguised as a Pokemon Game - ASEC BLOG
NetSupport Manager is a remote control tool that can be installed and used by ordinary or corporate users for the purpose of remotely controlling systems. However, it is being abused by many threat actors because it allows external control over specific systems. Unlike backdoors and RATs (Remote...
asec.ahnlab.com
