Threat actors are targeting Hamster Kombat players with fake Android and Windows software that installs spyware and steals information. The game, launched in March 2024, has gained massive popularity with over 250 million players and 53 million users on its Telegram channel.
The game requires players to join its Telegram channel, scan a QR code, and launch a web app on their Android devices. This makes it easy for cybercriminals to distribute malware through fake Hamster Kombat channels on Telegram.
ESET has found multiple cases of threat actors using the game as bait, even targeting Windows users with Lumma Stealer malware distributed through malicious GitHub repositories. The malware hides notifications from 200 apps and is used to subscribe victims to premium services, generating money for the attackers.
To avoid falling victim to these attacks, players should only get the genuine Hamster Kombat game from its official Telegram channel or website, and be cautious of clone apps on Google Play or other platforms.
Source: https://www.bleepingcomputer.com/news/security/hamster-kombats-250-million-players-targeted-in-android-windows-malware-attacks/