Attention: fake Pixelmon NFT website infects users with malware16. May 2022
Attention: fake Pixelmon NFT website infects users with malware
San Francisco, 5/16/2022
Pixelmon is a popular NFT project whose plan includes creating an online metaverse game where you can collect, train and fight other players with Pixelmon pets. It has over 250,000 followers on social media.
Background: threat actors copied the legitimate website pixelmon.club and created a fake version under pixelmon[.]pw to spread malware.
One of the files distributed by this malicious website is setup.zip, which installs a file named System32.hta.
This file is used to download Vidar, a malware that steals passwords and allows the threat actor to take control of the account.
Cyberattacks on cryptocurrencies are becoming more and more frequent – just a few days ago, a new malware campaign called Fake Binance NFT Mystery Box surfaced.
A few months ago, the most popular NFT game in the world, Axie Infinity, was hacked by threat actors who caused over $600 million in damage.