Hamster Kombat Players Threatened by Spyware & Infostealers

Malicious actors are targeting users of a mobile currency game by using fake Android and Windows software that installs spyware and other malware.

Hamster Kombat launched in March and already has more than 250 million users, likely due to the promises of winning TON-based cryptocurrency. The game is for Android users, who can earn in-game currency by completing certain tasks within the game.

To play, users must join the game's Telegram channel, scan a QR code, and then launch a Web app on their device. When users first search for the game's Telegram channel, they are likely to come across other Hamster-branded channels attempting to distribute Android malware. One channel, named "HAMSTER EASY," even distributes Ratel Android spyware as an APK file.

This malware can allow the threat actors to subscribe the victim to different services and hide the notifications so that they remain unaware.

Other fake websites include "hamsterkombat-ua.pro" and "hamsterkombat-win.pro," which redirect visitors to advertisements to generate money instead of the real game. 

On the Windows platform, researchers discovered GitHub repositories that promise its victims Hamster Kombat farm bots and autoclickers but instead deliver cryptors that contain Lumma Stealer, info-stealer malware.

As the game continues to grow in popularity among users, it will continue to attract malicious actors, so users should be wary of being tricked by threat actors and copycat apps and remain vigilant when downloading software.