Cybercriminals are capitalizing on the massive popularity of the mobile game Hamster Kombat, which has attracted over 250 million players since its March 2024 launch. The game, a clicker-style app where users earn fictional currency by tapping their screens, has become a prime target for attackers using fake applications and deceptive channels to distribute spyware and other malicious software. With the promise of a future cryptocurrency token linked to the game, the allure has drawn a significant number of players, making it an attractive vector for cybercriminals looking to exploit the game’s success.
The game operates primarily through Telegram, requiring players to join its channel, scan a QR code, and launch a web app on their Android devices. However, the genuine Hamster Kombat app is not available on official app stores, leaving users vulnerable to clone apps distributed through unofficial channels. Security researchers at ESET have identified several malicious campaigns leveraging the game’s popularity. These campaigns involve distributing Android malware via Telegram channels, such as one named ‘HAMSTER EASY’, which spreads the Ratel spyware disguised as a legitimate game app. This malware intercepts SMS and device notifications to covertly subscribe victims to premium services, generating revenue for the attackers without the users’ consent.
In addition to targeting Android users, the malicious campaign extends to Windows platforms. ESET reports that fake websites and repositories, such as ‘hamsterkombat-ua.pro’ and ‘hamsterkombat-win.pro’, are used to deceive users into downloading malware. These fake sites often redirect visitors to advertisements or offer malicious downloads disguised as farming bots for the cryptocurrency game. Among the identified threats is the Lumma Stealer, distributed through compromised GitHub repositories. This malware comes in various forms, including C++, Go, and Python applications, with the Python variant featuring a graphical installer to further trick users.
Players interested in Hamster Kombat are advised to exercise extreme caution. The game’s absence from official app stores and the presence of numerous copycat apps raise significant red flags. The genuine game is only available through its official Telegram channel, and even then, it has not undergone rigorous security scrutiny.
Reference:
