Players of the Telegram-based game Hamster Kombat are facing a new threat from cybercriminals promoting phishing scams.
Fake airdrop
Kaspersky, the renowned cybersecurity firm shared that phishing schemes targeting gamers have become more common in the last weeks.
And it seems, Hamster Kombat is the most popular game now. The attackers are using various methods to trick Hamster Kombat players, as some scammers send phishing links, promising to convert in-game tokens into fiat currency, especially Russian rubles.
These links allow hackers to gain control of users’ accounts, which they then use for malicious purposes like stealing data and sending fraudulent, likely scam messages.
Some victims also reported being blackmailed after losing control of their accounts.
Another common tactic involves fake airdrop links. These links often contain malicious codes designed to steal the private keys of users’ crypto wallets or gain authorization to access their wallets.
Fake pages promising free coins or easy withdrawals became widespread. The increase in these phishing incidents may be linked to Hamster Kombat’s plans to launch a new token.
The tap-to-earn game already gained over 250 million users in less than 100 days and is teasing a token launch.
The HMSTR token is already listed for pre-trading on Bybit, and a partnership with Crypto.com was announced.
The old method
These phishing scams are part of a larger trend this year. Data from ScamSniffer shows victims lost $314 million to phishing attacks across all EVM chains in the first six months of 2024, surpassing the total amount stolen in 2023.
Half time! Scammers are using various methods to carry out these attacks, including permit phishing signatures that allow scammers to sign transactions off-chain and address spoofing, which tricks users into sending funds to the wrong address.
If it’s trending, it’s tempting target
Scammers often exploit trending events to lure victims. Good example the WazirX exploit, as after that several fake accounts and phishing websites appeared, pretending to be the exchange and promising refunds to users.
If they typed their login credentials on these sites, it’s over. The attackers got their passwords.
Cybersecurity experts note that most Hamster Kombat-focused phishing schemes currently target Russians, but the attackers may soon expand their reach to other regions where the game is popular, such as the Philippines and Nigeria.
