An NFT-themed Pokémon card game has been revealed to be a fake game, used by hackers to gain access to your computer. The game, somewhat simply titled "Pokémon Card Game", infects a target computer by having victims click a compromised link, which installs remote control software that can be used to harvest data and make the device more vulnerable to other attacks.
It’s a pretty convincing fake, by most accounts. NFTs and Pokémon are two things that could, at a distance, work together pretty well. So, an NFT Pokémon game isn’t outside of the realms of possibility for many people. Nintendo has also expressed a cautious interest in NFT games, but hasn’t announced any projects.
The hackers behind the Pokémon Card Game have also created a pretty convincing website and an NFT marketplace to trade Pokémon. The install even creates a somewhat official looking install icon and information.
Of course, it isn’t anywhere close to official, and clicking the "Install now" button actually just downloads an installer that hides a tool named NetSupport into your file system, creating a vulnerable back door into your system. At the front end, the official looking and colorful install icon just makes it more likely a victim buys into the scam.
It’s not hard to see why hackers would use Pokémon as the key for their attack. As mentioned before, an NFT-themed Pokémon game seems like a good fit, but there’s also been an explosion in popularity for Pokémon since the release of Pokémon Scarlet and Violet in November of 2022. It also continues to be one of the world’s most popular franchises, with fans spanning several generations, with no sign of its popularity ending any time. As such, this attack would be easy to aim at fans of the series who are looking for more Pokémon experiences, or -- heartbreakingly -- younger fans who might not be able to afford the latest games who simply want a way to play something new that’s Pokémon-themed.
As always, the best advice for anyone on the internet is to be extremely careful about anything you download, and to ensure to do your research on any new "games" you come across. If you can’t find official documentation about it, it may well be a fake game like Pokémon Card Game.