The tapestry of threats targeting Hamster Kombat players

July 24, 2024, 9:16 p.m.

Description

This analysis delves into the various malicious threats capitalizing on the immense popularity of the Hamster Kombat mobile game. It reveals that cybercriminals are exploiting players' interests by distributing Android spyware disguised as the game through unofficial channels, as well as creating fake app stores delivering unwanted ads. Additionally, it uncovers GitHub repositories purporting to offer automation tools but actually containing Windows-based Lumma Stealer cryptors. The report serves as a cautionary tale about the risks of obtaining games and software from unverified sources.

External References

https://www.welivesecurity.com/en/eset-research/tap-estry-threats-targeting-hamster-kombat-players/
https://otx.alienvault.com/pulse/66a168016405a2c708172810
Tags
android
spyware
2024-07-24

Date

  • Created: July 24, 2024, 8:45 p.m.
  • Published: July 24, 2024, 8:45 p.m.
  • Modified: July 24, 2024, 9:16 p.m.

Indicators

  • 77.91.124.14
  • 146.19.207.14
  • museumtespaceorsp.shop
  • negotitatiojdsuktoos.shop
  • corruptioncrackywosp.shop
  • thidrsorebahsufll.shop
  • snaillymarriaggew.shop
  • meltedpleasandtws.shop
  • varianntyfeecterd.shop
  • flourhishdiscovrw.shop
  • conferencefreckewl.shop
  • notoriousdcellkw.shop
  • liabiliytshareodlkv.shop
  • vivaciousdqugilew.shop
  • understanndtytonyguw.shop
  • stickyyummyskiwffe.shop
  • patternapplauderw.shop
  • horsedwollfedrwos.shop
  • greentastellesqwm.shop
  • distincttangyflippan.shop
  • detailbaconroollyws.shop
  • considerrycurrentyws.shop
  • tolerateilusidjukl.shop
  • shatterbreathepsw.shop
  • productivelookewr.shop
  • incredibleextedwj.shop
Download all indicators here!

Attack Patterns

  • Lumma Stealer
  • Ratel