Introduction
What is Hamster Kombat?
Hamster Kombat is a clicker mobile game for Android, launched in March 2024. Players earn fictional currency by completing simple tasks, mainly by tapping the screen. The game has gained significant interest because it promises a new TON-based crypto token, scheduled to be introduced later this year. With over 250 million players and 53 million users on its Telegram channel, Hamster Kombat has seen tremendous growth.
The Cyber Threat
Despite its popularity, Hamster Kombat’s success has attracted cybercriminals. The official game is only available through Telegram, making it easy for scammers to target interested players with fake apps and websites.
Fake Apps on Google Play
One of the main threats is a fake app on Google Play named “Hamster Kombat – Earn Crypto.” Although Google has removed this app, it initially tricked many users. The genuine Hamster Kombat game is not available on any official app stores, only through Telegram. This makes it difficult for users to find the legitimate version and easy prey for scammers.
Malware on Telegram Channels
ESET, a cybersecurity company, discovered several cases where threat actors use the Hamster Kombat game to spread malware. A fake Telegram channel named “HAMSTER EASY” distributes the Ratel Android spyware as an APK file called ‘Hamster.apk.’ This file does not contain any legitimate functionality. Ratel spyware can intercept SMS and device notifications and is mainly used to subscribe victims to premium services, from which the malware operators profit. The spyware hides notifications from 200 apps, so the victim never realizes they have subscribed to various premium services.
Fake Websites
Scammers have also created fake websites like ‘hamsterkombat-ua.pro’ and ‘hamsterkombat-win.pro.’ These sites claim to offer the game but redirect visitors to advertisements to generate money. This is another way cybercriminals exploit Hamster Kombat’s popularity to deceive users.
Targeting Windows Users
ESET also found that Hamster Kombat-branded scams target Windows users. The Lumma Stealer malware is distributed through malicious GitHub repositories claiming to offer farming bots for the cryptocurrency game. These repositories either have the malware directly in the release files or contain links to download it from external file-sharing services. Three different versions of Lumma Stealer were identified: C++ applications, Go applications, and Python applications. The Python version was particularly deceptive, featuring a graphical installer to disguise the malware until the end of the installation process.
How to Protect Yourself
If you’re interested in the Hamster Kombat project, follow these steps to stay safe:
- Get it from the Official Source: Only download the game from its official channel on Telegram or visit the project’s website.
- Be Cautious: Even the genuine game hasn’t been thoroughly scrutinized for security. It is not available on Google Play or the App Store, the whitepaper hasn’t been published yet, and the token launch promises remain unfulfilled.
- Avoid Clone Apps: There are reports that the clone app on Google Play scams users by asking for withdrawal fees and never performing the money withdrawal.
- Treat Copies with Distrust: Be wary of any Hamster Kombat copycat apps distributed via any platform. Even if they don’t contain malware, they are almost definitely scams.
Conclusion
In the world of cryptocurrency gaming, Hamster Kombat’s rapid rise has made it a target for cybercriminals. By staying informed and cautious, you can protect yourself from falling victim to these scams. Always verify the legitimacy of the software and websites you use, and prioritize security to enjoy a safer gaming experience.
For those interested in cryptocurrency gaming projects, Decrypt.co has compiled a list of projects that launched tokens in 2024 and have a functional system in place. Consider investing your time in these more secure alternatives. Stay tuned for more updates on Scam and Cyber Crime News. At The Scam Protector, we save people from getting scammed by raising awareness and informing them about prevalent online scams. You can do it too just by joining our tribe on Twitter , Facebook, Quora, Reddit, LinkedIn, and Whatsapp channel.
Stay safe and happy gaming!
