TLDR
- Hamster Kombat, a popular mobile game with over 250 million players, has become a target for cybercriminals.
- Malicious actors are distributing fake Android and Windows software that install spyware and information-stealing malware.
- The game’s popularity is tied to potential earnings from a promised cryptocurrency token.
- Threats include Android spyware called Ratel, fake app stores with unwanted ads, and Windows malware like Lumma Stealer.
- Cybersecurity researchers warn that the game’s structure makes it vulnerable to exploitation.
Hamster Kombat, a mobile game that has taken the world by storm since its launch in March 2024, is now facing a new challenge: cybercriminals. With over 250 million players and 53 million users on its Telegram channel, the game has become a prime target for malicious actors looking to exploit its popularity.
The game, which involves players tapping their screens to earn fictional currency, has gained significant interest due to the promise of a new cryptocurrency token tied to it.
This potential for real-world earnings has not only attracted millions of players but also caught the attention of cybercriminals.
Cybersecurity researchers from ESET and other firms have identified several threats targeting Hamster Kombat players. These include Android malware, fake app stores, and Windows-based malware, all designed to take advantage of users seeking to download or enhance their gaming experience.
One of the primary threats is an Android spyware called Ratel. This malware is being distributed through unofficial Telegram channels that mimic the official Hamster Kombat channel.
Ratel can intercept SMS messages and device notifications, and is primarily used to subscribe victims to premium services without their knowledge. The malware hides notifications from 200 apps, making it difficult for users to realize they’ve been compromised.
Another risk comes from fake websites and app stores claiming to offer the Hamster Kombat game for download.
Instead of providing the game, these sites often redirect visitors to advertisements, generating money for the scammers. Some of these fake sites even mimic the Google Play store interface to appear more legitimate.
Windows users are not immune to these threats. Researchers have discovered malicious GitHub repositories claiming to offer “farming bots” or auto-clickers for Hamster Kombat. In reality, these repositories distribute Lumma Stealer, a type of malware that targets sensitive information such as cryptocurrency wallets and user credentials.
The structure of Hamster Kombat makes it particularly vulnerable to these types of scams. The game is Telegram-based and not available on official app stores, requiring players to join its channel on Telegram, scan a QR code, and launch a web app on their Android devices.
This unconventional distribution method makes it easier for cybercriminals to create convincing fakes.
Cybersecurity experts warn that the game’s popularity and the promise of cryptocurrency earnings make it “ripe for abuse.” They expect that Hamster Kombat will likely attract more malicious actors in the future.
Government officials in countries where the game is particularly popular, such as Russia, Uzbekistan, and Ukraine, are advising users to be cautious. Cybersecurity researchers emphasize the importance of obtaining games and related software only from official sources.
Players are advised to be wary of any offers that seem too good to be true, such as tools promising to automate gameplay or provide easy earnings. They should also be cautious about granting permissions to apps, especially those requesting access to sensitive information or system functions.