Fake Pokémon NFT Game Infests Users’ Computers With Malware

AhnLab’s analysis team revealed that the hackers utilized NetSupport RAT to take over users’ computers.

Pokemon Pikachu crying
  • A fake Pokémon NFT game has been reported to infect users’ computers with malware. 
  • Korean Security Firm AhnLab found hackers exploiting a remote control tool to take control of users’ devices. 

The security firm notified the community that the reported malware was distributed through a phishing page disguised as a Pokémon NFT card game. Upon downloading the game, users’ computers were put at risk, and they would lose control to hackers.

Team Rocket? Rats? Or Hackers?

AhnLab shared a detailed report on January 6th. The security firm’s analysis team revealed that the hackers utilized a NetSupport Remote Administration Tool (RAT) to take over users’ computers. 


NetSupport Manager is a remote control tool that corporate and ordinary users use to remotely control systems. While developers may not have developed remote administration tools like NetSupport with malicious intent, many threat actors use them for malicious purposes. These include installing additional malware and extorting information. 

The security firm shared that hackers have consistently used NetSupport RAT. It is distributed via spam emails, phishing pages, and other means. 

The purported Pokémon game would install a NetSupport RAT when users would attempt to play the game. The downloaded file, disguised with a Pokémon card game icon, reportedly duped users into thinking they had downloaded the game. 

Moreover, AhnLab revealed that the Fauxkémon installer would reportedly create hidden NetSupport RAT-related files on users’ computers, allowing the malware to be run even after a reboot. 


Upon examination, the security firm found another phishing page with the same format as the fake Pokémon card game that exploited the same method, installing NetSupport RAT malware on users’ computers. 

At reporting time, the purported websites are redirecting to the official Pokémon website. However, it’s reasonable to infer that the risk of another attack is imminent. 

On the Flipside

  • The Pokémon Company International (TCPI) recently sued Pokémon Pty Ltd, an Australian company claiming to be launching an NFT-based game in collaboration with TCPI. 
  • Pokémon NFT card games tend to lure many enthusiasts into downloading malware. Furthermore, this isn’t the first time users have been tricked into downloading a fake game. 

Why You Should Care

Pokémon is one of the most overall influential franchises of the 21st century. The franchise’s popularity is also a huge factor in luring innocent enthusiasts and collectors into traps. Scams are easier to sell to unaware fans, whether Pokémon card trading, NFTs, or traditional games, because of the platform’s popularity. Hence, the rising number of Pokémon-related scams in Web3 is a daunting issue. But users can protect themselves by performing due diligence and taking the right precautions.


Read about other Pokémon scams:
Pokémon Puts Unlicensed Web3 Replica on Trial; Defendant Fails to Show Up

Read how auditors detect scams:
How Auditors Detect DeFi Rug Pull Scam: Can You Do It Yourself?

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Insha Zia

Insha Zia is a senior journalist at DailyCoin covering crypto developments, especially in the Cardano ecosystem. With a Bachelor of Science in Computer Systems Engineering, he delivers high-quality articles with his technical background and expertise in data analysis and programming languages, aiming to educate and inform readers accurately, transparently, and engagingly. Insha believes education can drive mass adoption of the crypto space, and he is committed to giving DailyCoin readers a better understanding of the technology.