Millions of Android owners are at risk of a malware attack that silently raids their bank accounts and prevents other apps from alerting them. The cyberattack tricks Android users into installing malware that secretly subscribes them to premium paid services, according to researchers.
Various Hamster-branded channels have emerged, distributing Android malware to those searching for the official channel. Fake websites that claim to offer the game, but instead redirect visitors to ads to watch so hackers can generate even more money, have also been discovered.
Hamster Kombat: A New Target for Cybercriminals
It can also block roughly 200 apps from sending notifications to your phone. Researchers at ESET, a cybersecurity company, said the hackers are taking advantage of the sudden popularity of a new game called Hamster Kombat. Hamster Kombat is an Android mobile app where players earn in-game currency by completing simple tasks, primarily by tapping the screen.
Players of the game, which launched in March 2024, have been targeted with fake Android software that actually installs spyware and information-stealing malware on devices. The app is not available in the Google Play Store, where it would be subject to security checks. Instead, it’s downloadable through the official Hamster Kombat Telegram channel. Players are required to join the Hamster Kombat channel on Telegram, scan a QR code provided by a bot, and then launch a web app on their Android devices to play it. However, this makes the game and its players easy targets for cybercriminals and scammers.
How to Spot a Dodgy App
Detecting a malicious app before you hit the ‘Download’ button is easy when you know the signs. Follow this eight-point checklist when you’re downloading an app you’re unsure about:
- Check the reviews: Be wary of both complaints and uniformly positive reviews by fake accounts.
- Look out for grammar mistakes: Legitimate app developers won’t have typos or errors in their app descriptions.
- Check the number of downloads: Avoid apps with only several thousand downloads, as it could be fake.
- Research the developer: Do they have a good reputation? Or, are they totally fake?
- Check the release date: A recent release date paired with a high number of downloads is usually bad news.
- Review the permission agreement: This agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
- Check the update frequency: An app that is updated too frequently is usually indicative of security vulnerabilities.
- Check the icon: Look closely, and don’t be deceived by distorted, lower-quality versions of icons from legitimate apps.
All of this information will be available in both Apple’s App Store and the Google Play Store. Stay vigilant and protect your device from potential threats.