So, a hot new scam is kicking around the internet, and I got to be to the front seat of an attempt. Targeting me. I got lucky – here’s the details, so you don’t have to be lucky too.
This scam has two main components:
- The attacker will add the target on Discord, Facebook, Whatsapp, etc. and say that they made a mistake adding a team mate and added you instead. They will build rapport, and try and engage with the user for 24 hrs.
2. The attacker will then push the user to download and install a cracked version of Infinity Kingdom that gives them access to the phone. They will get the player to “Add them” in the game. This will instead enable a Remote Access tool on the users system that will break out and take over the phone.
They will push and attempt to use social engineering to get you to immediately install, or as soon as possible. They will also try and dodge any personal questions, and try and high pressure you into doing it immediatly.
If you HAVE been attacked, you need to reset your Google Play password, and factory reset your phone as soon as possible. You should be fine to backup any data, as the Remote Access Tool they use is not persistent. Here are some details on how to do that:
Apple: https://support.apple.com/en-ca/108931
Samsung: https://www.samsung.com/us/support/answer/ANS10002030/
Google: https://support.google.com/pixelphone/answer/4596836?hl=en
Nokia: https://www.verizon.com/support/knowledge-base-226489/
Huawei: https://support.bell.ca/mobility/smartphones_and_mobile_internet/huawei-smartphone.how_to_erase_and_reset_to_the_factory_settings
Just remember – no one just adds you by mistake these days and then tries to talk you into playing a game. They are getting something out of it, and if you’re super unlucky, you’ll loose more than just your time.
Reddit Thread following some attempted attacks: https://www.reddit.com/r/InfinityKingdom/comments/1ht4ntx/why_is_infinity_kingdom_using_discord_spammers_to/
Leave a Reply