In the first half of 2022, Kaspersky researchers detected increased activity of cybercriminals abusing gamers.
Globally, the number of users attacked by malicious software, which gathers sensitive data and spreads under the guise of some of the most popular gaming titles, has increased by 13% compared to the first half of 2021.
In attempts to download new games from untrustworthy resources for free, players got malicious software instead, losing their gaming accounts and even funds. These and other findings are part of the report on the gaming-related threat issued by Kaspersky.
To assess the current landscape in gaming risks, Kaspersky experts observed the most popular PC and mobile games-related threats.
Globally over the year (from 1 July 2021 to 30 June 2022), Kaspersky security solutions detected more than 384,000 users affected by almost 92,000 malicious or unwanted unique files that mimicked 28 games or series of games.
Over the same period, in South Africa, 1,561 unique users were affected by 1,268 malicious and unwanted files. And in Kenya, 1,159 unique users were affected by 968 malicious and unwanted files.
In addition to the large number of downloaders that are able to install other unwanted programs and adware, Kaspersky researchers even detected Trojan-Spies – a category of spyware capable of tracking any data entered on the keyboard and taking screenshots.
Most often users receive malicious files when they try to download games not from official sites, but from third-party webpages.
This is especially true if a new game is quite expensive and the player wants to save money by finding a copy for free on untrustworthy sites. However, they will lose much more than if they bought a legitimate version. For example, many malicious files steal login information for gaming accounts, banking details, and even crypto wallet data by infecting devices.
Attackers purposely seek to spread threats under the guise of games that either has a huge captive audience or that have only recently been released and are constantly on gamers’ radars.
Well-known games such as Roblox, FIFA, or Minecraft, for example, as well as the new parts of big series of games, released during the last year – Elden Ring, Halo, and Resident Evil – were actively abused by attackers who spread RedLine malware under their guise.
RedLine is password-stealing software, which extracts sensitive data from the victim’s device such as passwords, saved bank card details, cryptocurrency wallets, and credentials for VPN services.
Globally over the year (from July 1, 2021, to June 30, 2022) Kaspersky solutions detected 2,362 unique users attacked with RedLine, spread under the guise of popular games, which makes it the most active threat family for the period given. Redline is usually sold for a very low price on various hacker forums, therefore, it has huge popularity among cybercriminals.
In addition to spreading malicious files, attackers continue to actively create and spread new phishing pages in the gaming sphere. For the first time, Kaspersky experts discovered a new scheme of phishers attacking gamers.
Mimicking the whole interface of in-game stores for CS: GO, PUBG, and Warface, scammers create fraudulent pages, offering potential victims a decent arsenal of various weapons and artifacts for free. To receive the gift, players need to enter login data for their social network accounts, such as Facebook or Twitter.
After taking over accounts, attackers are likely to search through personal messages for card details, or ask various friends of the victim for money, preying on their trust and carelessness.
Scammers create fake in-game stores mimicking the PUBG mobile interface. The scheme encourages users to log in using their social media credentials
Read about other gaming-related threats in 2022 in the full report on Securelist