New research from Kaspersky found
that cybercriminals have been exploiting the increased popularity of
video games during lockdown to launch attacks. In April, the daily
number of blocked attempts to direct users to malicious gaming-themed
sites increased by 54%, compared to January, 2020. Also in April, the
number of blocked attempts to direct users to phishing pages for one of
the most popular gaming platforms increased by 40%, compared to February
2020.
This
spring, lockdown measures sent people around the world indoors, and
millions turned to online entertainment, including video games.
Beginning in March, Steam, the most popular online gaming platform,
community, and store, reached an all-time record for both active users and concurrent users actively playing games.
In
response to this trend, Kaspersky researchers decided to look deeper
into the threat landscape of video games during the lockdown period.
What they found, not surprisingly, was that cybercriminals have been
exploiting the increased interest in video games to launch various
attacks.
According
to data from Kaspersky Security Network, there was a 54% increase in
the daily number of attempts to direct users to malicious gaming-themed
sites from January to April.
Users
are often lured by promises of free versions of popular games, updates
and extensions, or cheats. However, if users click on these links, a
wide variety of malicious programs can be downloaded, from
password-stealing malware to ransomware and miners, software that
secretly mines cryptocurrency from the victim's computer.
Daily numbers of web attacks using the theme of online games as a lure, January-May 2020
The
game most often used by criminals was Minecraft, one of the most
popular games ever made. Its name was used in more than 130,000 web
attacks. The other most popular games used in attacks were
Counter-Strike: Global Offensive and The Witcher 3.
What's
more, according to statistics from Kaspersky's Anti-Phishing System,
compared with February, the number of blocked redirects to phishing
pages that contained the word "Steam" increased by 40% in April.
"Many
of these video game-related attacks are not particularly sophisticated;
there is a large user component to their success," said Maria
Namestnikova, security expert at Kaspersky. "The past few months have
shown that users are highly susceptible to falling for phishing attacks
or clicking on malicious links when it comes to games-whether they're
looking to find pirated versions or eager for a cheat that will help
them win."
"Now
that many players started using the same machines that they use to
enter corporate networks for games, their cautiousness should be
doubled: risky actions make not only personal data or money vulnerable
but also corporate resources," said Yury Namestnikov, security expert at
Kaspersky. "When working from home, if possible, try to avoid mixing
your personal computer with the one you use for accessing a corporate
network."
Read more about video game-related cybercrime on Securelist.
To stay safe from attacks while playing video games, Kaspersky experts recommend:
- Use strong passwords and two-factor authentication (2FA) where possible to protect your video gaming accounts
- Be wary of any cheats and pirated copies of video games, since it's one of the favorite lures used by cybercriminals
- Use a reliable security solution like Kaspersky Security Cloud that identifies malicious downloads, blocks phishing sites, and prevents redirects to malicious pages
- During the game, don't switch off your security solution, but turn on gaming mode, which consumes fewer resources.