A
comprehensive investigation by Kaspersky has found that more than four million
infection attempts targeted the global gaming community between July 1, 2022
and July 1, 2023. During the analyzed period, cybercriminals launched a range
of attacks, including Distributed Denial of Service (DDoS) attacks,
cryptocurrency mining, complex Trojan or phishing campaigns and using web
vulnerabilities.
Kaspersky
solutions detected 4,076,530 desktop infection attempts involving 30,684 unique
files masked as popular games, mods, cheats, and other game-related software.
These incidents affected 192,456 users worldwide. These
files - primarily classified as unwanted software and often labeled as
not-a-virus:Downloader (89.7% of detected files) - are not innately dangerous,
but they are capable of downloading various other programs, even malicious
ones, onto the user's device. Adware (5.25%) and Trojans (2.39%) were also
noteworthy threats to desktop gamers.
Minecraft
emerged as the favored target among cybercriminals, responsible for triggering
70.29% of all alerts. The threats that used Minecraft as bait impacted 130,619
players across the globe during the reporting period. Roblox was the second
most-targeted game title, contributing to 20.37% of all alerts, affecting
30,367 users. Counter-Strike: Global Offensive (4.78%), PUBG (2.85%), Hogwarts
Legacy (0.60%), DOTA 2 (0.45%), and League of Legends (0.31%) were also among
the prominent games subjected to cyber threats.
The
mobile gaming community, which, according to the Newzoo 2023 report,
consists of over three billion gamers, or nearly 40% of the world's population, is characterized by its significant
growth and accessibility, and has become an
enticing target for cybercriminals. Between July 1, 2022, and July 1, 2023,
Kaspersky documented 436,786 attempts to infect mobile devices, impacting
84,539 users.
Various
game titles were employed as bait to target mobile gamers. Minecraft
enthusiasts once again were the primary targets, as 90.37% of attacks focused
on them. Indonesian users in particular faced exploitation through Minecraft,
resulting in a Trojan.AndroidOS.Pootel.a attack, discreetly registering mobile
subscriptions. The Islamic Republic of Iran witnessed the highest prevalence of
these attacks, with 140,482 alerts impacting 54,467 Minecraft players.
PUBG:
Battlegrounds Battle Royale was the second most exploited mobile game among
cybercriminals, accounting for 5.09% of all alerts, with the majority of
incidents occurring in the Russian Federation. Roblox (3.33%) ranked third in
terms of detections but second in the number of affected users.
A
noteworthy discovery involved the emergence of SpyNote, a spy Trojan
distributed among Roblox users on the Android mobile platform under the guise
of a mod. This Trojan exhibits various spying capabilities, including
keylogging, screen recording, video streaming from phone cameras, and the
ability to impersonate Google and Facebook applications to deceive users into
divulging their passwords.
Phishing
and counterfeit distribution pages continue to pose a significant threat to
gamers. Malicious and undesired software often masquerades as popular games,
disseminated through third-party websites offering pirated versions. These
deceptive pages typically display inflated download counts, potentially
misleading users into a false sense of security. Nonetheless, clicking the
download button typically results in an archive that may contain harmful or
unrelated elements, diverging from the promised content.
"In
the dynamic gaming industry, which hosts a wealth of personal and financial
data, cybercriminals are seizing enticing opportunities," said Vasily
Kolesnikov, cybersecurity expert at Kaspersky. "They exploit gaming
accounts by pilfering in-game assets, virtual currency, and selling compromised
gaming accounts, often with real-world value. The
relentless pursuit of personal data has led to a surge in ransomware attacks,
even affecting professional gamers who depend on uninterrupted play. This
underscores the critical need for enhanced cybersecurity awareness within the
gaming community."
The full
report is available on Securelist.