Virtualization Technology News and Information
Article
RSS
Kaspersky: More than 4 million cyberattacks targeted gamers in 2023

A comprehensive investigation by Kaspersky has found that more than four million infection attempts targeted the global gaming community between July 1, 2022 and July 1, 2023. During the analyzed period, cybercriminals launched a range of attacks, including Distributed Denial of Service (DDoS) attacks, cryptocurrency mining, complex Trojan or phishing campaigns and using web vulnerabilities.

Kaspersky solutions detected 4,076,530 desktop infection attempts involving 30,684 unique files masked as popular games, mods, cheats, and other game-related software. These incidents affected 192,456 users worldwide. These files - primarily classified as unwanted software and often labeled as not-a-virus:Downloader (89.7% of detected files) - are not innately dangerous, but they are capable of downloading various other programs, even malicious ones, onto the user's device. Adware (5.25%) and Trojans (2.39%) were also noteworthy threats to desktop gamers.

Minecraft emerged as the favored target among cybercriminals, responsible for triggering 70.29% of all alerts. The threats that used Minecraft as bait impacted 130,619 players across the globe during the reporting period. Roblox was the second most-targeted game title, contributing to 20.37% of all alerts, affecting 30,367 users. Counter-Strike: Global Offensive (4.78%), PUBG (2.85%), Hogwarts Legacy (0.60%), DOTA 2 (0.45%), and League of Legends (0.31%) were also among the prominent games subjected to cyber threats.

The mobile gaming community, which, according to the Newzoo 2023 report, consists of over three billion gamers, or nearly 40% of the world's population, is characterized by its significant growth and accessibility, and has become an enticing target for cybercriminals. Between July 1, 2022, and July 1, 2023, Kaspersky documented 436,786 attempts to infect mobile devices, impacting 84,539 users.

Various game titles were employed as bait to target mobile gamers. Minecraft enthusiasts once again were the primary targets, as 90.37% of attacks focused on them. Indonesian users in particular faced exploitation through Minecraft, resulting in a Trojan.AndroidOS.Pootel.a attack, discreetly registering mobile subscriptions. The Islamic Republic of Iran witnessed the highest prevalence of these attacks, with 140,482 alerts impacting 54,467 Minecraft players.

PUBG: Battlegrounds Battle Royale was the second most exploited mobile game among cybercriminals, accounting for 5.09% of all alerts, with the majority of incidents occurring in the Russian Federation. Roblox (3.33%) ranked third in terms of detections but second in the number of affected users.

A noteworthy discovery involved the emergence of SpyNote, a spy Trojan distributed among Roblox users on the Android mobile platform under the guise of a mod. This Trojan exhibits various spying capabilities, including keylogging, screen recording, video streaming from phone cameras, and the ability to impersonate Google and Facebook applications to deceive users into divulging their passwords.

Phishing and counterfeit distribution pages continue to pose a significant threat to gamers. Malicious and undesired software often masquerades as popular games, disseminated through third-party websites offering pirated versions. These deceptive pages typically display inflated download counts, potentially misleading users into a false sense of security. Nonetheless, clicking the download button typically results in an archive that may contain harmful or unrelated elements, diverging from the promised content.

"In the dynamic gaming industry, which hosts a wealth of personal and financial data, cybercriminals are seizing enticing opportunities," said Vasily Kolesnikov, cybersecurity expert at Kaspersky. "They exploit gaming accounts by pilfering in-game assets, virtual currency, and selling compromised gaming accounts, often with real-world value. The relentless pursuit of personal data has led to a surge in ransomware attacks, even affecting professional gamers who depend on uninterrupted play. This underscores the critical need for enhanced cybersecurity awareness within the gaming community."

The full report is available on Securelist.

Published Tuesday, November 07, 2023 9:37 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789