In the first half of 2022, Kaspersky experts detected a increase in activities of cybercriminals preying on gamers. The number of victims attacked by malware that collects sensitive data and spreads camouflaged with some of the most popular game titles increased by 13% this yearcompared to the first half of 2021.
In an attempt to download free games, players end up infected and lose access to accounts (including money) and also often lose cryptocurrency holdings, since many malware also act as wallet destination address exchangers and identifiers of cryptocurrencies. For example, when trying to make a transaction and paste the address of the recipient, the program takes advantage of the user and pastes the address of the attacker, therefore the transaction is made to another destination and the operation cannot be undone.
To assess the current scenario of gaming-related risks, Kaspersky conducted a survey of the most popular gaming threats (desktop and mobile).
In total, from July of last year to the end of June 2022, the company’s security solutions detected over 384,000 people affected by nearly 92,000 malicious or spam files mimicking 28 games. In addition to the large number of malware and adware, the company even detected Trojan Spies; a category of spyware that can track data typed on the keyboard and take screenshots.
The survey also showed an increase in scams that target steal sensitive data of infected devices. These include Trojan-PSW, which collects victims’ credentials, Trojan-Banker, which steals payment details, and Trojan-GameThief, which collects login information game accounts.
In the same period, Kaspersky security solutions detected over 3,700 unique files that distributed malware disguised as popular games or major releases. There was a 13% increase in people attacked in 2022 compared to the same period in 2021. The number of unique files used to infect them also increased by almost a quarter in the first half of 2022, from 1,530 files to 1,868.
RedLine malware gains prominence in the last year
Scammers seek to spread disguised threats in games that have a large captive audience or that have just been released and are constantly on players’ radar, such as Roblox, FIFA, Minecraft, Elden Ring, Halo, and Resident Evil, which have been actively exploited by cybercriminals that spread RedLine malware.
RedLine is a program that extracts sensitive data from the victim’s device, such as passwords, bank card details, cryptocurrency wallets, and VPN credentials. In the period analyzed by the survey, Kaspersky solutions detected more than 2,300 players attacked by RedLine. Generally, this malware is sold at a very low price on various hacking forums and is very popular among cyber criminals.
Phishing is still popular with cybercriminals
In addition to spreading malicious files, scammers continue to actively create and spread new phishing pages in the field of games, that is, fake websites and links created to steal information and money of the victims. For the first time, Kaspersky experts have discovered a new phishing scam targeting gamers: websites that mimic the interface of game stores, such as CS:GO, PUBG, and Warface. In this mode, scammers offer items (such as weapons) to games for free.
To receive the alleged gift, players must enter the login details of their accounts on social networks, such as Facebook or Twitter. After taking over accounts, criminals are likely to search for card details in personal messages or ask for money several friends of the victim, taking advantage of their trust and lack of attention.
“During the pandemic, the gaming industry has seen tremendous growth, with the number of gaming fans increasing. As we can see, cybercriminals are actively exploiting this trend, creating schemes and tools to attack gamers and steal credit card details and even game accounts. We expect to see new types of attacks on gamers next year, with esports, for example, gaining a lot of popularity all over the world. That’s why it is extremely important to continually protect yourself so as not to lose money, credentials and game accounts”, says Anton V. Ivanov, Senior Security Researcher at Kaspersky.
Disclaimer: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
It may interest you:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.