Cybercriminals are increasingly targeting the global gaming community, with Minecraft being the primary focus for malicious attacks, according to Kaspersky’s year-long investigation. The mobile gaming sector, comprising nearly 40% of the world’s population, is also at risk, with SpyNote Trojans posing a significant threat, emphasizing the need for enhanced cybersecurity awareness within the gaming community.
7 November 2023 – The worldwide gaming community, which accounts for nearly half of the global population, is facing an increasing threat from cybercriminals, according to a comprehensive investigation conducted by cybersecurity firm Kaspersky. In the period spanning from July 2022 to July 2023, Kaspersky uncovered the growing vulnerability of gamers to a range of malicious attacks, including web vulnerabilities, Distributed Denial of Service (DDoS) attacks, cryptocurrency mining, and complex Trojan or phishing campaigns.
Over the course of one year, from July 1, 2022, to July 1, 2023, Kaspersky’s security solutions detected a significant 4,076,530 attempts to download 30,684 unique files masquerading as popular games, mods, cheats, and other game-related software. These incidents affected 192,456 users worldwide. While these files are primarily classified as unwanted software, often labeled as not-a-virus:Downloader (89.70%), they have the potential to download various other programs, including malicious ones, onto users’ devices. Adware (5.25%) and Trojans (2.39%) also posed notable threats to desktop gamers.
Minecraft emerged as the prime target for cybercriminals, being responsible for 70.29% of all alerts. The threats using Minecraft as bait impacted 130,619 players across the globe during the reporting period. Roblox was the second most targeted game title, contributing to 20.37% of all alerts affecting 30,367 users. Counter-Strike: Global Offensive (4.78%), PUBG (2.85%), Hogwarts Legacy (0.60%), DOTA 2 (0.45%), and League of Legends (0.31%) were also among the prominent games subjected to cyber threats.
The mobile gaming community, comprising over three billion gamers, or nearly 40% of the world’s population, has become an enticing target for cybercriminals. Between July 1, 2022, and July 1, 2023, Kaspersky documented 436,786 attempts to infect mobile devices, impacting 84,539 users. Various game titles were used as bait to target mobile gamers, with Minecraft enthusiasts being the primary targets, accounting for 90.37% of attacks.
PUBG: Battlegrounds Battle Royale was the second most exploited mobile game among cybercriminals, responsible for 5.09% of all alerts. Roblox (3.33%) ranked third in terms of detections but second in the number of affected users. Notably, a spy Trojan known as SpyNote emerged, posing as a mod for Roblox on the Android mobile platform. This Trojan exhibited spying capabilities, including keylogging, screen recording, video streaming, and the ability to impersonate popular apps to deceive users into revealing their passwords.
Phishing and counterfeit distribution pages continue to pose a significant threat to gamers, with malicious and undesired software masquerading as popular games. These deceptive pages often lure users with inflated download counts, leading to the unwitting downloading of harmful or unrelated content.
Vasily Kolesnikov, a cybersecurity expert at Kaspersky, emphasized the need for enhanced cybersecurity awareness within the gaming community, given the surge in ransomware attacks and the impact on professional gamers who rely on uninterrupted play.
Kaspersky recommends several safety measures for gamers, including downloading games only from official stores, avoiding suspicious links and downloads, and using a robust security solution to protect against cyber threats.
