SEARCH
SHARE IT
Ahead of International Children's Day (June 1), Kaspersky experts have examined recent threats that use as bait the reference to game and gaming brands popular among children such as Minecraft, Roblox, LEGO, Disney and others. As a result of the research based on selected keywords, it was found that the number of attack attempts increased by 35% in Q1 2024, compared to the same period last year. Specifically, nearly 1.3 million attack attempts were identified between January and March 2024.
In total, 1,264,866 attack attempts on mobile devices and computers disguised as popular topics among children were detected in Q1 2024. This is an increase of more than 30% compared to Q1 2023, when 936,840 attack attempts were recorded. According to Kaspersky's data, computer threats significantly dominated the number of attacks detected during the reporting period - 98.7% compared to 1.3% of mobile threats.
Based on research by Kaspersky experts, the top brands exploited by digital criminals included the most popular children's games - Minecraft, Roblox and Brawl Stars. Besides, the attackers also tried to exploit product names such as LEGO, popular children's cartoons such as Paw Patrol, Bluey and entertainment giant Disney, whose name could be used to search for cartoons, movies and popular TV series and related games or commercial products. More than 1.2 million device infections came from downloads distributed in Q1 2024. Although this type of software is not malicious, downloaders are often used to load other potentially unwanted applications onto devices.
Trojans, malicious programs that can allow cybercriminals to harvest credit card information, login credentials, modify data or disrupt computer performance, ranked second among the most prevalent threats masquerading as children's favorite brands. In Q1 2024, there were 27,576 attempts to present Trojans on users' devices, while adware - a type of software that displays unwanted annoying pop-up ads on the screen - resulted in 27,570 attempts.
The number of increased attacks detected was also accompanied by a decrease in the number of unique targeted users. Specifically, in Q1 2024, 49,630 unique users were attacked as opposed to 57,873 during the same period in 2023, a 14% decrease. This may mean that children may have continued to face new threats as a result of repeatedly downloading malicious files from the Internet.
Analysing individual cases of user attacks, Kaspersky researchers found that digital criminals are spreading malicious Trojan-SMS to mobile devices under the guise of the popular Brawl Stars game. Specifically, the SMS contains cheats to give players an unfair advantage over other players. Once installed and launched, the app first asks for permission for many functions (many of which are unnecessary or even dangerous) and then only displays pop-ups to unlock access to the content - without giving away the content itself.
To make it difficult for users to delete the app, cybercriminals made it a transparent icon and a blank name so that it could not be viewed on the home screen. From that moment, the app itself, once launched and granted permissions, performs a malicious function, sending SMS messages from the affected mobile device as a spam tool, thus emptying the victim's phone wallet.
Kaspersky researchers also found malicious websites with toys, dolls and other children's products. These sites were originally legitimate resources, which were later hacked by cybercriminals to spread malware. In this case, not only children who want to choose a new toy, but also parents looking for children's products can also become victims.
To keep children safe online, Kaspersky recommends:
MORE NEWS FOR YOU