Malware abuses the biggest new games by stealing credentials and credit card details

Malware abuses the biggest new games by stealing credentials and credit card details


13 September 2022

Researchers from Kaspersky discovered a rise in the number of hackers abusing gamers in the first half of 2022. When compared to the first half of 2021, the number of users who have been infected by malicious software—which collects personal information and spreads under the pretense of some of the most well-known video games—has climbed by 13%. Players who attempted to download new games for free from unreliable sources actually ended up with malicious software, losing their gaming accounts and even money. The Kaspersky report on gaming-related dangers includes these and other findings.

The most common hazards related to PC and mobile games were observed by Kaspersky researchers to evaluate the current state of gaming risks. Between 1 July 2021 and 30 June 2022, Kaspersky security solutions identified about 92,000 harmful or unwanted unique files that imitated 28 games or game series, affecting over 384,000 people overall. Kaspersky researchers found Trojan-Spies, a type of malware that can follow any data written on the keyboard and take screenshots, in addition to the enormous number of downloaders that can install other unwanted programs and adware.

The study also found an increase in attacks using malicious software to collect private information from compromised devices. It contained the Trojan-PSW, which collects user credentials from victims, the Trojan-Banker, which steals payment information, and the Trojan-GameThief, which gathers login credentials for gaming accounts. Between July 1st, 2021 and June 30th, 2022, Kaspersky antivirus products identified a total of 3,705 distinct files disseminating this harmful malware as well-known games or game series. According to Kaspersky researchers, the number of people who were attacked with it rose by 13% in the first half of 2022 compared to the same period in 2021. When compared to the same period in 2021, the number of such distinctive files used to infect users grew in the first half of 2022 by almost a quarter: 1,868 and 1,530 files, respectively.

When people attempt to download games from websites that are not official, but rather third parties, they frequently end up with harmful downloads. This is particularly true if a player attempts to save money by obtaining a copy of a new game that is relatively expensive for free via shady websites. However, they will suffer far greater losses than if they had purchased the genuine article. For instance, numerous malicious downloads infect devices to steal data from crypto wallets, financial information, and login information for gaming accounts.

Attackers deliberately try to disseminate threats through games that either have a sizable captive audience or have just recently been released and are frequently seen by gamers. Popular games like Roblox, FIFA, or Minecraft, as well as the new installments of popular game franchises like Elden Ring, Halo, and Resident Evil, published in the past year, were actively exploited by attackers disseminating RedLine malware under their guise.

RedLine is password-stealing malware that steals sensitive information from the victim's device, including passwords, bank card information that has been saved, cryptocurrency wallets, and VPN login information. RedLine, a threat propagated by popular games, infected 2,362 different people between July 1, 2021, and June 30, 2022, making it the most active threat family during that time. Redline enjoys enormous popularity among hackers because it is frequently offered for a very low price on numerous hacker sites.

Attackers continue to actively construct and promote new phishing pages in the gaming industry in addition to disseminating harmful files. Experts from Kaspersky for the first time uncovered a fresh method of phishers targeting gamers. Scammers build fake pages that mimic the look and feel of in-game stores for CS:GO, PUBG, and Warface while offering potential victims a substantial collection of free weapons and artifacts. Players must submit login information for their Facebook or Twitter accounts in order to receive the prize. Following account takeover, attackers may look through personal communications for card information or approach different acquaintances of the victim for financial assistance, taking advantage of their trust and carelessness.

Anton V. Ivanov, senior security researcher at Kaspersky, comments,

During the pandemic the gaming industry was greatly boosted, increasing the number of gaming fans several times over. As we can see, cybercriminals are actively abusing this trend, creating more and more new schemes and tools to attack players and steal their credit card data and even game accounts, which can contain expensive skins that can later be sold. We expect to see new types of attacks on gamers in the next year. For example, strikes on e-sports, which are now gaining huge popularity around the world. That's why it's so important to always be protected, so you don't lose your money, credentials, and gaming account.

To stay safe while gaming, Kaspersky recommends:

  • It is safer to download your games from official stores like Steam, Apple App Store, Google Play or Amazon Appstore only. Games from these markets are not 100 % secure, but they at least are checked by store representatives and there is some kind of screening system: not every app can get into these stores.

  • If you wish to buy a game that is not available through major stores, purchase them from the official website only. Double-check the URL of the website and make sure it is authentic.

  • Beware of phishing campaigns and unfamiliar gamers. Do not open links received by email or in a game chat unless you trust the sender. Do not open files you get from strangers.

  • Do not download pirated software or any other illegal content, even if you are redirected to it from a legitimate website.

  • A strong, reliable security solution will be a great help to you, especially if it will not slow down your computer while you are playing, but at the same time, it will protect you from all possible cyberthreats. For example, Kaspersky Total Security works smoothly with Steam and other gaming services.

  • Use a robust security solution to protect yourself from malicious software and its activity on mobile devices, such as Kaspersky Internet Security for Android.
View them all