Do you play Minecraft, Roblox or FIFA? Popular games are used as a hook by malware that steals credentials and credit cards

In the first half of 2022, Kaspersky experts detected an increase in the activity of cybercriminals taking advantage of gamers’ data.

The number of users attacked by malware, which collects sensitive data and spreads under the guise of some of the most popular games, increased by 13% compared to the first half of 2021. Attempts to download new games from low resources free, players received malicious software, losing their gaming accounts and even their money. These and other conclusions are part of the report on threats related to the game published by Kaspersky.

To assess the current gaming risk landscape, experts analyzed the most popular threats related to PC and mobile gaming. In total, between July 1, 2021 and June 30, 2022, the company’s security solutions detected more than 384,000 users affected by nearly 92,000 unique malicious or unwanted files mimicking 28 games or game series. In addition to the large number of downloaders capable of installing other unwanted programs and adware, analysts even detected Trojan-spies, a category of spyware capable of tracking any data entered on the keyboard and taking screenshots. The research also revealed a growth in attacks using malware that steals sensitive data from infected devices. These include Trojan-PSW, which collects victims’ credentials, Trojan-Banker, which steals payment data, and Trojan-GameThief, which collects game account login information. From July 1, 2021 to June 30, 2022, a total of 3,705 unique files were detected distributing this malware under the guise of popular games or game series. In the first half of 2022, the researchers observed a 13% increase in the number of users attacked with it compared to the first half of 2021. The number of these unique files used to infect users also increased in the first half. of 2022 by almost a quarter, compared to the same period in 2021: 1,868 and 1,530 files, respectively. Most of the time, users receive malicious files when trying to download games from third party websites. This usually happens when a new game is quite expensive and the player wants to save money by finding a free copy on dodgy sites. However, they will lose much more than if they had bought a legitimate version. For example, many malicious files steal gaming account login information, bank details, and even crypto wallet data by infecting devices.

Attackers try to spread threats under the guise of games that have a large audience or have been recently released and are constantly on gamers’ radars.

Well-known games like Roblox, FIFA or Minecraft, for example, as well as the new parts of great game series, released during the last year – Elden Ring, Halo and Resident Evil – were actively abused by attackers who spread RedLine malware under their guise.

RedLine is password stealing software that extracts sensitive data from a victim’s device, such as passwords, saved bank card data, cryptocurrency wallets, and VPN service credentials. From July 1, 2021 to June 30, 2022, Kaspersky solutions detected 2,362 unique users attacked with RedLine, spread under the guise of popular games, making it the most active threat family during the period indicated. RedLine is often sold very cheaply on various hacker forums, which is why it is extremely popular among cybercriminals.

To ensure protection while gaming, Kaspersky recommends:

— It is safer to download the games only from official stores like Steam, Apple App Store, Google Play or Amazon Appstore. The games in these markets are not 100% safe, but at least they are reviewed by store representatives and there is some kind of control system: not all applications can enter these stores.

— If you want to buy a game that is not available in major stores, you should purchase it only from the official website. Double check the website URL and make sure it is authentic.

— Beware of phishing campaigns and unknown players. Do not open links received by email or in game chat unless you trust the sender. Do not open files you receive from strangers.

— Do not download pirated software or any other illegal content, even if you are redirected to it from a legitimate website.