As the gaming industry witnessed an unprecedented growth over the past 18 months, game-related cybersecurity threats have increased significantly, as per a report by cybersecurity firm Kaspersky.

Over 5.8 million attacks by malware and unwanted software disguised as popular PC games were detected and prevented by Kaspersky solutions from Q3 2020 to Q2 2021.

"This increased volume may be connected to the rapid growth of gaming activities during the pandemic," the report said.

Kaspersky researchers carried out a review of various issues its users faced throughout the pandemic – from potential attacks on PC and mobile to phishing schemes. Researchers analysed attacks with malware and unwanted software disguised as the 24 most popular PC games and the top 10 mobile titles of 2021.

As per the results, PC game-related cyberthreats surged with the introduction of lockdowns in Q2 2020, hitting 2.48 million detections worldwide – a 66 per cent increase compared to Q1 2020 when 1.48 million attacks were detected. However, the number of attacks and affected users declined sharply in Q2 2021 to 636,904 attacks.

The trend was slightly different for mobile games as the number of users affected increased by 185 per cent at the beginning of the pandemic, from 1,138 users in February 2020 to 3,253 users in March 2020. There was a mere 10 per cent drop in users attacked per month in Q2 2020 versus Q2 2021.

"This showed that mobile threats remained attractive to cybercriminals even as lockdowns were being lifted across the world," the report said.

Disguised top five games

Among the top five game titles most often used as a disguise for the distribution of malware and unwanted software globally between Q3 2020 to Q2 2021, Minecraft topped the charts for both PC and mobile categories as the game most often used to disguise the distribution of unwanted software and malware.

As per the report, "the overwhelming popularity of Minecraft may be explained by the fact that there are multiple versions and a myriad of mods – additional modifications that can be installed on top of the game to diversify it and the gaming experience."

"Usually, the mods are created by users and are unofficial, providing a convenient disguise for malicious payloads or unwanted software," it added.

Throughout July 2020 to June 2021, 36,336 files disguised as Minecraft were distributed. They affected 184,887 PC users and resulted in 3,010,891 attempted infections, which is nearly half of the detected files and attacks during this period.

The Sims 4 came in second where 5,844 files were distributed, while 12,66,804 attempted infections were detected affecting 43,252 users. It was followed by PUBG where 26,724 users were affected with 4,84,528 attempted infections detected as 10,360 filed were distributed. Fortnite stood fourth with 6,109 files disguised as the game being distributed, with 2,67,598 attempted infections being detected, affecting 14,702 users. It was followed by Grand Theft Auto V. 4,953 files disguised as the game were distributed. They affected 14,261 users and resulted in 1,87,114 attempted infections.

While the majority of files distributed under the guise of gaming titles were downloaders i.e. programs capable of downloading other software to infected devices and adware, occasionally, both PC and mobile users faced much more serious threats, including Trojan-Stealers designed to steal data about cryptocurrency and other valuable data, Trojan bankers and even backdoors.

“We have witnessed a clear effect of the pandemic on the number of gaming-related threats. As more people switched to gaming, more users faced threats that were disguised as games. Two popular ways of threat distribution are phishing pages – there have been a myriad of them targeting users of different gaming platforms, many of which are very hard to tell apart from real sites for regular users. Another attack vector is warez sites – in particular, we have traced a well-coordinated campaign that distributed a dangerous dropper via such sites, affecting users in 45 countries,” said Anton V. Ivanov, security researcher at Kaspersky.

“With the development of in-game goodies and currencies, the gaming industry is becoming even more lucrative and appealing to cybercriminals. Perhaps the worst risks associated with game-related threats is the loss of account credentials – be it login details to a gaming account or, even worse, banking or cryptocurrency applications. All in all, sticking to official stores and staying vigilant when looking at game-related content is crucial for a safe experience”, added Ivanov.

Related Topics
comment COMMENT NOW