If you are gaming pro, you should be a bit more careful while downloading free games from untrustworthy sources. Hackers have upped the ante and increased their attacks on gamers, injecting malware and stealing credentials.

The risk of attracting intrusions shoots up significantly if a new game is quite expensive and the gaming addicts want to play but not willing to pay for it, finding a copy for free on untrustworthy sites.

After gaining access to the device, hackers inject malicious files and steal login information, banking details and even crypto wallet data.

The number of users attacked by malicious software, which gathers sensitive data and spreads under the guise of some of the most popular gaming titles, has increased by 13 per cent in the first half of 2022 when compared to the attacks in the same period last year.

The number of such unique files used to infect users also increased in the first half of 2022 by nearly a quarter to 1,868 as against 1,530 files reported in the same period last year.

“In attempts to download new games from untrustworthy resources for free, players actually received malicious software, losing their gaming accounts and even money,” cybersecurity solutions company Kaspersky said.

Malicious files

In an exclusive study on the landscape of risks in the gaming space, Kaspersky found that more than 3.84 lakh users were affected by about 92,000 malicious or unwanted unique files that mimicked 28 games or series of games.

The Moscow-based firm collected data from July 1, 2021, and June 30, 2022.

In addition to the large number of downloaders that are able to install other unwanted programmes, and adware, it found Trojan-Spies – a category of spyware that is capable of tracking any data entered on the keyboard and taking screenshots.

“There is also a growth in attacks made with malicious software that steals sensitive data from infected devices. It included Trojan-PSW, which gathers victims’ credentials and Trojan-Banker, which steals payment data,” the report said.

During the period of research, they detected 3,705 unique files that distributed malicious software under the guise of popular games or series of games.

Fake arsenal

Some of the hackers go deeper, create and spread phishing pages. Mimicking the interface of in-game stores, they create fraudulent pages, offering gullible players fake arsenal for free.

“To receive the gift, players need to enter login data for their social network accounts, such as Facebook or Twitter,” the research report said.

“After taking over accounts, attackers are likely to search through personal messages for card details, or ask various friends of the victim for money, preying on their trust and carelessness,” it said.

“We expect to see new types of attacks on gamers in the next year. For example, strikes on e-sports, which are now gaining huge popularity around the world,” Anton V. Ivanov, senior security researcher at Kaspersky, said.

How to stay safe

In order to be safe, cybersecurity experts ask the game lovers to download the games only from official stores. Games from these markets may not be completely secure but they are at least vetted by the app stores for vulnerabilities.

“If you wish to buy a game that is not available through major stores, purchase them from the official website only. Double-check the URL of the website and make sure it is authentic,” they said.

The users should also be careful about phishing campaigns. They should not open links that they get in emails from unfamiliar accounts.


social-fb COMMENT NOW