Kaspersky researchers found that the activity of cybercriminals trying to exploit players increased in the first half of 2022.
Globally, the number of users attacked by malware that collects sensitive data and spreads by emulating some of the most popular games increased by 13 percent in the first half of the year compared to the first half of 2021, according to Kaspersky.
Gamers trying to download new games for free from untrusted sources; while encountering malware, the game lost their account and money.
Kaspersky experts analyzed the most popular threats related to PC and mobile games to assess the current risk situation for games. In the period from July 1, 2021 to June 30, 2022, Kaspersky security solutions identified more than 384,000 users affected by approximately 92,000 malicious or unwanted unique files that emulated 28 games or game series. In the same period, 7 thousand 906 unique users in Turkey were affected by 5 thousand 492 malicious and unwanted files.
In addition to the large number of downloaders that can install other unwanted programs and adware, Kaspersky researchers have also detected Trojan Spy, a category of spyware that can track and take screenshots of any data entered on the keyboard.
Often times, users encounter malicious files when they try to download games from third-party web pages rather than official sites. This is especially true in cases where the game is quite expensive and the player wants to save money by finding a free copy of the game on unreliable sites. However, players lose much more in this case compared to paying for the legitimate version. For example, many malicious files infect devices, stealing login information from game accounts, banking information and even crypto wallet data.
2 thousand 362 users attacked with RedLine detected
Attackers try to spread threats by imitating games that have a large audience, newly released and constantly on players' radars. For example, well-known games such as Roblox, FIFA or Minecraft, as well as new episodes of major game series released last year, Elden Ring, Halo and Resident Evil were exploited by attackers who spread the RedLine malware.
RedLine is known to be password stealing software that steals sensitive data from the victim's device such as passwords, saved bank card details, credentials for cryptocurrency wallets and VPN services.
Between July 1, 2021 and June 30, 2022, Kaspersky solutions detected 2,362 unique users attacked with RedLine under the guise of popular games, making it the most active threat family for the period in question.
In addition to spreading malicious files, attackers continue to create and spread new phishing pages using games. Kaspersky experts have discovered for the first time a new phishing scheme that attacks players. Emulating the interface of in-game stores for CS:GO, PUBG, and Warface, scammers create fake pages, promising to offer potential victims a decent arsenal of various weapons and artifacts for free.
To receive the gift, players need to enter the login information for their social network accounts such as Facebook or Twitter. After hijacking accounts, it is very likely that attackers will search personal messages for card details or ask various friends of the victim for money, abusing their trust and carelessness.