The global gaming community – which currently accounts for nearly half the world’s population – has found itself increasingly under fire by cybercriminals, according to a comprehensive investigation by Kaspersky.

In the period spanning July 2022 to July 2023, the cybersecurity company discovered the growing vulnerability of the gaming user base. Cybercriminals exploited this vast community to access personal data, launching a range of attacks, including Web vulnerabilities, Distributed Denial of Service (DDoS) attacks, cryptocurrency mining, and complex Trojan or phishing campaigns.

During the period, Kaspersky’s solutions detected a substantial 4 076 530 attempts to download 30 684 unique files masked as popular games, mods, cheats, and other game-related software. These incidents affected 192 456 users worldwide. These files – primarily classified as unwanted software and often labeled as not-a-virus:Downloader (89,7%), – are not innately perilous, but they are capable of downloading various other programs, even malicious ones, on to the user’s device. Adware (5,3%) and Trojans (2,4%) were also noteworthy threats to desktop gamers.

Minecraft emerged as the favoured target among cybercriminals, responsible for triggering 70,3% of all alerts. The threats using Minecraft as bait impacted 130 619 players across the globe during the reporting period. Roblox was the second most targeted game title, contributing to 20,4% of all alerts affecting 30 367 users. Counter-Strike: Global Offensive (4,8%), PUBG (2,9%), Hogwarts Legacy (0,6%), DOTA 2 (0.,5%), and League of Legends (0,3%) were also among the prominent games subjected to cyberthreats.

Various game titles were employed as bait to target mobile gamers. Minecraft enthusiasts once again were the primary targets, as 90,4% of attacks focused on the 80 128 gamers who fell victim. Indonesian users in particular faced exploitation through Minecraft resulting in a Trojan.AndroidOS.Pootel.a attack, discreetly registering mobile subscriptions. Iran witnessed the highest prevalence of these attacks, with 140, 482 alerts impacting 54 467 Minecraft players.

A noteworthy discovery involves the emergence of SpyNote, a spy Trojan distributed among Roblox users on the Android mobile platform under the guise of a mod. This Trojan exhibits various spying capabilities including keylogging, screen recording, video streaming from phone cameras, and the ability to impersonate Google and Facebook applications to deceive users into divulging their passwords.

Phishing and counterfeit distribution pages continue to pose a significant threat to gamers. Malicious and undesired software often masquerades as popular games, disseminated through third-party websites offering pirated versions. These deceptive pages typically display inflated download counts, potentially misleading users into a false sense of security. Nonetheless, clicking the download button typically results in an archive that may contain harmful or unrelated elements, diverging from the promised content.

“In the dynamic gaming industry, which hosts a wealth of personal and financial data, cybercriminals are seizing enticing opportunities,” says Vasily Kolesnikov, cybersecurity expert at Kaspersky. “They exploit gaming accounts by pilfering in-game assets, virtual currency, and selling compromised gaming accounts, often with real-world value. The relentless pursuit of personal data has led to a surge in ransomware attacks, even affecting professional gamers who depend on uninterrupted play. This underscores the critical need for enhanced cybersecurity awareness within the gaming community.”