Cybercriminals target games popular with kids to distribute malware
Kaspersky research finds Minecraft and Roblox have the most malicious files associated with them
With 3 billion players globally, the $200 billion gaming market is an increasingly ripe target for cybercriminals – with the perennially popular Minecraft one of the most targeted lures.
As much was confirmed by Kaspersky research published on its Securelist website. Using statistics gathered by the Kaspersky Security Network (KSN), which processes anonymized threat data shared voluntarily by customers, the security vendor examined the most widespread malware strains that were found to have an association with the biggest games on PC and mobile.
"We used the titles of the games as keywords and ran these against our KSN telemetry to determine the prevalence of malicious files and unwanted software related to these games, as well as the number of users attacked by these files," Kaspersky said. "Also, we tracked the number of fake cheat programs for the popular games listed above, and an amount of miners that dramatically affect the performance of gamers' computers."
Between July 1, 2021, and June 30, 2022, Kaspersky said a total 384,224 users had a brush with gaming-related malware. Some 91,984 files posing as copies of popular games actually hosted unwanted applications.
Here, the name Minecraft – a sandbox building game that is especially popular with children – was the most popular bait used in 23,239 malicious files affecting 131,005 players. However, the number of files was down 36 percent (36,336) on the previous year, and users affected by almost 30 percent (184,887).
The next most popular games used as lures for distributing malware should come as no surprise – Roblox (also big with kids), Need for Speed, Grand Theft Auto, and Call of Duty. In the mobile sphere, again, Minecraft, Roblox, Grand Theft Auto, PUBG, and FIFA were the biggest targets.
In the vast majority of infection cases Kaspersky witnessed (88.56 percent), the lures were used to install downloaders.
The company noted: "This type of unsolicited software might not be dangerous in and of itself, but it can be used for loading other threats onto devices."
This was followed by adware (4.19 percent), which displays pop-up ads on desktops and mobile devices, and trojans (2.99 percent). The rest were various types of malware, exploits, trash software, and other nasties pretending to be something they're not.
The bulk of trojans downloaded in this way (76.87 percent) Kaspersky attributed to password stealers followed by software designed to pinch payment credentials (22.14 percent) and gaming accounts (0.99 percent). These payloads were most often delivered by gamers looking for titles from disreputable sources or allegedly "cracked" copies.
- How cybercrims embrace messaging apps to spread malware, communicate
- Microsoft to blockheads: NFTs and blockchains aren't welcome in Minecraft
- Log4j RCE: Emergency patch issued to plug critical auth-free code execution hole in widely used logging utility
- Never mind the trolls, Discord hosts 'significant volumes of malware' in its CDN
With the contents of some accounts being perceived as valuable, phishers have also set up fake websites for games like GTA and Apex Legends purporting to generate in-game currency but actually they steal the owners' account details for takeover and other sensitive information tied to them. Kaspersky said it had detected 3,116,782 such attacks over 2021-2022.
Criminals have likewise used games as lures to hog computer resources for mining cryptocurrency. The Far Cry series was found by Kaspersky to have 510 unique malicious files associated with it and 1,050 affected users followed by Minecraft (again) with 406 files, and Valorant with 93. However, the security vendor noted that affected users halved in 2022 as the crypto winter settled in.
Another easy in for cybercrooks targeting the gaming industry was, of course, cheaters. There are countless dodgy-looking websites out there offering scripts, macros, and more to give those struggling an edge, but you never really know what you're getting until it's too late.
Kaspersky detected some 3,154 unique malicious files masquerading as cheat programs affecting 13,689 users. The most common games targeted in this area were Counter Strike: Global Offensive (418 files), Roblox and Valorant (both 322), and Total War (284). Need For Speed fans seemed to be those most desperate for cheats, with 3,256 users compromised by malicious software in this manner.
Kaspersky expressed dismay that the most frequently targeted games are those popular with youngsters who could lack awareness about information security and cybercriminal behavior.
While the company made the usual recommendations of employing two-factor authentication along with strong and unique passwords to protect accounts, it would also pay to have a chat with your kids – especially if they're into Minecraft and Roblox – and let them know what not to do and what to look out for. And for heaven's sake, set it up for them through the correct channels – Steam, Microsoft Store, Apple App Store, Google Play etc. ®