Report Shows A Sharp Spike in Web Attacks on Gamers

Cyber-criminals stepped up their efforts to victimize gamers while millions of people stayed at home this spring to slow the spread of COVID-19. According to data from Kaspersky Security Network, cyber-criminals have exploited the increased interest in video games to launch various attacks.

The new research published by Kaspersky found that in April, the daily number of blocked attempts to direct users to malicious gaming-themed sites increased by 54%, compared to January 2020.

In the same month, the number of blocked attempts to force gamers onto phishing pages for one of the most popular gaming platforms also increased by a whopping 40% compared to February 2020.

Kaspersky researchers took a special interest in threats to gamers after lockdown measures saw millions turn to video games as a source of entertainment. Beginning in March, online gaming platform SteamDB saw a record number of users, with 20.3 million people in-game simultaneously over one weekend.

This is similar to a 2019 report showing how the gaming industry has become an attractive target for cybercriminals with 12 billion credential stuffing attacks reported in the past 17 months (November 2017-March 2019).

According to the Cloud delivery network provider Akamai Technologies, the gaming community is among the most lucrative targets for hackers to make a quick profit. In its research report, “2019 State of the Internet/Security Web Attacks and Gaming Abuse” Akamai stated that there were 55 billion cases of credential stuffing attacks across all industries.

The report highlighted that nearly 67% of credential stuffing attacks target organizations based in the United States. It stated that Russia is the second largest source of application attacks and China is ranked as the fourth highest source country. On the other hand, the United Kingdom ranked as the second highest targeted country with Japan, Canada, Australia, and Italy are all also among the countries most targeted.

In the latest 2020 Report, Minecraft, one of the most popular games ever made, was the title most often used by threat actors. Its name featured in more than 130,000 web attacks. The other games used most frequently to launch attacks were Counter-Strike: Global Offensive and The Witcher 3.

Maria Namestnikova, security expert at Kaspersky, said threat actors used the promise of cheats to lure gamers into clicking malicious links.

“The past few months have shown that users are highly susceptible to falling for phishing attacks or clicking on malicious links when it comes to games—whether they’re looking to find pirated versions or eager for a cheat that will help them win,” said Namestnikova.

Yury Namestnikov, also a security expert at Kaspersky, said that gamers working from home who play and toil on the same device should be particularly wary of cyber-threats.

“Now that many players started using the same machines that they use to enter corporate networks for games, their cautiousness should be doubled: risky actions make not only personal data or money vulnerable but also corporate resources,” said Namestnikov.

Kaspersky researchers urged gamers to protect themselves by using strong passwords and two-factor authentication where possible and to be wary of any cheats and pirated copies of video games.