Lockdown gaming baddies: 5.8 million attacks detected over the past year
September 2021 by Kaspersky
This increased volume may be connected to the rapid growth of gaming activities during the pandemic. The data comes from the latest game-related cyberthreats report by Kaspersky, in which researchers assessed the changes of gaming-related threats during the pandemic.
The gaming industry witnessed unprecedented growth over the past 18 months, in part, thanks to users being forced to find alternative means of entertainment as they stayed at home. Even though the world has become safer this year, the demand for games persists, and the industry is predicted to grow even further, reaching a potential peak of 175.5 billion USD by the end of 2021. With this in mind, Kaspersky researchers carried out a review of various game-related threats that its users faced throughout the pandemic – from potential attacks on PC and mobile to phishing schemes.
To get a clear picture of the trends, Kaspersky analysed globally the attacks with malware and unwanted software disguised as the 24 most popular PC games and the top 10 mobile titles of 2021. The results showed that PC game-related cyberthreats soared with the introduction of lockdowns in Q2 2020, hitting 2.48 million detections worldwide – a 66% increase compared to Q1 2020 when 1.48 million attacks were detected. Interestingly, the number of attacks and affected users declined sharply in Q2 2021 – to just 636,904 attacks. Kaspersky experts have also analysed PC game-related cyberthreats in the UK. As a result, the company’s researchers have found around 8,850 detections in the UK in Q2 2020 – a slight decrease compared to Q1 2020 when 12,337 attacks were detected.
Globally, mobile games showed a slightly different trend, with the number of users affected growing by 185% at the beginning of the pandemic, from 1138 users in February 2020 to 3253 users in March 2020 and declined by just 10% by Q2 2021. This showed that mobile threats remained attractive to cybercriminals even as lockdowns were being lifted across the world.
Speaking of popular games, Minecraft topped the charts for both PC and mobile categories as the game most often used to disguise the distribution of unwanted software and malware. Such overwhelming popularity of Minecraft may be explained by the fact that there are multiple versions and a myriad of mods – additional modifications that can be installed on top of the game to diversify it and the gaming experience. Usually, the mods are created by users and are unofficial, providing a convenient disguise for malicious payloads or unwanted software. Throughout July 2020 to June 2021, 36,336 files disguised as Minecraft were distributed. They affected 184,887 PC users and resulted in 3,010,891 attempted infections, which is nearly half of the detected files and attacks during this period.
Game title Users Detections Files
Minecraft 184887 3010891 36336
The Sims 4 43252 1266804 5844
PUBG 26724 484528 10360
Fortnite 14702 267598 6109
Grand Theft Auto V 14261 187114 4953
Top five PC game titles most often used as a disguise for the distribution of malware and unwanted software globally, Q3 2020 to Q2 2021
In the UK, Kaspersky experts found that the top five PC game titles with the highest attempted infections included; Minecraft, Fortnite, The Sims 4, PUBG and Rocket League. Minecraft topped the charts with 19041 attempted infections. Meanwhile, Fortnite and Rocket League followed, with 1967 and 466 attempted infections respectively.
While the majority of files distributed under the guise of gaming titles were downloaders – programs capable of downloading other software to infected devices and adware, occasionally, both PC and mobile users faced much more serious threats, including Trojan-Stealers designed to steal data about cryptocurrency and other valuable data, Trojan bankers and even backdoors. “We have witnessed a clear effect of the pandemic on the number of gaming-related threats. As more people switched to gaming, more users faced threats that were disguised as games. Two popular ways of threat distribution are phishing pages – there have been a myriad of them targeting users of different gaming platforms, many of which are very hard to tell apart from real sites for regular users. Another attack vector is warez sites – in particular, we have traced a well-coordinated campaign that distributed a dangerous dropper via such sites, affecting users in 45 countries,” comments Anton V. Ivanov, security researcher at Kaspersky. “With development of in-game goodies and currencies, the gaming industry is becoming even more lucrative and appealing to cybercriminals. Perhaps the worst risks associated with game-related threats is the loss of account credentials – be it login details to a gaming account or, even worse, banking or cryptocurrency applications”.
“All in all, sticking to official stores and staying vigilant when looking at game-related content is crucial for a safe experience”, adds Anton.
To stay safe while gaming, Kaspersky experts recommend:
• Using strong passwords — and a unique one for every account. You can do that with the help of Kaspersky Password Manager to make using secure passwords easier. That way, even if one of your accounts gets stolen, it won’t compromise the rest. It’s safer to avoid using the same password for online games that you use for other services
• Only downloading your apps from official stores like the Apple App Store, Google Play, or Amazon Appstore. Apps from these markets are not 100% secure, but at least they get checked by shop representatives, and there is some filtration system – not every app can get into these stores
• Trying to avoid buying the first thing that pops up. Even during Steam’s summer sale, try to at least read some reviews before forking out for a little-known title. If something is fishy, people will probably figure it out, and this will come out in user comments
• Not clicking on any links to external sites from the game chat, and carefully check the address of any resource that requests you enter your username and password; the page may be fake
• Avoiding downloads of pirated software and other illegal content. Even if you are redirected to the webpage from a legitimate website
• Using a strong, reliable security solution that will be a great help to you, especially if it won’t slow down your computer while you play. It will also protect you from all possible cyberthreats. We recommend Kaspersky Total Security – it works smoothly with Steam and other gaming services
• Using a robust security solution to protect you from malicious software and its actions on mobile devices – such as the Kaspersky Internet Security for Android.