In 2023, Forbes called gaming an “entertainment behemoth” which is steadily growing in the shadow of its movie and musical counterparts. It transcends borders and continents, and connects people on a global scale. Sadly, due to its popularity and global presence, the gaming industry has also drawn the attention of cybercriminals who target not only gaming-oriented companies, but also individual players. They launch malware distribution campaigns including infostealer programs and phishing sites through cracks and cheats on unofficial websites and even via game mods on well-established platforms.
Not just major companies at risk
Unsurprisingly, the preferred targets of more seasoned cybercriminals are the companies developing games. Between 2021 and 2024, companies such as Insomniac Games (best known for its Spider-Man games) or Game Freak (beloved by the fans of the Pokémon games) were targeted by cyberattacks that resulted in gigabytes of leaked data including game blueprints and employee information.
However, it’s not just major companies that are at risk – gamers and their personal information are also appealing targets for cybercriminals who embed malicious code in various game-related files and sites. Wondering how gamers get compromised? It’s easier than you think. Gamers often encounter malicious files when venturing outside official ecosystems. For example, torrent sites, Discord servers, or even YouTube channels offering pirated games and cheat tools often pose such risks.
The lure of downloading games for free or achieving headshots through walls in multiplayer shooters are the perfect bait for unsuspecting players. In reality, what awaits victims are often threats like infostealers designed to harvest passwords for online accounts, virtual wallets, or credit card details. In simpler terms – if an offer sounds too good to be true, it is.
Even gaming clients such as Steam, GOG or the Epic Games Store have been targeted by cybercriminals. They are lucrative because they often gather personal information, credit card details, and other sensitive data. In addition, one stolen account can be used to compromise multiple accounts via social engineering. Always make sure to secure your account and change passwords regularly. Also, where possible, don’t save the details of your primary credit card on these websites. You can also use prepaid cards to avoid exposing your personal financial details during transactions.
Hamster Kombat and Infostealers
Cyberattacks targeting gamers are often carried out using an infostealer malware such as RedLine Stealer and Lumma Stealer. Those have been found hidden in files masquerading as gaming software or video game cracks. They were also distributed via videos on compromised YouTube channels offering cracks and mods for various games. Based on our telemetry data, we can confirm that these two threats were highly active throughout the first half of 2024.
RedLine Stealer is an infostealer-for-hire seemingly unwilling to fade away, even after disruption efforts in 2023. ESET data indicates that while RedLine Stealer is no longer being updated, it is still actively used by cybercriminals.
It’s worth noting that most cases are limited to isolated campaigns targeting one or two specific countries. In 2024, the three largest spikes in detections were recorded on January 25 (50% of detections in Germany), April 24 (87% in Spain), and May 20 (91% in Japan). These spikes were so significant that detections in the first half of 2024 surpassed those in the second half of 2023 by 31%.
Following the rise of Lumma Stealer in the second half of 2023, detections of this cryptocurrency-focused threat declined during the first half of 2024. In H2 2024, however, it returned stronger than ever, growing by 369% due to multiple campaigns including the attack targeting players of the mobile clicker game Hamster Kombat.
Compromised mods: No one is safe
Even players that don’t pirate games or use cheats can still encounter malicious files. How? By downloading other gaming-related resources such as mods. These mods can be compromised by cybercriminals who use them to add malicious code.
While it’s always advisable to use recognized mod repositories or official platforms like Steam, there have been instances where even these weren’t safe. For example, in July 2023, several accounts on Minecraft modding platforms were compromised by cybercriminals who injected data-stealing code into existing projects. Later, in December 2023, a popular mod for the game Slay the Spire was exploited to distribute Epsilon Stealer via Steam’s update system.
In such cases, the best defense is to use up-to-date security software to detect any potentially malicious files.
Phishing scams: A threat to the youngest players
In addition to being tricked into downloading malicious programs, gamers can also fall victim to phishing scams. According to ESET sources, gaming ranked tenth in the list of the most targeted categories by phishing websites during the first half of 2024.
Phishing can be particularly dangerous when it targets games where the primary audience is children. Cisco Talos published a report detailing the various ways cybercriminals exploit Roblox, a highly popular sandbox gaming platform among minors, to gain access to sensitive user information.
Since Roblox features a virtual currency called Robux which can be purchased with real money, it becomes a highly attractive target for cybercriminals. In our phishing telemetry, we observed several cases of fake Roblox login screens or websites claiming to offer free Robux in exchange for signing up. Be sure to talk to your kids about these possible dangers and to always discuss their purchases with you.
Stay protected
As malicious campaigns and the tools they use vary, reliable protection for gamers needs to be put into place for different kinds of threats. An all-in-one solution exists: ESET HOME Security covers the most popular attack methods cybercriminals use, and also comes with a regularly updated Gamer Mode for Windows users, designed for flawless, uninterrupted gaming and minimal CPU usage.
get ESET HOME SECURITY premium
Gaming should be fun, not a constant source of paranoia. Let’s enjoy games with peace of mind knowing that we are protected by an award-winning solution that not only stops malware, but also minimizes distractions.
