April 5, 2023 By Jonathan Reed 4 min read

At the current rate of growth, the world will quickly reach 3 billion active gamers worldwide within a year. Unsurprisingly, cyber criminals have identified the gaming industry as a juicy opportunity. According to newly released data, the cyber assault on the gamer-verse has been relentless.

A recent Akamai report revealed that web application attacks, which exploit vulnerabilities in online programs like mobile games, were up 167% year-on-year (YOY) from May 2021 to April 2022. Meanwhile, Kaspersky Lab found a 13% increase in malicious software attacks on games in the first half of 2022 compared with the first half of 2021.

The gaming (and gaming attack) explosion

When the pandemic hit, everybody began to live online — or at least many spent a lot more time in the digital space. This was especially true for gamers. As per one study, Twitch, the leading live-streaming platform for gamers, saw an 83% YOY increase in viewership in Q2 2020.

At the time, many gaming companies scrambled to meet the increased demand, as did cloud developers. Now players can stream games on nearly any device. By leveraging cross-platform progression, people are playing more games on more devices than ever.

The sudden surge in gaming has attracted threat actors as well. In 2021, attacks on the gaming industry more than doubled compared to the prior year, as per Akamai.

Preferred methods of attack against gamers

The Akamai report cited the worldwide rise in phishing-as-a-service kits, which also often target gamers. Bad actors continue to rely on tried-and-true exploits, such as phishing and ransomware, and gaming is no exception.

Meanwhile, gamers frequently purchase character upgrades, tools and skins. And these microtransactions generate billions in revenue. According to a report from The Business Research Company, the online microtransaction market is expected to reach $106.02 billion in 2026 at a CAGR of 11.9%. There’s also a lot of philanthropy that comes from gaming communities. As reported by Direct Relief, on Twitch, gamers donated $145 million to charity between 2011-2019, including $42 million in 2019 alone.

For threat actors, the gamer-verse is full of lucrative targets. By hacking into user accounts, intruders can steal in-game currencies and assets as well as account information or entire gaming accounts. Then criminals can put it all up for sale on the dark web. Additionally, if hackers breach a gaming company, actors can steal source code and unlock game cheats. Criminals can also resort to old-fashioned ransomware to encrypt files and publicly expose exfiltrated data.

Online game currency can also facilitate money laundering schemes. Nefarious actors open up a game account, create a profile and then use stolen funds or hacked credit card numbers to purchase as much in-game currency and accessories as possible. From there, they can sell their account to an unsuspecting buyer to complete the money laundering cycle.

Meanwhile, Windows gamers and power users are being assaulted by fake MSI Afterburner. The MSI Afterburner is a GPU utility that allows you to configure overclocking, create fan profiles, perform video capturing and monitor your installed graphics cards’ temperature and CPU utilization. The fake MSI Afterburner download portals infect users with cryptojacking and RedLine info-stealing malware.

Cheaters never win

The internet is full of fake, discounted and pirated products. People download them to get something for free, such as an entire game, special modifications or cheats. Criminals know this and are more than willing to set traps within the product downloads. For example, Redline info-stealing malware can steal passwords, cookies, card details, autofill data from browsers, cryptocurrency wallet secrets and credentials for VPN services.

From July 1, 2021, through June 30, 2022, Kaspersky security solutions detected a total of 6,491 users affected by 3,705 unique info-stealing-type malicious files. In the first half of 2022, the security firm observed a noticeable year-on-year increase in the number of users attacked: 13% over the first half of 2021 (2,867 versus 2,533). The number of unique files used to attack users also increased in the first half of 2022 by nearly a quarter, compared to the first half of 2021: from 1,530 to 1,868.

Ever expanding attack surface

Like many technology-dependent companies, gaming platforms sought to extend their reach during and after the pandemic. Furthermore, real-time role-playing games require significant bandwidth as well as connectivity between players. Now, gamers can set up contests with people on any continent at any time.

However, like for any tech-dependent brand, this expanded level of access also dramatically increases the attack surface. It wasn’t long ago that gaming consoles were the only way to access a gaming platform’s network. Now gamers can use any computer or device to play.

According to Allied Market Research, the cloud gaming market reached $244 million in 2020 and is expected to expand to $21.95 billion by 2030. Gamers love cloud-based platforms as it provides many titles to choose from at an affordable price. Plus, the more serious gamers increasingly use their own PC, which frees them from having to buy the latest console hardware.

As the attack surface continues to expand, attackers have even more ways to hack accounts and breach networks.

Cybersecurity training for everyone

One of the main concerns surrounding gaming security is that targets are frequently children and teenagers. A young gamer at home looking for a cheap game or cool skin can be an easy target.

Here are some tips (adapted from Kaspersky) we can all benefit from, both gamers and non-gamers alike:

  • Protect your accounts with two-factor authentication whenever possible
  • Use a unique, strong password for each of your accounts
  • Use robust antivirus at all times
  • Download your games or apps from official stores like Steam, Apple App Store, Google Play or Amazon Appstore only
  • If your desired title is not available from the official store, purchase it from the official website only. Double-check the URL of the website to make sure it is authentic.
  • Avoid buying the first thing that pops up. Investigate products and read the reviews carefully.
  • Beware of phishing campaigns. Do not open links received by email or in a game chat unless you trust the sender. Do not open files from strangers.
  • Carefully check the address of any website asking for your username and password, as it might be fake
  • Avoid downloading cracked software or any other illegal content, even if a legitimate website directs you to it
  • Keep your operating system and other software up to date.

Every day, untold millions — from the most sophisticated businesses to government offices to organizations and homes all over the world — are targets of nefarious cyber actors. It’s high time we advocate for cybersecurity hygiene for the masses.

More from News

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

Ransomware attack on Rhode Island health system exposes data of hundreds of thousands

3 min read - Rhode Island is grappling with the fallout of a significant ransomware attack that has compromised the personal information of hundreds of thousands of residents enrolled in the state’s health and social services programs. Officials confirmed the attack on the RIBridges system—the state’s central platform for benefits like Medicaid and SNAP—after hackers infiltrated the system on December 5, planting malicious software and threatening to release sensitive data unless a ransom is paid. Governor Dan McKee, addressing the media, called the attack…

FBI, CISA issue warning for cross Apple-Android texting

3 min read - CISA and the FBI recently released a joint statement that the People's Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility and Hardening Guidance for Communications Infrastructure, with best practices organizations and agencies should adopt to protect against this espionage threat. According to the statement, PRC-affiliated actors compromised networks at multiple telecommunication companies. They stole customer call records data as well…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today