April 5, 2023 By Jonathan Reed 4 min read

At the current rate of growth, the world will quickly reach 3 billion active gamers worldwide within a year. Unsurprisingly, cyber criminals have identified the gaming industry as a juicy opportunity. According to newly released data, the cyber assault on the gamer-verse has been relentless.

A recent Akamai report revealed that web application attacks, which exploit vulnerabilities in online programs like mobile games, were up 167% year-on-year (YOY) from May 2021 to April 2022. Meanwhile, Kaspersky Lab found a 13% increase in malicious software attacks on games in the first half of 2022 compared with the first half of 2021.

The gaming (and gaming attack) explosion

When the pandemic hit, everybody began to live online — or at least many spent a lot more time in the digital space. This was especially true for gamers. As per one study, Twitch, the leading live-streaming platform for gamers, saw an 83% YOY increase in viewership in Q2 2020.

At the time, many gaming companies scrambled to meet the increased demand, as did cloud developers. Now players can stream games on nearly any device. By leveraging cross-platform progression, people are playing more games on more devices than ever.

The sudden surge in gaming has attracted threat actors as well. In 2021, attacks on the gaming industry more than doubled compared to the prior year, as per Akamai.

Preferred methods of attack against gamers

The Akamai report cited the worldwide rise in phishing-as-a-service kits, which also often target gamers. Bad actors continue to rely on tried-and-true exploits, such as phishing and ransomware, and gaming is no exception.

Meanwhile, gamers frequently purchase character upgrades, tools and skins. And these microtransactions generate billions in revenue. According to a report from The Business Research Company, the online microtransaction market is expected to reach $106.02 billion in 2026 at a CAGR of 11.9%. There’s also a lot of philanthropy that comes from gaming communities. As reported by Direct Relief, on Twitch, gamers donated $145 million to charity between 2011-2019, including $42 million in 2019 alone.

For threat actors, the gamer-verse is full of lucrative targets. By hacking into user accounts, intruders can steal in-game currencies and assets as well as account information or entire gaming accounts. Then criminals can put it all up for sale on the dark web. Additionally, if hackers breach a gaming company, actors can steal source code and unlock game cheats. Criminals can also resort to old-fashioned ransomware to encrypt files and publicly expose exfiltrated data.

Online game currency can also facilitate money laundering schemes. Nefarious actors open up a game account, create a profile and then use stolen funds or hacked credit card numbers to purchase as much in-game currency and accessories as possible. From there, they can sell their account to an unsuspecting buyer to complete the money laundering cycle.

Meanwhile, Windows gamers and power users are being assaulted by fake MSI Afterburner. The MSI Afterburner is a GPU utility that allows you to configure overclocking, create fan profiles, perform video capturing and monitor your installed graphics cards’ temperature and CPU utilization. The fake MSI Afterburner download portals infect users with cryptojacking and RedLine info-stealing malware.

Cheaters never win

The internet is full of fake, discounted and pirated products. People download them to get something for free, such as an entire game, special modifications or cheats. Criminals know this and are more than willing to set traps within the product downloads. For example, Redline info-stealing malware can steal passwords, cookies, card details, autofill data from browsers, cryptocurrency wallet secrets and credentials for VPN services.

From July 1, 2021, through June 30, 2022, Kaspersky security solutions detected a total of 6,491 users affected by 3,705 unique info-stealing-type malicious files. In the first half of 2022, the security firm observed a noticeable year-on-year increase in the number of users attacked: 13% over the first half of 2021 (2,867 versus 2,533). The number of unique files used to attack users also increased in the first half of 2022 by nearly a quarter, compared to the first half of 2021: from 1,530 to 1,868.

Ever expanding attack surface

Like many technology-dependent companies, gaming platforms sought to extend their reach during and after the pandemic. Furthermore, real-time role-playing games require significant bandwidth as well as connectivity between players. Now, gamers can set up contests with people on any continent at any time.

However, like for any tech-dependent brand, this expanded level of access also dramatically increases the attack surface. It wasn’t long ago that gaming consoles were the only way to access a gaming platform’s network. Now gamers can use any computer or device to play.

According to Allied Market Research, the cloud gaming market reached $244 million in 2020 and is expected to expand to $21.95 billion by 2030. Gamers love cloud-based platforms as it provides many titles to choose from at an affordable price. Plus, the more serious gamers increasingly use their own PC, which frees them from having to buy the latest console hardware.

As the attack surface continues to expand, attackers have even more ways to hack accounts and breach networks.

Cybersecurity training for everyone

One of the main concerns surrounding gaming security is that targets are frequently children and teenagers. A young gamer at home looking for a cheap game or cool skin can be an easy target.

Here are some tips (adapted from Kaspersky) we can all benefit from, both gamers and non-gamers alike:

  • Protect your accounts with two-factor authentication whenever possible
  • Use a unique, strong password for each of your accounts
  • Use robust antivirus at all times
  • Download your games or apps from official stores like Steam, Apple App Store, Google Play or Amazon Appstore only
  • If your desired title is not available from the official store, purchase it from the official website only. Double-check the URL of the website to make sure it is authentic.
  • Avoid buying the first thing that pops up. Investigate products and read the reviews carefully.
  • Beware of phishing campaigns. Do not open links received by email or in a game chat unless you trust the sender. Do not open files from strangers.
  • Carefully check the address of any website asking for your username and password, as it might be fake
  • Avoid downloading cracked software or any other illegal content, even if a legitimate website directs you to it
  • Keep your operating system and other software up to date.

Every day, untold millions — from the most sophisticated businesses to government offices to organizations and homes all over the world — are targets of nefarious cyber actors. It’s high time we advocate for cybersecurity hygiene for the masses.

More from News

Zero-day exploits underscore rising risks for internet-facing interfaces

3 min read - Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities demand attention from organizations globally.The surge in attacks on internet-facing management interfaces highlights an evolving threat landscape and necessitates rethinking how organizations secure critical assets.Who is exploiting the NGFW zero-day?As of now, little is known about the actors behind the…

Will arresting the National Public Data threat actor make a difference?

3 min read - The arrest of USDoD, the mastermind behind the colossal National Public Data breach, was a victory for law enforcement. It also raises some fundamental questions. Do arrests and takedowns truly deter cyberattacks? Or do they merely mark the end of one criminal’s chapter while others rise to take their place? As authorities continue to crack down on cyber criminals, the arrest of high-profile threat actors like USDoD reveals a deeper, more complex reality about the state of global cyber crime.…

CISA adds Microsoft SharePoint vulnerability to the KEV Catalog

3 min read - In late October, the United States Cybersecurity & Infrastructure Security Agency (CISA) added a new threat to its Known Exploited Vulnerability (KEV) Catalog. Cyber criminals used remote code execution vulnerability in Microsoft SharePoint to gain access to organizations’ networks. The CISA press release states that “these types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.” However, Microsoft identified and released a patch for this vulnerability in July 2024. Cybersecurity experts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today