Over 5.8 million attacks by malware and unwanted software disguised as popular PC games were detected and prevented by Kaspersky solutions in Q3 2020 to Q2 2021. This increased volume may be connected to the rapid growth of gaming activities during the pandemic. The data comes from the latest game-related cyberthreats report by Kaspersky, in which researchers assessed the changes of gaming-related threats during the pandemic.
The gaming industry witnessed unprecedented growth over the past 18 months, in part, thanks to users being forced to find alternative means of entertainment as they stayed at home. Even though the world has become safer this year, the demand for games persists, and the industry is predicted to grow even further, reaching a potential peak of 175.5 billion USD by the end of 2021. With this in mind, Kaspersky researchers carried out a review of various game-related threats that its users faced throughout the pandemic – from potential attacks on PC and mobile to phishing schemes.
To get a clear picture of the trends, Kaspersky analyzed the attacks with malware and unwanted software disguised as the 24 most popular PC games and the top 10 mobile titles of 2021. The results showed that PC game-related cyberthreats soared with the introduction of lockdowns in Q2 2020, hitting 2.48 million detections worldwide – a 66% increase compared to Q1 2020 when 1.48 million attacks were detected. Interestingly, the number of attacks and affected users declined sharply in Q2 2021 – to just 636,904 attacks.
Mobile games showed a slightly different trend, with the number of users affected growing by 185% at the beginning of the pandemic, from 1138 users in February 2020 to 3253 users in March 2020. Furthermore, the number of users striving to unwind on mobile phones did not drop significantly after the two waves of the pandemic, showing on average just a 10% drop in users attacked per month in Q2 2020 versus Q2 2021. This showed that mobile threats remained attractive to cybercriminals even as lockdowns were being lifted across the world.
Speaking of popular games, Minecraft topped the charts for both PC and mobile categories as the game most often used to disguise the distribution of unwanted software and malware. Such overwhelming popularity of Minecraft may be explained by the fact that there are multiple versions and a myriad of mods – additional modifications that can be installed on top of the game to diversify it and the gaming experience. Usually, the mods are created by users and are unofficial, providing a convenient disguise for malicious payloads or unwanted software. Throughout July 2020 to June 2021, 36,336 files disguised as Minecraft were distributed. They affected 184,887 PC users and resulted in 3,010,891 attempted infections, which is nearly half of the detected files and attacks during this period.
|The Sims 4||43252||1266804||5844|
|Grand Theft Auto V||14261||187114||4953|
Top five PC game titles most often used as a disguise for the distribution of malware and unwanted software globally, Q3 2020 to Q2 2021
While the majority of files distributed under the guise of gaming titles were downloaders – programs capable of downloading other software to infected devices and adware, occasionally, both PC and mobile users faced much more serious threats, including Trojan-Stealers designed to steal data about cryptocurrency and other valuable data, Trojan bankers and even backdoors.
On the left: this phishing page offers to download PUBG mobile, but all the user gets is unwanted software. On the right: a fake PUBG app is, in fact, a Trojan gathering user data
“We have witnessed a clear effect of the pandemic on the number of gaming-related threats. As more people switched to gaming, more users faced threats that were disguised as games. Two popular ways of threat distribution are phishing pages – there have been a myriad of them targeting users of different gaming platforms, many of which are very hard to tell apart from real sites for regular users. Another attack vector is warez sites – in particular, we have traced a well-coordinated campaign that distributed a dangerous dropper via such sites, affecting users in 45 countries,” comments Anton V. Ivanov, security researcher at Kaspersky. “With development of in-game goodies and currencies, the gaming industry is becoming even more lucrative and appealing to cybercriminals. Perhaps the worst risks associated with game-related threats is the loss of account credentials – be it login details to a gaming account or, even worse, banking or cryptocurrency applications”.
“All in all, sticking to official stores and staying vigilant when looking at game-related content is crucial for a safe experience”, adds Anton.
Learn more about the findings of the Game-related cyberthreats: Part 1 on Securelist.
To stay safe while gaming, Kaspersky experts recommend:
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.