From April 1, 2024 to March 31, 2025, Kaspersky detected over 19 million attempts to download malicious or unwanted files disguised as popular Gen Z games. With GTA, Minecraft and Call of Duty among the most exploited, it's clear that cybercriminals are actively following gaming trends to reach their targets. To help players stay safe, Kaspersky is launching “Case 404” — an interactive cybersecurity game that teaches Gen Z how to recognize threats and protect their digital worlds while doing what they love: playing.
Gen Z plays more than any other generation — and not just more, but differently. They outpace Millennials and Gen X in gaming-related spending, and, instead of sticking to a few favorites, Gen Z jumps between numerous titles, chasing viral trends and new experiences. Yet this same spontaneity and openness also make them vulnerable, with cybercriminals exploiting the habits and trust of these players across the platforms. For instance, throughout the reported period, more than 400,000 users worldwide were affected.
Attempts
to attack users through malicious or unwanted files disguised as Gen Z’s
favorite games throughout the reported period
As part of the new report,
Kaspersky experts conducted an in-depth analysis using 20 of the most popular
game titles among Gen Z — from GTA, NBA and FIFA to The Sims and Genshin Impact
— as search keywords. The study covered the period from Q2 2024 to Q1 2025,
with March 2025 standing out as the peak month, recording 1,842,370 attempted
attacks.
| Title | The number of attack attempts |
| Grand Theft Auto | 4,456,499 |
| Minecraft | 4,112,493 |
| Call of Duty | 2,635,330 |
| The Sims | 2,416,443 |
| Roblox | 1,548,929 |
| FIFA | 909,174 |
| Among Us | 766,055 |
| Assassin’s Creed | 584,873 |
| CS: Go | 379,768 |
| Red Dead Redemption | 349,821 |
The top-10 exploited games popular with Gen Z by the number of attempted attacks throughout the reported period
Despite GTA V being released over a decade ago, the Grand Theft Auto franchise remains one of the most exploited, thanks to its open-world modding capabilities and thriving online community. In total, Kaspersky detected 4,456,499 attack attempts involving files disguised as GTA franchise-related content. With the highly anticipated release of GTA VI expectedin 2026, experts predict a potential spike in such attacks, as cybercriminals may exploit the hype by distributing fake installers, early access offers or beta invites.
Minecraft ranked second, with 4,112,493 attack attempts, driven by its vast modding ecosystem and enduring popularity among Gen Z players. Call of Duty and The Sims followed with 2,635,330 and 2,416,443 attack attempts respectively. The demand for cheats and cracked versions around competitive CoD releases such as Modern Warfare III fuels malicious activity, while The Sims fans searching for custom content or unreleased expansion packs may inadvertently download harmful files presented as mods or early access.
As a result of such attacks, users’ devices can be infected with various types of unwanted or malicious software — from downloaders that can install additional harmful programs, to trojans that steal passwords, monitor activity, grant remote access to attackers or deploy ransomware. The goals of these attacks vary, and one common motive is stealing gaming accounts, which are later sold on the dark web or closed forums.
Kaspersky GReAT experts also analyzed darknet marketplaces and closed platforms for advertisements selling compromised gaming accounts and skins. The research indicates a growing number of such offers showing up not just on the darknet, but also on regular closed forums and Telegram channels — making these illicit assets more visible and accessible than ever.
A post from a closed forum advertising a digital store, which sells access to Minecraft and streaming service accounts, boasting over 500 sales
This shows that the theft of gaming accounts and digital items is no longer limited to niche cybercrime circles — it's starting to spread into more open online spaces. The barrier to entry for selling or buying stolen accounts has significantly lowered. What was once a technical, underground practice has become a marketplace — fast, accessible and global. It now takes just a few clicks to join a private Telegram channel and access hundreds of listings offering rare skins, high-rank accounts, and access to premium in-game items. And for gamers, this means that the risk of losing an account or having it resold is no longer a rare incident — it’s a mainstream threat.
To address this, Kaspersky has launched an interactive online game, “Case 404”, created especially for Gen Z gamers. In this cyber-detective adventure, players dive into fictional cases inspired by real digital threats, learning how to spot scams, phishing attempts and account takeover tactics common in gaming. With “Case 404”, Kaspersky isn’t just raising awareness — it’s equipping players with the mindset and skills to stay secure while doing what they love. Those who complete the game also receive a discount on Kaspersky Premium, giving them reliable tools to protect their gaming and digital lives.
“From open-world blockbusters like GTA to cozy simulators like The Sims, cybercriminals target games across every genre Gen Z loves. What unites them is the audience: Gen Z is the most digitally active generation, leaving behind a rich trail of data, clicks and curiosity. This makes them a prime target — not because they’re careless, but because they’re constantly online, exploring, downloading and sharing. That’s why digital self-defense is no longer optional. Learning how to recognize threats should be as natural as leveling up in a game. Through “Case 404”, we want to equip young players with tools and instincts to protect what matters to them most — their digital identity, their accounts and their freedom to play safely,” comments Vasily Kolesnikov, security expert at Kaspersky.
To play their favorite games safely, Kaspersky
recommends the following to Gen Z:
- Check out the interactive online game, “Case 404” by Kaspersky, explicitly designed for Gen Z to learn how to stay safe in an increasingly vulnerable online world.
- Download games, mods and tools only from official sources. Avoid torrents, third-party websites or links shared in forums and chats — even if they promise rare skins or free bonuses.
- Be skeptical of giveaways. If a website or message offers something too good to be true (like free currency or legendary gear), it probably is — especially if it asks for your login credentials.
- Use strong, unique passwords for every gaming and email account. A password manager can help generate and store them securely.
- Enable two-factor authentication (2FA) wherever possible — especially on platforms like Steam, Epic Games and Discord.
- Check URLs carefully. Phishing sites often look almost identical to the real ones but use slight misspellings or fake subdomains.
- Don’t share accounts or login details, even with friends. Shared access often leads to unintentional exposure or theft.
- Use a reliable security solution, like Kaspersky Premium, to detect malicious attachments that could compromise your data.
- Ensure secure browsing and safe messaging with Kaspersky VPN, hiding your IP-address and preventing potential data leaks.
About Kaspersky Threat Research
The Threat Research team is a leading authority in protecting against cyberthreats. By actively engaging in both threat analysis and technology creation, our TR experts ensure that Kaspersky’s cybersecurity solutions are deeply informed and exceptionally powerful, providing critical threat intelligence and robust security to our clients and the broader community.
About Global Research & Analysis Team
Established in 2008, Global Research & Analysis Team (GReAT) operates at the very heart of Kaspersky, uncovering APTs, cyber-espionage campaigns, major malware, ransomware and underground cyber-criminal trends across the world. Today GReAT consists of 30+ experts working globally – in Europe, Russia, Latin America, Asia and the Middle East. Talented security professionals provide company leadership in anti-malware research and innovation, bringing unrivaled expertise, passion and curiosity to the discovery and analysis of cyberthreats.
