Don’t let your virtual glory quest become a real-world nightmare. Learn how cybercriminals target gamers with malware hidden in mods, phishing scams, and more.
ESET Research has revealed a concerning fact: Cybercriminals are targeting gamers, and it’s no mystery why they are such meaty targets.
The gaming industry is huge — some games generate millions in monthly revenue, satisfying gamers and executives simultaneously. However, in some cases, gaming can present some very real dangers that are more severe than getting a virtual arrow in your knee.
“I wanna be the very best”
How far will a person go to excel in their game?
With the advent of online gaming, more and more people are playing together in real time, leading to more social interactions than ever before. This can lead to much pressure, especially when playing online games with a player vs. player (PVP) aspect, like multiplayer shooters or battle arenas.
When you want to be the best, you will focus on improving your skills, right? Quite a few people would rather cheat to the top of the rankings, raking in the gain without the pain.
The game has just begun
However, cheats are not the only attack vectors for infostealers to infiltrate your device.
For example, when you like a game like Minecraft, you might want to go beyond what the developer offers with the default set of assets and gameplay scenarios. For example, players of the Java version of Minecraft often modify their worlds by adding additional creatures, building blocks, or more ways to use Redstone, leading to creations such as functional computers inside the game (creativity is limitless).
While it is great that players seek more creative ways to redefine their game experiences, cybercriminals also abuse this. You see, mods (game modifications) are usually available as downloads —– for Minecraft, typically on web pages like Planet Minecraft or Minecraft Mods. These are all publicly available platforms, hence why cybercriminals try to exploit such places with their nefarious prospecting by updating modifications and injecting them with malicious code. Such was the case reported by Bleeping Computer when hackers compromised several accounts on modding platforms to distribute info stealers, hijacking existing projects.
Sadly, even official resources are sometimes vulnerable to exploitation due to various vulnerabilities. For example, 50,000 Minecraft accounts were infected by skins injected with malware capable of reformatting hard drives, deleting backups, and deleting system programs offered as a download on the game’s website.
Also Read: 6 Hot Cybersecurity Trends—and 2 That Are Cooling Down
Nothing is true; everything is permitted
Apart from infostealers, phishing is also trendy in gaming circles. Gaming placed No. 10 in the top phishing website category by ESET Research.
To paint a picture of how this happens, consider when a gamer is playing an online MMO like World of Warcraft or a game with virtual currency such as Fortnite.
Character skins and various XP boosts might require purchasing them with virtual currency. In WoW’s case, for example, there’s the WoW token. You either purchase one with in-game gold for game time or Battle.net balance (enabling real currency purchases) or do the opposite and purchase one for an influx of in-game gold with real money. Imagine it as a foreign exchange of sorts.
Similarly, in Fortnite, V-Bucks can purchase outfits, emotes, and Battle Passes. These are tempting for various reasons, especially when you want to stand out among an online crowd.
Kids, teenagers, and even adults don’t know better sometimes. Via the chat functions in these games (unless disabled or if the account has a parental lock), gamers can be tempted by fellow players to visit certain websites to receive either currency for free! Just insert your login details, and you’ll immediately receive an influx of your desired virtual cash/token. Your credentials and account will likely get stolen since a cybercriminal has successfully phished you.
Infostealer detections
ESET telemetry continues to detect threats like RedLine Stealer and Lumma Stealer, with the former achieving localized detection peaks coming mostly from states such as Germany, Spain, and Japan.
On the other hand, Lumma switched its malware to a new variant, leading to a growing trend in its detections as Win/Spy.Agent.QLD.
Both info stealers have been detected in payloads of files, masking themselves as cheating tools or video game cracks (game executables bypassing copy protection). Overall, info stealers have seen a slight rise compared to the previous period (4% increase).
ESET has also detected Epsilon Stealer (as JS/PSW.Agent trojan variants .CH and .CI). It was recently present in a popular mod of Slay the Spire, pushed through the Steam update system after having breached the developer accounts on Steam and Discord. Once installed, Epsilon looks to exfiltrate cookies, saved passwords, credit card details from web browsers, and login info for Steam, Windows, and other accounts.
Also Read: Fortress Fallacy: Why Your Network Security Needs a Zero Trust Makeover
Stay awhile and listen
To protect against info stealers and other malicious threats, your best bet is to raise your protection with strong next-gen security software like ESET Home Security. Thanks to ESET telemetry and ESET LiveSense security layers, it can assure a strong safety net in case a mod pack gets infected or if someone downloads an infected executable already caught by one of our global sensors.
The same software also offers anti-phishing protection and secure browsing to block suspicious websites or emails and guarantee a safe browsing experience while socializing online.
As for account security, use diverse passwords (we recommend using the ESET Password Generator to ensure their strength), store your credentials in password managers (instead of browsers), and use the app or biometrics-based multi-factor authentication instead of SMS to add another layer to your account’s security, keeping threat actors at bay.
