Cybercriminals target Minecraft fans with malware • The Register

With 3 billion players worldwide, the $200 billion gaming market is an increasingly ripe target for cybercriminals, and the perennially popular Minecraft is one of the most sought-after lures.

This was confirmed by Kaspersky research published on its Securelist website. Using statistics collected by Kaspersky Security Network (KSN), which processes anonymous threat data voluntarily shared by customers, the security vendor examined the most widespread malware strains found to have an association with the biggest PC and device games. mobiles.

“We use game titles as keywords and compare them to our KSN telemetry to determine the prevalence of malicious files and unwanted software related to these games, as well as the number of users attacked by these files,” Kaspersky said. “In addition, we tracked the number of fake cheat programs for the popular games listed above and a number of miners that drastically affect the performance of gamers’ computers.”

Between July 1, 2021 and June 30, 2022, Kaspersky said a total of 384,224 users had problems with gaming-related malware. Some 91,984 files posing as copies of popular games were actually hosting PUAs.

here the name Minecraft – a sandbox building game that is especially popular with children – was the most popular bait used in 23,239 malicious files affecting 131,005 players. However, the number of files decreased by 36 percent (36,336) from the previous year and users were affected by almost 30 percent (184,887).

The following most popular games used as lures to distribute malware should come as no surprise: Roblox (also great with children), need for speed, Grand Theft AutoY Obligations. In the mobile sphere, again, Minecraft, Roblox, Grand Theft Auto, PUBGY fifa were the main targets.

In the vast majority of infection cases Kaspersky witnessed (88.56%), lures were used to install downloaders.

The company noted: “This type of unsolicited software may not be dangerous in itself, but it can be used to load other threats onto devices.”

It was followed by adware (4.19%), which displays pop-up ads on desktop and mobile devices, and Trojans (2.99%). The rest were various types of malware, exploits, PUPs, and other nasty stuff pretending to be something they’re not.

Kaspersky attributed the majority of Trojans downloaded in this way (76.87 percent) to password stealers, followed by software designed to steal payment credentials (22.14 percent) and gaming accounts (0.99 percent). hundred). These payloads were most often delivered by gamers seeking titles from disreputable sources or supposedly “cracked” copies.

Since the content of some accounts is perceived as valuable, phishers have also created fake gaming websites such as GTA Y apex legends they claim to generate in-game currency, but actually steal account details of owners to take over and other sensitive information related to them. Kaspersky said that it had detected 3,116,782 such attacks between 2021 and 2022.

Criminals have also used games as lures to hoard computing resources to mine cryptocurrencies. the Very far Kaspersky found that the series has 510 unique malicious files associated with it and 1,050 affected users tracked by Minecraft (again) with 406 files, and valorant with 93. However, the security vendor noted that the affected users were cut in half in 2022 as the crypto winter set in.

Another easy entry for cybercriminals targeting the gaming industry was, of course, cheaters. There are countless dodgy-looking websites offering scripts, macros, and more to give those struggling an edge, but you never really know what you’re getting until it’s too late.

Kaspersky detected some 3,154 unique malicious files disguised as cheat programs that affected 13,689 users. The most common games aimed at this area were counter strike global offensive (418 files), Roblox Y valorant (both 322), and Total war (284). need for speed fans seemed to be the most desperate to cheat, with 3,256 users compromised by malware in this way.

Kaspersky expressed dismay that the most frequently targeted games are those popular with young people who might not be aware of information security and the behavior of cybercriminals.

While the company made the usual recommendations of employing two-factor authentication along with strong, unique passwords to protect accounts, it might also be worth having a chat with your kids, especially if they like Minecraft Y Roblox – and let them know what not to do and what to watch out for. And for God’s sake set it up for them through the correct channels: Steam, Microsoft Store, Apple App Store, Google Play, etc. ®

Leave a Comment