Lockdown gaming baddies: 5.8 million attacks detected over the past year

Over 5.8 million attacks by malware and unwanted software disguised as popular PC games were detected and prevented by Kaspersky solutions in Q3 2020 to Q2 2021. This increased volume may be connected to the rapid growth of gaming activities during the pandemic. The data comes from the latest game-related cyberthreats report by Kaspersky, in which researchers assessed the changes of gaming-related threats during the pandemic. 

The gaming industry witnessed unprecedented growth over the past 18 months, in part, thanks to users being forced to find alternative means of entertainment as they stayed at home. Even though the world has become safer this year, the demand for games persists, and the industry is predicted to grow even further, reaching a potential peak of 175.5 billion USD by the end of 2021. With this in mind, Kaspersky researchers carried out a review of various game-related threats that its users faced throughout the pandemic – from potential attacks on PC and mobile to phishing schemes.

To get a clear picture of the trends, Kaspersky analyzed the attacks with malware and unwanted software disguised as the 24 most popular PC games and the top 10 mobile titles of 2021. The results showed that PC game-related cyberthreats soared with the introduction of lockdowns in Q2 2020, hitting 2.48 million detections worldwide – a 66% increase compared to Q1 2020 when 1.48 million attacks were detected. Interestingly, the number of attacks and affected users declined sharply in Q2 2021 – to just 636,904 attacks.

Mobile games showed a slightly different trend, with the number of users affected growing by 185% at the beginning of the pandemic, from 1138 users in February 2020 to 3253 users in March 2020. Furthermore, the number of users striving to unwind on mobile phones did not drop significantly after the two waves of the pandemic, showing on average just a 10% drop in users attacked per month in Q2 2020 versus Q2 2021. This showed that mobile threats remained attractive to cybercriminals even as lockdowns were being lifted across the world.

Speaking of popular games, Minecraft topped the charts for both PC and mobile categories as the game most often used to disguise the distribution of unwanted software and malware. Such overwhelming popularity of Minecraft may be explained by the fact that there are multiple versions and a myriad of mods – additional modifications that can be installed on top of the game to diversify it and the gaming experience. Usually, the mods are created by users and are unofficial, providing a convenient disguise for malicious payloads or unwanted software. Throughout July 2020 to June 2021, 36,336 files disguised as Minecraft were distributed. They affected 184,887 PC users and resulted in 3,010,891 attempted infections, which is nearly half of the detected files and attacks during this period

.Game title	Users	Detections	Files
Minecraft	184887	3010891	36336
The Sims 4	43252	1266804	5844
PUBG	26724	484528	10360
Fortnite	14702	267598	6109
Grand Theft Auto V	14261	187114	4953

Top five PC game titles most often used as a disguise for the distribution of malware and unwanted software globally, Q3 2020 to Q2 2021

While the majority of files distributed under the guise of gaming titles were downloaders – programs capable of downloading other software to infected devices and adware, occasionally, both PC and mobile users faced much more serious threats, including Trojan-Stealers designed to steal data about cryptocurrency and other valuable data, Trojan bankers and even backdoors.

On the left: this phishing page offers to download PUBG mobile, but all the user gets is unwanted software. On the right: a fake PUBG app is, in fact, a Trojan gathering user data

 “We have witnessed a clear effect of the pandemic on the number of gaming-related threats. As more people switched to gaming, more users faced threats that were disguised as games. Two popular ways of threat distribution are phishing pages – there have been a myriad of them targeting users of different gaming platforms, many of which are very hard to tell apart from real sites for regular users. Another attack vector is warez sites – in particular, we have traced a well-coordinated campaign that distributed a dangerous dropper via such sites, affecting users in 45 countries,” comments Anton V. Ivanov, security researcher at Kaspersky. “With development of in-game goodies and currencies, the gaming industry is becoming even more lucrative and appealing to cybercriminals. Perhaps the worst risks associated with game-related threats is the loss of account credentials – be it login details to a gaming account or, even worse, banking or cryptocurrency applications”.

“All in all, sticking to official stores and staying vigilant when looking at game-related content is crucial for a safe experience”, adds Anton.

Learn more about the findings of the Game-related cyberthreats: Part 1 on Securelist.

To stay safe while gaming, Kaspersky experts recommend:

• Using strong passwords — and a unique one for every account. You can do that with the help of Kaspersky Password Manager to make using secure passwords easier. That way, even if one of your accounts gets stolen, it won’t compromise the rest. It’s safer to avoid using the same password for online games that you use for other services 
• Only downloading your apps from official stores like the Apple App Store, Google Play, or Amazon Appstore. Apps from these markets are not 100% secure, but at least they get checked by shop representatives, and there is some filtration system – not every app can get into these stores 
• Trying to avoid buying the first thing that pops up. Even during Steam’s summer sale, try to at least read some reviews before forking out for a little-known title. If something is fishy, people will probably figure it out, and this will come out in user comments 
• Not clicking on any links to external sites from the game chat, and carefully check the address of any resource that requests you enter your username and password; the page may be fake 
• Avoiding downloads of pirated software and other illegal content. Even if you are redirected to the webpage from a legitimate website
• Using a strong, reliable security solution that will be a great help to you, especially if it won’t slow down your computer while you play. It will also protect you from all possible cyberthreats. We recommend Kaspersky Total Security – it works smoothly with Steam and other gaming services  
• Using a robust security solution to protect you from malicious software and its actions on mobile devices – such as the Kaspersky Internet Security for Android.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com. 

© Press Release 2021