Popular games like Roblox, FIFA, PUBG and Minecraft are among 28 games that were exploited by malware between July 2021 and June this year, affecting more than 384,000 users via nearly 92,000 malicious files.
Other big series of games released during the last year — Elden Ring, Halo, and Resident Evil — were also actively abused by attackers who spread ‘RedLine’ malware under their guise, according to Kaspersky researchers.
RedLine is a password-stealing software, which extracts sensitive data from the victim’s device such as passwords, saved bank card details, cryptocurrency wallets and credentials for VPN services.
“Cybercriminals are creating more and more new schemes and tools to attack players and steal their credit card data and even game accounts, which can contain expensive skins that can later be sold. For example, strikes on e-sports, which are now gaining huge popularity around the world,” said Anton V. Ivanov, senior security researcher at Kaspersky.
In addition to the large number of downloaders that are able to install other unwanted programmes and adware, researchers also detected Trojan Spies – a category of spyware capable of tracking any data entered on the keyboard and taking screenshots.
Mimicking the whole interface of in-game stores for “CS:GO, PUBG and Warface”, scammers create fraudulent pages, offering potential victims a decent arsenal of various weapons and artifacts for free.
To receive the gift, players need to enter login data for their social network accounts, such as Facebook or Twitter.
After taking over accounts, attackers are likely to search through personal messages for card details, or ask various friends of the victim for money, preying on their trust and carelessness, said researchers.
The number of users attacked by malicious software, which gathers sensitive data and spreads under the guise of some of the most popular gaming titles, has increased by 13 per cent compared to the first half of 2021.
In attempts to download new games from untrustworthy resources for free, players actually received malicious software, losing their gaming accounts and even money.