Minecraft tops list of game titles hackers use to distribute malware

ADVERTISEMENT

Minecraft tops list of game titles hackers use to distribute malware

According to statist, the global gaming market is estimated to reach US$268.8 billion per year by 2025. This makes the gaming industry an attractive place for criminals to commit crimes and target billions of people. players. And with Minecraft Being the best-selling video game of this era, it’s no surprise that hackers are using the title as the number one bait to hide and plant malware on the devices of unsuspecting victims.

According to a new report from endpoint security vendor and consumer IT security software company kaspersky, Mojang Studios’ popular sandbox game Minecraft tops the game titles that are often used by hackers to plant malware on different users around the world. Specifically, the firm stated that the title used as bait affected 131,005 users from July 2021 to June 2022 using the 23,239 distributed files. Kaspersky noted that they saw a drop in the number of malicious and unwanted files with the title, but it remains at the top of the mobile category as a decoy to distribute malware and unwanted software, with 2,406 distributed.

Kaspersky listed nine more games after Minecraft in terms of the number of unique related malicious and unwanted files distributed: FIFA (10,776), Roblox (8,903), Far Cry (8,736), Obligations (8319), Need for Speed ​​(7569), Grand Theft Auto (7125), Valorant (5426), The Sims (5005) and CS:GO (4790).

According to Kaspersky Security Solutions, based on the files they observed from these games, downloaders are the number one malware and unwanted software being distributed, accounting for 88.56% of cases during the study period. It’s a huge number, in fact, and while the security firm said “this kind of unsolicited software might not be dangerous in and of itself…it can be used to load other threats onto devices.” Other types of threats that are spread using major game titles include not-a-virus:AdWare (4.19%), Trojan (2.99%), DangerousObject (0.86%), Trojan-SMS (0. 49%), Trojan Downloader (0.48%). , not-a-virus:WebToolbar (0.47%), not-a-virus:RiskTool (0.45%), Exploit (0.34%), and Trojan-Spy (0.29%). Despite the small percentages of these types of threats, catching them can be a big problem for those affected. For example, a Trojan horse threat can damage, steal, or cause other harmful actions to one’s data or network.

Pie chart of distributed malware types stealing sensitive data from infected devices around the world using popular game titles
Distributed malware types that stole sensitive data from infected devices around the world using popular game titles (July 1, 2021 to June 30, 2022). Image credits: Kaspersky Security Solutions

“The investigation revealed an increase in attacks using malicious software that steals sensitive data from infected devices,” Kaspersky added. β€œIt included verdicts such as Trojan-PSW (Password Stealing Ware) collecting victims’ credentials, Trojan-Banker stealing payment data, and Trojan-GameThief collecting login information for gaming accounts. From July 1, 2021 to June 30, 2022, Kaspersky security solutions detected a total of 6,491 users affected by 3,705 unique malicious files of this type.”

Fake money generator offered to GTA Online players
Example of a fake website: Grand Theft Auto Online

Cheating games to download and install these games with malicious files is not a challenge for bad actors. Gamers often browse the web looking for game cheats, free installers, and more, only to find carefully crafted traps that can deliver malware onto their devices. Kaspersky revealed that hackers create fake websites to lure desperate gamers and even design them with the looks perfectly copied from the real game markets. One example the firm shared was a Grand Theft Auto Online scam site where users were asked to enter their login credentials. Acquiring these bits of information gives hackers the opportunity to view the user’s banking details and other sensitive data. Other games using the same technique include scam sites for Apex Legends, CS:GO, PUBG, and Warface.

ADVERTISEMENT

ADVERTISEMENT