Leading Game Publishers Hit Hard By Leaked
Over 500,000 leaked credentials tied to the top two dozen leading gaming companies are for sale online.
Leading gaming companies, such as Ubisoft, have become big targets for cybercriminals that aim to turn a profit by selling leaked insider-credentials tied to the top game publishers. Over 500,000 stolen credentials tied to the top 25 gaming firms were found on caches of breached data online and up for sale at criminal marketplaces, according to researchers at Kela.
In a recent scan, they found 1 million compromised credentials associated with the larger gaming universe of clients and also employees half of which were for sale online. More than 500,000 of the leaked credentials pertained to employees of leading game companies, according to the report published Monday.
The past year was a punishing one for the gaming sector, as outlined by Threatposts 2020 cybersecurity recap. Gamers faced foul play ranging from ID theft, scams or the hack of in-game valuables.What makes Kelas research unique is the light it shines on inroads hackers have made inside the $196 billion industry. Fueling the trend, wrote the reports authors, Almog Zoosman and Victoria Kivilevich, is a boom within the sector spurred by COVID-19s demand for social distancing driving interest in the solitary activity of video gaming.
Of course, ransomware attacks are also part of the hackers playbook.
Character And Inventory Theft
Criminals are likely to target in-game resources, well-developed game characters, paid game accounts, or associated credit-card data. The latter is the hardest to target, but others may be stolen from you in multiple ways: phishing, password-stealing malware, in-game fraud and so on. Ultimately, the better your character or account, the greater the chance that criminals will target you specifically. This is especially relevant for well-developed games with large, loyal audiences worldwide.
Solution: As you progress in a game, be more and more cautious with your account. Set up two-factor authentication for the account, use complex and unique passwords for your in-game account and your primary e-mail address, use a strong security solution for your device, and watch out for phishing and other attempts to steal your credentials.
The better your in-game character, the more likely criminals are to target you personally.
Use Of The Same Operating System
Homogeneity can be a vulnerability. For example, when all computers in a network run the same operating system, upon exploiting one, one worm can exploit them all: In particular, Microsoft Windows or Mac OS X have such a large share of the market that an exploited vulnerability concentrating on either operating system could subvert a large number of systems. It is estimated that approximately 83% of malware infections between January and March 2020 were spread via systems running Windows 10. This risk is mitigated by segmenting the networks into different subnetworks and setting up firewalls to block traffic between them.
You May Like: Natural Tooth Pain Relief Infection
These Are The Games Malware Scammers Are Exploiting Most
Hackers capitalize on the popularity of games like Minecraft to infect your PC and phone with malware.
Hackers will try whatever they can to weasel their way into your devices, and a growing number of them are capitalizing on the popularity of games like Minecraft and The Sims to dupe you into downloading fake and malware-laden apps.
According to a report from Atlas VPN, 303,827 devices were affected by gaming-related malware and unwanted software between July 2020 and July 2021. “Minecraft was by far the most popular game on both PC and mobile platforms for dangerous app distributors to hide behind”nearly 185,000 users were hit with over 3 million Minecraft-related malware detections, Atlas VPN says, citing data from Kaspersky Security Network.
We’re not talking about legitimate copies of Minecraft. When purchased from reputable online stores and app stores, the Microsoft-owned game should work as expected. But shady developers can create apps or mods with the name Minecraft in the title in the hopes that gamers won’t pay attention and will download their malicious apps.
“There are various versions of Minecraft and a plethora of mods may account for its enormous popularity,” Atlas VPN says. “Because mods are unofficial and developed by users, they can be used to hide dangerous payloads or undesirable software.”
Why Mobile Gaming Needs Ramping Up Of Threat Intelligence And Monitoring
As gaming enterprises struggle to balance user experience, security, and performance, threat intelligence and monitoring could be the path forward. Since games have become more complex and gaming platforms drive more revenue, companies are under pressure to deliver secure and seamless customer experiences. Stakeholders in the gaming industry can implement a multilayered security approach to safeguard applications and players’ data proactively. Some robust strategies to consider:
You May Like: Single Dose Fluconazole For Yeast Infection
Create A Secure Password And Never Share It With Anyone
One of the most simple ways to improve your online security is to create a secure password and never share it with anyone online. For starters, avoid passwords such as password or qwerty123.
You might come across other players trying to entice you to upgrade your character or give you a new cosmetic item in-game, and they may ask for access to your account.
Never give anyone access to your gaming account. They can steal it, or they can use these details for any malicious intent. Theres simply no reason for you to give your game account details to anyone.
And, above all, make sure that your password is strong enough so someone cant guess it. For example, a 10-digit password consisting only of numbers could be compromised in seconds or less with brute force software, which can try thousands of combinations in mere seconds.
However, create a 15-character password that uses numbers, and upper-case and lower-case letters, and it could take 600 million years!
There are bots online that impersonate players, capture their IDs, and automatically run brute force attacks to steal their information!
Worried about how youll remember all those passwords? For even greater security, and to avoid writing everything down which you absolutely shouldnt you could use a password manager.
You can also check out our guide on how to create a secure password for important tips when setting new passwords.
We Dig Into The Game Players Code
Posted: by Christopher Boyd
Gaming security is getting a lot of attention at the moment. Rightly so its a huge target for scammers and malware authors. Malicious ads, fake games, survey scams, phishing attacks…whatever you can think of, its in use. Some target kids and steal their accounts, selling them on. Others go after parents, who have their payment details tied to various platforms and consoles. Whatever the scammer is into, rich pickings can be theirs for the taking.
As weve shown previously, you dont even have to be on a gaming platform to be at risk from shenanigans. You can run into something bad and gaming-related purely from hanging out somewhere else. These attacks, these tactics, are pervasive.
Some organisations are trying to turn the tide, however.
You May Like: Treatment Of Hepatitis C Virus Infection
Hackers Spread Malware Via Children’s Gaming Websites
Hackers are increasingly targeting child-focused gaming websites, according to a leading anti-virus firm.
Avast says it detected malware threats at more than 60 sites that contained “game” or “arcade” in their title, in the 30 days running up to 12 January.
It says the pages tried to download Javascript infections, redirectors and potentially unwanted software.
The Czech company says that young children are often less careful than adults about what they click on.
“These are sites with mini-games, including flash applications and simple online apps – one example is software that allows girls to dress and change the clothes of characters,” Ondrej Vlcek, the firm’s chief technical officer, told the BBC.
Avast says the most visited site affected – cutearcade.com – had generated more than 12,600 infection reports from its protection software as of last week.
The company says a Trojan on the site had redirected users to linuxstabs.com, a known distribution point for malware.
On Wednesday Avast said its software still detected threats on the site.
Cutearcade.com’s owner Two Point Oh, registered to the British Virgin Island of Tortola, did not respond to requests for comment.
The webmaster of one of the other sites flagged up by the study said he believed that third-party adverts might have been to blame.
“I have checked my site in and out for malware and have none,” said Eric Smith, webmaster of hiddenninjagames.com.
The Evolution Of Password Stealing Malware
The driving force behind evolution is natural selection. Antivirus programs act as the first line of defense for computers and have played a substantial role in the evolution of malware designed to steal passwords to online games. The stronger the defense, the harder it is to evade it in response, malware becomes ever more complex.
The first malicious programs for online games were primitive, but today they use the latest in malware writing technology. Their evolution was threefold: the evolution of password stealing functionality, which also deliver the data to a malicious user the evolution of propagation techniques the evolution of malware self-defense techniques against antivirus programs
Also Check: Can Urgent Care Treat Urinary Tract Infection
Top 5 Threats For Online Gamers And How To Avoid Them
This piece looks at the five threats online gamers face and what they can do to protect themselves. Its important to be wary of these to stay safe and secure.
We all know how much you enjoy playing socially, professionally or casually video games, which is why we want to take this opportunity to share more information about safe online gaming.
Previously we have discussed how to protect yourself while playing, with professional online gamers offering advice based on their knowledge and experience as users and we have also talked about why security is important in every instance of game development.
Today we will talk specifically about some of the biggest threats online gamers face and, of course, how you can protect yourself. Below you will find the top five threats, in no particular order of importance.
Install A Robust Antivirus
These days, you should really be using a robust antivirus to protect your computer, especially when youre frequently downloading games on it. Free antivirus software is better than no protection at all, but combined with the other tips here, a really good antivirus program will help keep your devices as secure as possible.
There are several companies that release antivirus software designed to offer maximum protection while gaming, without hogging computer resources. Heres our list of the best antivirus software for gaming.
Incidentally, Kaspersky is our favorite antivirus right now, which offers real-time protection, phishing and ransomware protection, and regular, deep virus scanning. It ranks highest in our list of the best antivirus software for 2022.
Read Also: Does Vagisil Help With A Yeast Infection
What To Do In Case Of A Gaming Malware Infection
Perhaps youre seeing unwanted pop-up adverts, or maybe youve spotted an odd application that youve never seen before. If youve got malware on your gaming platform, you need to act fast to minimize the damage. Below, youll find our quick, step-by-step guide to what you should do if your gaming device is infected with malware:
The best way to avoid gaming malware infections is to avoid downloading suspicious games in the first place. And, always avoid downloading games that seem too good to be true.
Hello Is The Gamer Home Threats Disguised As Games
The types of malware and unwanted software distributed under the guise of games are somewhat unsurprising and reflect the overall trends in files distributed as illegal or cracked software. The statistics show downloaders accounted for an overwhelming majority of the software being spread. While this type of software is not malicious in itself, downloaders are often used to load other threats onto devices. Another common type of software spread as games is adware, which shows illicit advertising against users wish.
Other threats distributed under the titles of popular games include various Trojans, such as Trojan-Droppers and Trojan-Downloaders.
| Threat | |
| Trojan-PSW | 0.11 |
TOP 10 threats distributed worldwide under the guise of popular games, July 1, 2020 through June 30, 2021
Miners are worth mentioning among the threats to PC gamers. They were detected under various verdicts such as Trojans, RiskTools etc, accounting for 0.11% of all threats. Miners targeting gamers sounds logical, as gaming computers have greater processing power. Miners can often remain unnoticed for long periods of time, only giving themselves away through the amount of energy consumed by infected devices. One miner detected by our products mimicked a PUBG installer. As user launches the installation process of what they believe to be a popular game, the miner is installed and programmed to run automatically.
This self-extracting archive mimicking a PUBG installer contains an XMRig miner
You May Like: Sinus Infection Lower Tooth Pain
Pick A Hand: A Game Or An Sms Trojan
We took a closer look at some of the threats that were distributed as popular mobile games, and which could cost a user dearly. One of the Trojans that our solutions detect as HEUR:Trojan.AndroidOS.Vesub.b disguises itself as the Brawl Stars and PUBG Mobile games. When launched, the application simulates the loading process, while in fact, it collects and sends information about the users device to the control server, receiving commands in response. After the user notices that the game is not starting and decides to exit, the app icon is hidden, but the work does not end there. The application continues to work in the background, receiving commands to subscribe, send text messages or display ads, including unexpected playback of videos on YouTube, application pages in Google Play and advertising pages in the browser.
This page offers to download PUBG Mobile, while in fact, all that the user is getting is unwanted software
A fake PUBG app takes its time to load, while gathering data from the users device
The Vesub Trojan sends an infected systems data to a C& C server and receives command to enter a subscription
Among the distributed threats is also the well-known Triada Trojan, detected as HEUR:Trojan.AndroidOS.Triada.bu. It is capable of showing unwanted advertising, and downloading and installing apps without users consent. This Trojan is hidden within a modified version of Minecraft. The game itself does, in fact, work, so the unwitting user at least gets to play.
Becoming A Target Of Addiction
Sometimes, making kids play or spend more than they should is an explicit strategy coming from the game creators or hosts. In a very disturbing discovery, it was revealed that the phenomenon of luring children to spend parents money without their approval, with no sensible refund policies established.
Whenever parents discovered the unwanted purchases and called for a refund, the game only offered some bonus in-game items as compensation. Make sure your kids are aware that all in-app purchases are forbidden.
Recommended Reading: The Best Antibiotic For A Tooth Infection
Supply Chain Hackers Snuck Malware Into Videogames
To revist this article, visit My Profile, then View saved stories.
To revist this article, visit My Profile, then View saved stories.
The security sector is waking up to the insidious threat posed by software supply chain attacks, where hackers don’t attack individual devices or networks directly, but rather the companies that distribute the code used by their targets. Now researchers at security firms Kaspersky and ESET have uncovered evidence that the same hackers who targeted Asus with that sort of supply chain hack earlier this year have also targeted three different videogame developersthis time aiming even higher upstream, corrupting the programming tools relied on by game developers.
Just weeks after revealing the Asus incidentin which hackers hijacked the computer company’s software update process to silently infect customers with malicious codeKaspersky researchers have connected it to another set of breaches. The same hackers appear to have corrupted versions of the Microsoft Visual Studio development tool, which three different videogame companies then used in their own development. The hackers could then plant malware in certain games, likely infecting hundreds of thousands of victims with a backdoored version of the programs.
“Software developers should ask themselves, where does your development software come from?”
Vitaly Kamluk, Kaspersky
Be Cautious With Payments
INVESTIGATE any gaming-related purchases before handing over money, such as checking whether the website is blacklisted on and only making card payments that offer greater consumer protections.
Another decent tip. Much of the gaming fraud we see at the moment is related to in-game purchases or DLC. Most commonly weapons, skins, outfits and the like. Some gaming platforms like Steam allow gamers to trade items. Fake trade phishes have been around for years and are very popular.
Recommended Reading: Can Malware Infect A Smartphone
Cybersecurity For Gamers : Gaming Malware And Online Risks
The Worst Security Issues in Games. How to Avoid Getting Infected.
Despite the predictions of the late 90s and early 2000s experts, gaming has evolved to encompass much more than teens and young adults. Being interested in video games is not a phase you outgrow once you mature enough.
In fact, the industry has shifted to be more and more inclusive as time passes. According to VentureBeat, today there are more females than males spending money on games, and the average age of gamers is 31 . According to Nezwoo, the total worth of the gaming industry will be $174 billion by 2021.
With this kind of numbers, theres no wonder that hackers are beginning to target games more and more. Where theres an opportunity for financial abuse, there will always be those who try to exploit it. Cybersecurity for gamers has become a concern, and rightly so.