A recent report highlighted a more than 50% surge in cyberattacks targeting the gaming industry around the peak of the lockdown period. In this piece, we will discuss many ways in which cyber adversaries steal your data and the malware families behind them.
Recent attacks in the gaming world
A hacker group called INSTAKILLA recently leaked and sold over 1.3 million user records of the multiplayer game, Stalker Online, on a dark web forum.
Gaming chat platform, Discord, was targeted twice in a span of a month by different malware families.
In April, Nintendo became one of the major victims with its 300,000 Nintendo Network ID (NNID) accounts getting exposed.
Various gaming malware families
Some malware families that essentially go after credentials and session tokens, and what hackers could do with it.
NitroHack: The recently observed malware lures in the form of hack to obtain the premium Discord Nitro service for free. It steals user tokens from various browsers, card information, and also attempt to infect others on Discord.
AnarchyGrabber: Masqueraded as a game hack and cheat tool, it steals victims’ plaintext passwords and infects victims’ friends on Discord.
Kpot trojan: It can steal cookie files and sessions tokens and account information from various messengers. Hackers get to resell all valuable in-game attributes with the help of stolen session token data.
BetaBot: This trojan targets numerous gaming platforms and gathers URL keywords on different pages. Cybercriminals could pilfer logins and passwords entered on pages visited by the users.
Further, malware like Okasidis, Steam Stealer, and Thief Stealer grab gaming account details from their own set of target platforms. For eg., Okasidis and Thief Stealer target Uplay, BetaBot attacks Uplay, Origin, and Battle.net.
Attackers are always interested in popular platforms with multi-million strong audiences. Moreover, trojans aren’t visible to users since they don’t demand extra permissions or trigger any alert. In order to protect a gaming account, users must:
Set-up two-factor authentication;
Download games only from a trusted source;
Avoid cheat codes, hacks to rise in ranks;
Keep a habit of shuffling passwords might save a compromised-in-hack account.