In 2020, as countries around the world were forced into lockdown, the number of online gamers skyrocketed. In fact, by the end of March 2020, the number of both active users and concurrent users actively playing games on Steam (the most popular online gaming platform, community, and store) reached an all-time record. This record was once again broken in March 2021, with the platform reaching nearly 27 million users.
Naturally, as online gaming has become increasingly popular, cybercriminals have been looking for ways to exploit this trend for their personal gain. In spring of last year, Kaspersky researchers found that there was a significant increase in the number of web antivirus detections for sites with names that exploit the gaming theme (i.e. names of popular games and platforms): a 54% increase in the daily number of blocked redirects in April 2020 when compared to January 2020.
Even after lockdowns subsided in the spring, the number of web attacks exploiting the gaming theme continued to rise, reaching an all-time high in November 2020 of nearly 2,500,000. After a decline at the beginning of 2021, the number of web attacks has once again been increasing, reaching 1,125,010 in April 2021, an increase of 34% when compared to March this year.
As was the case last year, the most popular game used as a lure is Minecraft, although as 2021 continues, Counter Strike: Global Offensive has steadily been overtaking Minecraft as the most popular game used as bait. There was also a major spike in Dota as a lure back in the summer of 2020. The most common threats encountered by these malicious links exploiting the gaming theme were various Trojans (malicious files that allow cybercriminals to do everything from deleting and blocking data to interrupting the performance of the computer) with the malware disguised as free versions, updates, or extensions for popular games, as well as cheat programs.
“There are currently an unprecedented number of gamers in the world—nearly 3 billion—and it’s proven to be a great way to relax against the ongoing disruption. Of course, that does mean cyber attackers will remain interested in the industry, and, given that more and more people are gaming on their work devices, this puts company resources at risk. However, gamers can still safely enjoy playing. They just need to follow basic cybersecurity best practices,” comments Maria Namestnikova, Head of Russia’s Global Research and Analysis Team (GReAT).
To stay safe from attacks while gaming, Kaspersky experts recommend:
- Use strong passwords and two-factor authentication (2FA) where possible to protect your video-gaming accounts
- Be wary of any cheats and pirated copies of video-games, since it’s one of the favorite lures used by cybercriminals
- Use a strong, reliable security solution that won’t slow down your computer while you’re playing, such as Kaspersky Total Security. It works smoothly with Steam and other gaming services.
- It’s safer to buy games only on official sites, and wait for the sales — they take place fairly often, so you won’t be sitting on your hands for long.
- Beware of phishing campaigns and unfamiliar gamers. It’s a good option to double-check the website you are redirected to via the link in the received email and the extension of a file you are going to open.
- Try not to click on any links to external sites from the game chat, and carefully check the address of any resource that requests you enter your username and password; the page may be fake.