Disguising malicious software as a legitimate program is a trick as old as malware itself, and as more people find themselves staying indoors and playing games, gaming-related cyber-threats are rising. In less than a year—the past nine months—Kaspersky says it has detected and blocked over 5.8 million attacks from malware and other “unwanted software” masquerading as popular PC games.
Mobile gaming saw a sharp uptick in game-related threats too, as the pandemic began to unfold. Kaspersky, makers of one of the best antivirus for PC gaming, decided to audit malware threats targeted at PC and mobile gamers, and found that attacks disguised as the 24 most popular PC games and top 10 mobile titles “soared with the introduction of lockdowns” last year.
Most of the malware samples detected were downloaders, software designed to covertly fetch and install malware on infected devices, as well as serve up adware. However, Kaspersky noted that some of the threats disguised as gaming software presented more immediate threats.
These included a range of Trojans designed to steal various user data, swipe banking login credentials, and install backdoors so attackers can more easily navigate around any security blockades that might be in place.
The majority of malware attacks aimed at gamers on both platforms attempted concealment by spoofing Minecraft. Kaspersky said this is likely because there are multiple versions of the game and a metric ton of Minecraft mods available to hide malicious payloads inside. Kaspersky blocked over 3 million attacks that came disguised as legitimate Minecraft software.
The Sims 4 ranked as the second-most popular game used to disguise malware, accounting for nearly 1.3 million attacks. PUBG, Fortnite, and Grand Theft Auto V rounded out the top five.
“We have witnessed a clear effect of the pandemic on the number of gaming-related threats. As more people switched to gaming, more users faced threats that were disguised as games,” said Anton V. Ivanov, security researcher at Kaspersky.
As is often the case, attackers commonly attempted to lure gamers through phishing pages. According to Ivanov, these pages are “very hard to tell apart from real sites for regular users.”
“Another attack vector is warez sites—in particular, we have traced a well-coordinated campaign that distributed a dangerous dropper via such sites, affecting users in 45 countries,” Ivanov added.
Therein also lies the good news. Avoiding software piracy sites and practicing sensible computing habits (like not clicking on external links to sites that pop up in chat and other places) is the best defense against this sort of thing. And of course only downloading software from official stores—it’s not foolproof, but far less risky than venturing outside these stores.
That said, one of Kaspersky’s recommendations is to “avoid buying the first thing that pops,” advice it says gamers should take to heart “even during Steam’s summer sale.”
“Try to at least read some reviews before forking out for a little-known title. If something is fishy, people will probably figure it out, and this will come out in user comments,” Kaspersky says.