Information-Stealing Malware Escalates in Online Gaming

Security

The global online gaming community is facing a rising threat from cyber-criminals exploiting vulnerabilities inherent in gamers’ interactions with digital content. 

A recent report by Sekoia.io has shed light on a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere.

According to the post, gamers, in their quest for enhanced experiences, inadvertently expose themselves to deceptive tactics employed by threat actors. 

These tactics, ranging from enticing in-game offers to fake cheat codes, prompt users to unwittingly run malicious payloads, particularly those associated with info-stealing malware. The severity of this digital threat is escalating, prompting concerns within both the gaming community and the broader cybersecurity landscape.

Sekoia mentioned a specific incident in July 2023, where French gaming influencers were targeted through a Discord message offering exclusive access to a seemingly genuine game. 

“Recently, the cloud gaming company Shadow emailed its users to warn about a compromise of their data,” the blog post reads. “According to Shadow, the initial access was a fake game downloaded from Discord. This incident is part of the broader campaign described in this report.”

Sekoia further stated that malicious payloads are distributed via messages from compromised accounts, specifically targeting individuals of interest to maximize their influence. The link embedded in these messages directs users to either download a malicious file or visit a fraudulent website.

The company’s analysts identified multiple info-stealer families among the strains observed in this campaign. These families, such as Doenerium and Epsilon Stealer, operate with low antivirus detection rates as of late October 2023. 

Read more on malware targeting gamers: Hackers, Fraudsters and Thieves: Understanding Cybersecurity in the Gaming Industry

To counter these threats, the security experts emphasized preventative measures, urging users to download software exclusively from official and trustworthy sources. The report also provides guidance on post-infection steps, including computer resets and password changes.

Products You May Like

Articles You May Like

Amazon MOVEit Leaker Claims to Be Ethical Hacker
Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

Leave a Reply

Your email address will not be published. Required fields are marked *