Connect with us

Hi, what are you looking for?

GAMING

Kaspersky reviews password stealers that target major gaming services

What is particularly interesting regarding all the observed Trojans, is that they are virtually unnoticeable to users. In all cases, the Trojans are not visible to the user as they do not demand any extra permissions or send fake alerts – they just quietly steal data.

Gaming platforms represent an industry with a multi-million user audience. Cybercriminals are fully aware of this, utilizing various types of malware to profit from gamers. To understand the extent of exploitation, Kaspersky reviewed threats targeting major gaming platforms and found at least four malware specimens that are capable of stealing users’ account data from platforms such as Battle.net, Origin and Uplay, in order to resell it afterwards. However, these Trojans are not just looking to affect gameplay but your banking details could also be at risk.

Password stealers are a type of Trojan malware, designed to steal account data – from gaming session tokens or login details, to nearly any information saved on a computer. This can include cookie files, login credentials and passwords saved on a browser, along with a lot more. In some instances, stealing gaming details is just one of the malware’s functions, and online banking passwords are also of interest.

During this period of remote working and social distancing, it is understandable and logical for many people to turn to their devices for entertainment. Acknowledging that this may also inspire cybercriminals to carry out attacks, Kaspersky analyzed the password stealer landscape to see how vulnerable users could be. Threat analysis presented four malware families – Kpot, BetaBot, Okasidis and Thief Stealer, which all carry an interesting Trojan specimen.

For instance, Kpot Trojan can steal cookie files, accounts from various messengers, and one of the gaming platform’s session tokens. By obtaining session token data, cybercriminals do not get access to the user’s login and password details, however, they can quickly resell all valuable in-game attributes. Other Trojan specimens, such as Okasidis and Thief Stealer, focus on stealing specific files from game-related folders on the infected computer.

Advertisement. Scroll to continue reading.

Trojan stealers can also retrieve browser data. For example, BetaBot targets a number of popular gaming platforms in the following way: if a user visits a URL, which contains specific keywords, the malware turns on data gathering on these pages. This allows logins and passwords entered on the page to fall into criminals’ hands. 

What is particularly interesting regarding all the observed Trojans, is that they are virtually unnoticeable to users. In all cases, the Trojans are not visible to the user as they do not demand any extra permissions or send fake alerts – they just quietly steal data.

It is important to note that these Trojans do not exploit any platform vulnerabilities, as they purely focus on gathering data from an infected device.

“There are numerous gaming-focused threats out there, from fake files and compromised modes resold on the web, through to phishing pages. However, if a user is aware of these threats, they can take steps to protect themselves from harm. Unfortunately, this is not the case with password stealers, as it is hard for a user to spot them. This means that gamers need to be proactive in keeping themselves safe and always take extra precautions, as well as using a reliable security solution to prevent their computer from becoming infected,” comments Alexander Eremin, Kaspersky security analyst. 

In order to protect your gaming accounts from malware, including password stealers, Kaspersky recommends taking the following steps:

Advertisement. Scroll to continue reading.
  • Set up two-factor authentication, so even if your login and password have been stolen, they will not be enough to access your account
  • Only download gaming modifications from trusted sources 
  • Use a reliable security solution, such as Kaspersky Security Cloud, which will be able to identify stealers and stop them from stealing your data
  • Do not turn off your security solution while playing a game. Some security solutions, such as Kaspersky Security Cloud, have a special gaming mode, which reduces the load on the computer during playing time and does not affect the quality of the gaming experience.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

White Papers

Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into...

Advertisement