Connect with us

Hi, what are you looking for?

GAMING

Kaspersky reviews password stealers that target major gaming services

What is particularly interesting regarding all the observed Trojans, is that they are virtually unnoticeable to users. In all cases, the Trojans are not visible to the user as they do not demand any extra permissions or send fake alerts – they just quietly steal data.

Gaming platforms represent an industry with a multi-million user audience. Cybercriminals are fully aware of this, utilizing various types of malware to profit from gamers. To understand the extent of exploitation, Kaspersky reviewed threats targeting major gaming platforms and found at least four malware specimens that are capable of stealing users’ account data from platforms such as Battle.net, Origin and Uplay, in order to resell it afterwards. However, these Trojans are not just looking to affect gameplay but your banking details could also be at risk.

Password stealers are a type of Trojan malware, designed to steal account data – from gaming session tokens or login details, to nearly any information saved on a computer. This can include cookie files, login credentials and passwords saved on a browser, along with a lot more. In some instances, stealing gaming details is just one of the malware’s functions, and online banking passwords are also of interest.

During this period of remote working and social distancing, it is understandable and logical for many people to turn to their devices for entertainment. Acknowledging that this may also inspire cybercriminals to carry out attacks, Kaspersky analyzed the password stealer landscape to see how vulnerable users could be. Threat analysis presented four malware families – Kpot, BetaBot, Okasidis and Thief Stealer, which all carry an interesting Trojan specimen.

For instance, Kpot Trojan can steal cookie files, accounts from various messengers, and one of the gaming platform’s session tokens. By obtaining session token data, cybercriminals do not get access to the user’s login and password details, however, they can quickly resell all valuable in-game attributes. Other Trojan specimens, such as Okasidis and Thief Stealer, focus on stealing specific files from game-related folders on the infected computer.

Trojan stealers can also retrieve browser data. For example, BetaBot targets a number of popular gaming platforms in the following way: if a user visits a URL, which contains specific keywords, the malware turns on data gathering on these pages. This allows logins and passwords entered on the page to fall into criminals’ hands. 

What is particularly interesting regarding all the observed Trojans, is that they are virtually unnoticeable to users. In all cases, the Trojans are not visible to the user as they do not demand any extra permissions or send fake alerts – they just quietly steal data.

Advertisement. Scroll to continue reading.

It is important to note that these Trojans do not exploit any platform vulnerabilities, as they purely focus on gathering data from an infected device.

“There are numerous gaming-focused threats out there, from fake files and compromised modes resold on the web, through to phishing pages. However, if a user is aware of these threats, they can take steps to protect themselves from harm. Unfortunately, this is not the case with password stealers, as it is hard for a user to spot them. This means that gamers need to be proactive in keeping themselves safe and always take extra precautions, as well as using a reliable security solution to prevent their computer from becoming infected,” comments Alexander Eremin, Kaspersky security analyst. 

In order to protect your gaming accounts from malware, including password stealers, Kaspersky recommends taking the following steps:

  • Set up two-factor authentication, so even if your login and password have been stolen, they will not be enough to access your account
  • Only download gaming modifications from trusted sources 
  • Use a reliable security solution, such as Kaspersky Security Cloud, which will be able to identify stealers and stop them from stealing your data
  • Do not turn off your security solution while playing a game. Some security solutions, such as Kaspersky Security Cloud, have a special gaming mode, which reduces the load on the computer during playing time and does not affect the quality of the gaming experience.

Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Kaspersky experts have analyzed malicious files behind nominated films as well as movie-related phishing websites designed to steal users’ credentials.

HEADLINES

According to the new report, cyberattacks on healthcare, manufacturing, and energy doubled from the year prior, with threat actors targeting organizations that could not...

HEADLINES

Providing a sense of security for its subscribers has pushed Converge to also provide quick access to online support while raising awareness through online...

HEADLINES

Poll shows how people are managing the pandemic as we approach the one-year anniversary of the start of large-scale quarantines that forced millions of...

HEADLINES

The Philippines slipped two notches down from its previous ranking in the latest top 10 global list of countries with the most web-borne threats...

HEADLINES

bluedog was launched two years ago to make professional cybersecurity services accessible to a wider audience – including businesses in Asia and smaller firms...

HEADLINES

The remote setup had employees bringing home their workstations, taking devices out of the protection of cybersecurity systems found inside offices and leaving them...

HEADLINES

Last spring, more than 1 billion schoolchildren around the globe were affected by school closures as countries attempted to slow rising infection rates. For...

Advertisement