Minecraft tops list of game titles hackers are using to distribute malware

According to Statista, the global gaming market is estimated to amount to 268.8 billion U.S. dollars annually in 2025. This makes the gaming industry an attractive place for bad actors to execute their crimes and target billions of gamers. And with Minecraft being the best-selling video game of this age, it is not a surprise that hackers are using the title as the number one bait to hide and drop malware into the devices of unsuspecting victims.

According to a new report from endpoint security vendor and consumer IT security software company Kaspersky, Mojang Studios’ popular sandbox game, Minecraft, tops the game titles that are often used by hackers to drop malware on different users globally. Specifically, the firm stated that the title used as bait affected 131,005 users from July 2021 through June 2022 using the 23,239 files distributed. Kaspersky noted that they saw a drop in the number of malicious and unwanted files using the title, but it remains at the top of the mobile category as a lure for distributing malware and unwanted software, with 2,406 distributed.

Kaspersky listed nine more games following Minecraft in terms of the number of related unique malicious and unwanted files distributed: FIFA (10,776), Roblox (8,903), Far Cry (8,736), Call of Duty (8,319), Need for Speed (7,569), Grand Theft Auto (7,125), Valorant (5,426), The Sims (5,005), and CS:GO (4,790).

According to Kaspersky security solutions, based on the files they observed from these games, downloaders are the number one malicious and unwanted software being distributed, accounting for 88.56% of cases during the span of the study. It is a huge number, indeed, and while the security firm said that “this type of unsolicited software might not be dangerous in and of itself… it can be used for loading other threats onto devices.” Other kinds of threats spread using the top game titles include not-a-virus:AdWare (4.19%), Trojan (2.99%), DangerousObject (0.86%), Trojan-SMS (0.49%), Trojan-Downloader (0.48%), not-a-virus:WebToolbar (0.47%), not-a-virus:RiskTool (0.45%), Exploit (0.34%), and Trojan-Spy (0.29%). Despite the small percentages of these kinds of threats, catching them can be a huge problem for those affected. For instance, a Trojan threat can damage, steal, or cause other harmful actions on one’s data or network.

Pie graph of distributed malicious software types stealing sensitive data from infected devices worldwide using popular game titles
Distributed malicious software types stealing sensitive data from infected devices worldwide using popular game titles (July 1, 2021 through June 30, 2022). Image credits: Kaspersky Security Solutions

“The research revealed an increase in attacks using malicious software that steals sensitive data from infected devices,” Kaspersky added. “It included such verdicts as Trojan-PSW (Password Stealing Ware) which gathers victims’ credentials, Trojan-Banker which steals payment data, and Trojan-GameThief which collects login information for gaming accounts. From July 1, 2021 through June 30, 2022, Kaspersky security solutions detected a total of 6,491 users affected by 3,705 unique malicious files of these types.”

fake money generator offered to GTA Online players
Sample of a fake website: Grand Theft Auto Online

Fooling games to downloading and installing these games with malicious files is no challenge for bad actors. Gamers frequently dig into the web looking for game cheats, free installers, and more, only to get carefully-crafted snares that can deliver malware on their devices. Kaspersky revealed that hackers create fake websites to attract desperate gamers and even design them with the perfectly copied appearances of the actual in-game marketplaces. One example the firm shared was a fraud Grand Theft Auto Online site where users would be asked to enter their credentials to log in. Acquiring these bits of info gives hackers the chance to peek at the user’s banking details and other sensitive data. Other games with the same technique include fraudalent sites for Apex Legends, CS:GO, PUBG, and Warface.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}