The global online gaming community is under siege by cyber-criminals who are exploiting vulnerabilities in gamers’ interactions with digital content. A recent report by Sekoia.io has brought to light a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere.
Gamers, in their pursuit of more enriched gaming experiences, are inadvertently making themselves vulnerable to the deceptive tactics employed by threat actors. These tactics, which include enticing in-game offers and fake cheat codes, lead users to unwittingly run malicious payloads, particularly those associated with info-stealing malware. The severity of this digital threat is increasing, causing concern within both the gaming community and the broader cybersecurity landscape.
In a specific incident in July 2023, French gaming influencers were targeted through a Discord message offering exclusive access to a seemingly genuine game. According to Sekoia, the cloud gaming company Shadow emailed its users to warn about a compromise of their data due to a fake game downloaded from Discord. This incident is part of the broader campaign described in the report.
Sekoia further stated that malicious payloads are distributed via messages from compromised accounts, specifically targeting individuals of interest to maximize their influence. The link embedded in these messages directs users to either download a malicious file or visit a fraudulent website. The company’s analysts identified multiple info-stealer families among the strains observed in this campaign, such as Doenerium and Epsilon Stealer, which operate with low antivirus detection rates as of late October 2023.
To counter these threats, the security experts emphasized preventative measures, urging users to download software exclusively from official and trustworthy sources. The report also provides guidance on post-infection steps, including computer resets and password changes.
The gaming community, as a result of these revelations, is urged to be more cautious and discerning in their interactions and downloads. The rise of cyber-criminal activity targeting gamers is a cause for concern, prompting the need for heightened vigilance and proactive measures to protect against such threats.
The report serves as a stark reminder of the ongoing battle between cybersecurity and cyber-criminal activities within the gaming industry. As technology and digital interactions continue to advance, the need for robust security measures becomes increasingly imperative. The gaming community must remain vigilant and take proactive steps to safeguard their digital experiences and personal information from falling victim to malicious attacks and information theft.