In 2019 the videogame industry generated over $120 billion in revenue making it one of the biggest commercial markets and hence making it lucrative targets for the threat actors. Digital crimes related to this industry are often difficult to trace, due to which attackers are increasingly targeting popular online games and community platforms.
According to some reports, underground marketplaces are doing an estimated business of about $1 billion annually. These marketplaces are dedicated to dealing with the trade of stolen gaming accounts.
Just four games namely Fortnite, Minecraft, Roblox, and Runescape contribute around $700 million to the overall haul coming from the online gaming industry. According to another report, individual hackers dealing in stolen Fortnite accounts alone make an income of $1 million a year.
Now working as a structured enterprise, cybercriminals are designating people with positions like developers, middle managers, project managers, salespeople, and even PR people to hype their services.
Public cloud services and digital e-commerce platforms are leveraged by hackers to run their enterprise of crime. in-game commodities, such as player skin, in-game items, or currencies are stolen by the threat actors to sell them on underground forums. Account takeovers are performed by them to sell at a lower asking price or they pilfer top gaming accounts. Even customer service and discounts on bulk orders are offered by them to their clients.
Recent attacks on the industry –
- In August this year, “Fall Guys: Ultimate Knockout” game API was found to be stealing sensitive files from an infected user’s browser and Discord application. It was nothing but a malicious JavaScript library disguised as the game API.
- In July, secrets of famous games like Mario, Zelda, and Pokémon were revealed by a massive Nintendo leak.
- June saw over 1.3 million records of stalker online players being put on dark web forums for sale.
Our security experts suggest that the gaming industry should approach this scenario with a proactive and multilayered strategy to protect their customers and their own products and services. Gamers are also recommended to never reuse their passwords to avoid misuse of their accounts.
To read more, please check eScan Blog