The global online gaming community is facing a rising threat from cyber-criminals exploiting vulnerabilities inherent in gamers’ interactions with digital content.
A recent report by Sekoia.io has shed light on a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere.
According to the post, gamers, in their quest for enhanced experiences, inadvertently expose themselves to deceptive tactics employed by threat actors.
These tactics, ranging from enticing in-game offers to fake cheat codes, prompt users to unwittingly run malicious payloads, particularly those associated with info-stealing malware. The severity of this digital threat is escalating, prompting concerns within both the gaming community and the broader cybersecurity landscape.
Sekoia mentioned a specific incident in July 2023, where French gaming influencers were targeted through a Discord message offering exclusive access to a seemingly genuine game.
“Recently, the cloud gaming company Shadow emailed its users to warn about a compromise of their data,” the blog post reads. “According to Shadow, the initial access was a fake game downloaded from Discord. This incident is part of the broader campaign described in this report.”
Sekoia further stated that malicious payloads are distributed via messages from compromised accounts, specifically targeting individuals of interest to maximize their influence. The link embedded in these messages directs users to either download a malicious file or visit a fraudulent website.
The company’s analysts identified multiple info-stealer families among the strains observed in this campaign. These families, such as Doenerium and Epsilon Stealer, operate with low antivirus detection rates as of late October 2023.
Read more on malware targeting gamers: Hackers, Fraudsters and Thieves: Understanding Cybersecurity in the Gaming Industry
To counter these threats, the security experts emphasized preventative measures, urging users to download software exclusively from official and trustworthy sources. The report also provides guidance on post-infection steps, including computer resets and password changes.