Look out, online Gamers: Hackers Want Your password and account

Look out, online Gamers: Hackers Want Your password and account

Cybercriminals are increasingly targeting online gamers with password-stealing malware, according to the latest advice from a leading antivirus company.

Russian cybersecurity giant Kaspersky is urging gamers to learn about and defend against information-stealing Trojans that target usernames, passwords, and session tokens. (A Trojan horse is malware that masquerades as a benign file or application and then attempts to get you to open or install it.)

In a recent post on its security blog, Kaspersky said it is fairly well known that cybercriminals are targeting Steam, the world's most popular online gaming service.

"But there are many other platforms out there, including Battle.net, Origin, Uplay, and the Epic Games Store.

"But there are many other platforms, including Battle.net, Origin, Uplay, and the Epic Games Store.

Password spoofing is not a new form of malware. They are similar to banking Trojans, and cybercriminals often use them to steal account information, cookies, and other files stored on infected devices. However, cybercriminals are also increasingly targeting gaming accounts. [e.g., Kpot (aka Trojan-PSW.Win32.Kpot), which steals Trojan horses. This Trojan is distributed primarily via email spam, and the attachment contains a vulnerability (e.g., a vulnerability in Microsoft Office) that allows the actual malware to be downloaded onto the computer.

"The thief then forwards information about the programs installed on the computer to a command-and-control server, which waits to execute the commands. Some of the possible commands include stealing cookies, Telegram, Skype accounts, etc.

According to Kaspersky, people should be aware of these threats, especially if they play titles from game developer Blizzard. The malware steals files with a .config extension from the %APPDATA%Battle.net folder and links them to Blizzard's game launch application.

"Among other things, these files contain the player's session tokens. This means that cybercriminals do not get the actual username and password, but can use the token to pretend to be the user.

Once cybercriminals have gained access, Kaspersky warns that they can make money by selling in-game items, such as "World of Warcraft" or "Diablo 3," for example.

Ubisoft's game launcher app Uplay has been targeted by malware called Okasidis, Kaspersky notes. Meanwhile, Uplay, Origin, and Battle.net are being targeted by BetaBot malware.

Regarding the latter, Kaspersky says: "The Trojan horse simply steals files and data surreptitiously, without ever showing itself on the computer or displaying a request window.

To protect against Trojans, Kaspersky recommends installing two-factor authentication, avoiding downloading mods from suspicious sites, investing in security, and keeping antivirus software on during gaming. (Many antivirus software have a "game mode" that withholds scanning and interruption.)

Also, to ensure that damage is limited if a password is stolen, never reuse passwords, create strong and unique passwords, and manage them with the best password management tools.

Categories