Endpoint
12/13/2013
05:37 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Christmas Warning: Kaspersky Lab Finds Gamers Attacked 11.7 Million Times In 2013

On average, users in Europe were hit by 34,000 attacks related to gaming malware daily

ABINGDON, England, December 13, 2013 /PRNewswire/ --

Just days after the launch of the PlayStation 4 and the Xbox One, Kaspersky Lab experts have discovered that PC gamers across Europe were hit by a massive number of attacks in 2013. Currently Kaspersky Lab knows 4.6 million pieces of gaming focused malware, with the total number of attacks facing gamers hitting

11.7 million globally. On average, users were hit by 34,000 attacks related to gaming malware daily. With Christmas coming up and hundreds of thousands expected to receive games as presents, Kaspersky Lab experts are recommending users take the right precautions.

Spanish gamers were the worst hit of all, as hackers made 138,786 attempts on them from 1 January to November 2013. Poland was in second with 127,509, followed by Italy on 75,080.Here's the top-10 ranking of Europe:

1) Spain: 138,786

2) Poland: 127,509

3) Italy: 75,080

4) France: 47,065

5) Germany: 29,049

6) United Kingdom: 27,049

7) Ukraine: 22,220

8) Greece: 17,203

9) Romania: 13,778

10) Portugal: 7,458

Gamers face all kinds of different digital attempts on their systems.

Underground forums are ridden with cyber crooks selling access to people's gaming accounts, such as the portal and marketplace Steam. The market for usernames and passwords is fuelled by attacks on the gaming companies themselves. Earlier this year, Kaspersky Lab detected a major espionage campaign on a range of massively multiplayer online games makers [http://www.securelist.com/en/analysis/204792287/Winnti_More_than_just_a_game ], with source code and other valuable data stolen.

Malware types target specific games, such as the hugely popular Minecraft.

Earlier this year, a fake Minecraft tool built with Java promised to give the player powers such as banning other users, but was stealing usernames and passwords in the background. When Grand Theft Auto V landed earlier this year, various sites offered fake downloads to access the record-smashing game for free. But when users tried to get the game, all they got was malware - a classic example of powerful names getting abused to lure victims into downloading malicious code.

Then there's the typical scams, like phishing. Slews of emails are sent around every time a big gaming launch happens, and at Christmas, attempting to lure users into handing over data or money with the promise of discounts or cheap gaming goods.

"We've just seen two of the biggest console launches ever, with the PlayStation

4 and the Xbox One. That means there will be more gamers for criminals to target, especially as the Sony and Microsoft machines increasingly use the Internet for a fuller gaming experience. And don't forget the PC, still the most popular gaming platform and cyber crooks' favourite target," says David Emm, senior security researcher at Kaspersky Lab.

"As computer games continue to become an increasingly prominent and important part of our lives, and our culture, expect malicious actors to up the sophistication and the volume of their attacks on gamers. If people want to enjoy their new toys this Christmas, they have to be careful, as it's clear they are facing a greater threat than ever."

So gamers, especially anyone investing in a load of new games this Christmas, need to take the right precautions, investing in adequate protections and wising up to the range of threats they face. Here are Kaspersky Lab's top five tips for gaming security:

1) Don't click through on any offers that look too good to be true, whether

from your inbox or on social networks like Facebook or Twitter. If an offer does come

through that looks legitimate, ensure the sender is trusted before hitting a link or

handing over any details. If in doubt, contact the official company the sender claims

to be from.

2) Use strong and varied passwords across your gaming accounts. As we've seen

this year, gaming companies get hacked and logins are leaked. If you don't have

different credentials, getting one set stolen means all your different accounts using

that same password could be compromised. Consider investing in a password manager, as

it will give you simple, smart protection.

3) Get a good quality anti-virus. With the rafts of gaming malware out there,

and the increasing sophistication of the malicious software, you'll need some level of

protection against it. You'll need AV that goes beyond signature-based detection to

look at file reputation, if you want to stop the smartest malware getting on your

system.

4) Be careful whom you befriend. It's easy to make friends in virtual worlds

today, but not all are doing so innocently. Beware anyone who asks for your personal

details, as they may want to do more than just contact you.

5) Only download titles from legitimate sellers. If you're downloading an

illegal copy of a game, you aren't just breaking the law. You're risking getting

malware on your machine, as crooks often disguise game files as malicious software.

About Kaspersky Lab

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers.

Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more athttp://www.kaspersky.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6212
Published: 2014-04-19
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.

CVE-2013-6213
Published: 2014-04-19
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

CVE-2013-6214
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

CVE-2013-6215
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.

CVE-2013-6218
Published: 2014-04-19
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Best of the Web