Hackers may be after your highly ranked video game account

The hackings are part of a global wave of attacks by 34 Russian-speaking groups. PHOTO: EPA-EFE

SINGAPORE - Hackers who spread password-stealing malware have set their sights on gamers, trying to steal users’ credentials and online gamer profiles with high ratings to sell.

The fraudsters plant links on popular online marketplaces or comments sections that, once opened, install malware that searches a browser for account credentials and sensitive information that is not encrypted.

The hackings are part of a global wave of attacks by 34 Russian-speaking groups that have stolen more than 50 million passwords linked to gaming services, e-commerce platforms and online banks in seven months this year.

Among these, 185,689 passwords were stolen from 2,179 devices that have installed the malware, said Singapore-based cyber security company Group-IB in a report published on Nov 23.

The firm, which specialises in cyber investigations, is a partner of international law enforcement organisations such as Interpol and a private-industry partner of the Singapore Police Force.

Some 1,420 local gaming account credentials for gaming platforms Steam, Epic Games and Roblox have been linked to the wave of global hackings, Group-IB’s digital risk protection regional head Ilia Rozhnov told The Straits Times on Thursday.

It is not clear how much money was lost in this wave of scams, said Mr Rozhnov.

Users of these accounts may have been locked out of them or found that their accounts have been deleted, said Mr Rozhnov, adding that password theft in gaming services has seen a fivefold rise since 2021.

Account details for e-commerce platforms Amazon and Shopee, as well as payment platforms like PayPal, were also seized, he added.

The Group-IB team were alerted to the scam after it was notified about scammers recruiting via groups on messaging app Telegram.

An estimated 200 workers were tasked to distribute links with malware that steals data stored in browsers, such as gaming accounts, bank details and e-commerce credentials, said Mr Rozhnov.

One way these people have targeted gamers is by planting these links in the comments section of popular gaming tutorial channels on video hosting platform YouTube.

Gamers may be tricked into clicking these links, believing they may get upgrades for their characters or a helpful tip, said Mr Rozhnov.

He said: “The scammers are targeting people who are gamers, through specific videos of games. These (scam) links are attached to popular videos, and they look harmless. People might think it’s a patch for their game.”

Once installed, any information saved on an unencrypted system, like Google Chrome or other Internet browsers, is up for grabs.

The report said: “After a successful attack, the scammers either obtain money themselves using the stolen data, or they sell the stolen information in the cyber criminal underground.”

Stolen video game accounts can go for hundreds of dollars, depending on the amount of in-game currency a player owns or the rarity of a player’s in-game possessions, like character skins.

Bloomberg reported in 2020 that the underground economy for stolen game accounts generated $1 billion annually.

While inconvenient, Internet users should also refrain from saving passwords in browsers and regularly clear browser cookies, Mr Rozhnov said. Cookies can be deleted in the settings menu of a typical browser such as Google Chrome.

Executive director Andrew Shikiar from Fido Alliance, which sets standards for password-less authentication, said the average Internet user has many online accounts, but roughly half of them use a similar password.

He said: “As such, one set of stolen credentials may allow hackers access to users’ different accounts across websites and platforms.”

He urged users to enable possession-based authentication, such as two-factor authentication or biometrics, but added that organisations should start to adopt such standards too, instead of passwords.

Dr Jiow Hee Jhee, a member of the Media Literacy Council, which advocates cyber wellness, said the council had not been alerted to cases of gamers being preyed on by fraudsters.

But he said that he was not surprised, as many eager gamers turn to forums to learn new approaches to a game, and in turn, may be exposed to dangerous links.

He also urged parents to be mindful of their children’s online activities.

Join ST's Telegram channel and get the latest breaking news delivered to you.