SINGAPORE – Hackers who spread malware that steals passwords are now going after gamers, trying to steal their login information and online gamer profiles with high ratings to sell.

Fraudsters put links on popular online marketplaces or comment sections that, when opened, install malware that searches a browser for account credentials and sensitive information that isn’t encrypted.

The hackings are part of a global wave of attacks by 34 Russian-speaking groups that have stolen more than 50 million passwords for gaming services, ecommerce platforms, and online banks in the first seven months of this year.

In a report released on November 23, Singapore-based cybersecurity company Group-IB said that 185,689 passwords were stolen from 2,179 devices that had the malware installed.

The company specialises in cyber investigations and works with international law enforcement groups like Interpol. It also works with the Singapore Police Force as a private-sector partner.

Group-digital IB’s risk protection regional head Ilia Rozhnov told The Straits Times on December 1 that a wave of hackings around the world has been linked to 1,420 local gaming account credentials for Steam, Epic Games, and Roblox.

“Scammers are going after gamers by showing them videos of games”

– Ilia Rozhnov

Rozhnov said that it’s not clear how much money was lost in this wave of scams.

Rozhnov said that the users of these accounts may have been locked out or found that their accounts had been deleted. He also said that password theft in gaming services has increased fivefold since 2021.

He also said that account information for ecommerce sites like Amazon and Shopee, as well as payment sites like PayPal, were also taken.

The Group-IB team found out about the scam when they heard that scammers were looking for new victims through groups on the messaging app Telegram.

Rozhnov said that about 200 people were told to send out links to malware that steals information from browsers, such as gaming accounts, bank information, and e-commerce passwords.

One way these people have tried to get at gamers is by putting these links in the comments section of popular gaming tutorial channels on YouTube, which is a site for hosting videos.

Rozhnov said that gamers might click on these links because they think they will get upgrades for their characters or a helpful tip.

He said, “Scammers are going after gamers by showing them videos of games.” These (scam) links are attached to popular videos, and they look like they won’t hurt you. People might think it’s a game patch.”

Once installed, anyone can get any information saved on a system without encryption, such as Google Chrome or other Internet browsers.

“After a successful attack, the scammers either use the stolen information to make money for themselves or sell it in the cyber criminal underground,” said the report.

Depending on how much in-game currency a player has or how rare their in-game items are, like character skins, stolen video game accounts can sell for hundreds of dollars.

Bloomberg said in 2020 that the black market for stolen game accounts made US$1 billion (RM4.4 billion) each year.

Rozhnov said that people who use the Internet shouldn’t save their passwords in their browsers and should regularly clear their browser cookies. Most browsers, like Google Chrome, have a settings menu where cookies can be deleted.

Andrew Shikiar, the executive director of Fido Alliance, which sets standards for authentication without a password, said that the average Internet user has many online accounts, but about half of them use the same password.

He said, “As a result, if hackers steal a user’s credentials, they might be able to get into all of their accounts on different websites and platforms.”

He told users to turn on possession-based authentication, like two-factor authentication or biometrics. He also said that organisations should start to use these standards instead of passwords.

A member of the Media Literacy Council, which promotes cyber wellness, named Dr. Jiow Hee Jhee, said that the council had not heard of any cases of fraudsters taking advantage of gamers.

But he said he wasn’t surprised because a lot of eager gamers go to forums to learn new ways to play a game, which can lead them to dangerous links.

He also told parents to watch what their children do online.

Info source – The Straits Times Singapore