During our Dark Web monitoring activities, we noticed that game user credentials are leaked and dumped by major and minor threat actors alike most of the time. From COMBOs to targeted breach, numerous user accounts from games on Steam, PSN, and EPIC circulate the dark web ready for exploit and scam. For big–time Dark Web cybercriminals, the information is ignorable, but those stolen credentials are worth something for those looking into making a quick buck. According to our observation and research, the cheating and modding community is quite rampant. One of the reasons was lax law enforcement, and only a few private corporations pay attention to them; say hello to Nintendo.
Game cheating and modding is not new, especially for those who are short of time and want to shortcut their game experience to finish a game early. Cheating went rampant ever since the Famicom days where cheat codes are legitimately part of the games. As time goes by, it evolved into something similar to hacking by using an external program in consoles and for PCs’ and MACs’ an injector or hex editor.
Adulterated cheats and Mods are not far off from the gaming community, especially from the PC game platform where modders thrive.
The hackers can easily blend in with such enhancing software. Trojans are popularly integrated with rouge mods and cheat engines to weaponize it with RATs to target gamers. This method is challenging because most mods are detected by anti-virus software as malicious. Still, it will take more than an automated scan to separate clean mods and malicious ones, making it more challenging for security analysts to analyze payloads originating from these types of distribution methods. One perfect example is where threat actors stealthily utilized the COD-Dropper v0.1 malware as cheat programs for a popular game called Call of Duty: Warzone. Numerous gamers play this game, right? So if the cheat software was offered for free, the malware spread is expected to be exponential.
Youtube Ads, or worse independent Youtube video presenting a fake proof of concept of an undetected cheat is shown to bait more unsuspecting gamers to download such types of malware. In a further move to make more money, these threat actors can go as far as selling a “private version” of the cheat for a cheap amount with payment using cryptocurrency. Imagine getting scammed and then running malware at the same time. Some may say that this can be the karma for cheating, but vigilance is the key to avoid downloading unwanted malware payload.
iZOOlogic is committed to safeguarding the intellectual properties and private information of different industries. We can see that the gaming industry suffers from attacks and exfiltration frequently behind the scenes. The victims are its patrons, the gamers who, in the majority, mostly know how to operate and use different software, yet all in all, still insecure when it comes to malware baiting. As proof, a reliable cybersecurity source says that in 2020 alone, more than 61% of gamers were targeted by various malware attacks and scams.
