The gaming world is currently facing an increasingly sophisticated invisible threat: Cyberattacks disguised as mods, apps, and downloads related to popular video games. Thousands of gamers of all ages, especially Generation Z, have fallen victim to attempted cybercrime and digital theft that exploit the trust and desire for new features or improvements to their favorite titles.
In the last year, more than 19 million attempts to download harmful or unwanted files related to video games have been identified., affecting more than 400.000 people worldwide. Attackers take advantage of active communities and the constant search for new content, mods, and cheats to disguise malware in seemingly harmless files.
Most affected games: GTA, Minecraft and Call of Duty, in the spotlight
Among the titles most used by cybercriminals to spread malware are: Grand Theft Auto (GTA), Minecraft, Call of Duty y The Sims. Only the saga GTA accumulated more than 4,4 million attack attempts, proving that, even with the passing of years, it remains one of the most exploited franchises. Minecraft, known for its extensive mod ecosystem and popularity among young audiences, has registered more than 4,1 million attemptsFollowed by Call of Duty (2,6 million) y The Sims (2,4 million)Other games such as Roblox, FIFA, Among Us, Assassin's Creed, CS:GO, and Red Dead Redemption are also among the most commonly used as bait.
The technique used by attackers consists of disguising malicious files as mods, extensions, leaked versions, hacks or fake installers.Thus, any download outside of official channels, no matter how tempting it may seem, can become a gateway for Trojans, malware downloaders, spyware, or even ransomware.
The main objective is usually the gaming account theft, which are then resold on private forums, the dark web, or even on messaging channels like Telegram. Victims may see access to skins, virtual currencies, progress, and even paid subscriptions disappear., leaving them exposed to a digital black market.
The rise of cybercrime in the gaming world and new deception strategies
Cybercriminals have perfected their methods of impersonation and digital manipulation.One of the most common scams is phishing scams created using fake sweepstakes, virtual rewards, or events that mimic official announcements from video game companies. Users often fall into the trap of websites that promise coins, skins, or early access, unwittingly handing over their credentials and even banking information.
Research by security experts also reveals the proliferation of infostealers and malware kits distributed under the "Malware-as-a-Service" model, which allows attackers to automate distribution and repackage viruses under new names. Platforms such as Steam, Discord, and Telegram channels are used to spread modified installers, extending the reach of attacks.
The risks are not limited to account theft alone: Infected devices can be exposed to remote control by attackers, blocked by ransomware, or used to mine cryptocurrency without the user's knowledge. Furthermore, it's becoming increasingly common to find advertisements for the sale of compromised accounts and digital items on forums and channels that were previously reserved for more intimate circles.
Security recommendations to avoid cyberattacks in video games
Given this situation, cybersecurity specialists recommend a series of key measures to protect against the digital risks associated with the gaming world:
- Trust only official sources: Download games, patches, and mods only from verified sites or official stores. Do not open links sent by strangers or found on dubious forums and social networks..
- Protect your accounts with strong passwords and two-step verification: uses complex and different combinations for each account. Always enable two-step authentication where possible.
- Be wary of exaggerated gifts and offers: Any promise of free content in exchange for credentials is usually a trap.
- Check the URL before entering personal data: Check that the web address is legitimate and uses secure protocols.
- Keep your antivirus updated: A recognized security solution helps detect and neutralize suspicious downloads.
- Learn while you play: There are educational initiatives, such as interactive games designed to teach good cybersecurity practices in an enjoyable and practical way.
Lisandro Ubiedo, security analyst at Kaspersky, emphasizes that: “Cybersecurity is already an essential part of everyday digital life, especially in environments where young people live together and constantly share information.”
In this context, being part of online communities requires exercising a certain degree of caution. It's not enough to rely on traditional habits: it's essential to identify risks, protect accounts, and avoid being lured by overly tempting promises.
The landscape of cyberattacks on video games shows how attackers' creativity finds fertile ground in the passion for gaming for new deception strategies. Every download, every offer, and every password shared can be the difference between a fun experience and a real digital headache.
