When Microsoft and Sony released new, updated versions of their popular game consoles within days of each other last month, gamers around the world were in seventh heaven. So, it seems, were hackers.
Cyber security firm Kaspersky Lab has been measuring the hacking attempts against the new Playstation 4 and Xbox One units – as well as other game platforms – and has seen a surge, coinciding with the late November releases.
Globally, the company estimates an average of 34,000 attacks a day. Kaspersky says it currently known of about 4.6 million pieces of gaming focused malware that are directed against the game systems.
It's measure of European attacks found gamers in Spain getting the most attention, with 138,786 attacks so far this year. Poland was in second with 127,509, followed by Italy on 75,080.
Targeting game consoles
Some gamers might be surprised to learn that their machines are subject to attack, but after all, they're computers and increasingly they're connected to the Internet. But instead of looking for your bank account number and your credit card information, these cyber crooks are mainly interested in something else – your user name and password.
If you visit an underground hacker forum, as Kaspersky experts do on a regular basis, you'll find a thriving marketplace where usernames and passwords are bought and sold. This market is fueled by attacks on the gaming companies themselves. Earlier this year, Kaspersky said it found a major espionage campaign on a range of massively multiplayer online games makers, with source code and other valuable data stolen.
"We've just seen two of the biggest console launches ever, with the PlayStation 4 and the Xbox One,” said David Emm, senior security researcher at Kaspersky Lab. “That means there will be more gamers for criminals to target, especially as the Sony and Microsoft machines increasingly use the Internet for a fuller gaming experience. And don't forget the PC, still the most popular gaming platform and cyber crooks' favorite target."
Pushing their buttons
This specialized type of malware targets specific games, such as the hugely popular Minecraft. They often prey on gamers' competitive spirit.
Earlier in 2013 hackers created a fake Minecraft tool built with Java that promised to give the player special powers, such as banning other users. But it was an empty promise and did nothing more than steal the victims' usernames and passwords.
Taking advantage of the hugely popular launch this year of Grand Theft Auto V, hacker sites offered fake downloads to access the new game for free. But when users tried to get the game, all they got was malware – yet another example of blue chip names getting abused to lure victims into downloading malicious code.
Hackers also employ email phishing scams, baiting the hook with discounts or cheap gaming goods but end the end stealing personal information.
"As computer games continue to become an increasingly prominent and important part of our lives, and our culture, expect malicious actors to up the sophistication and the volume of their attacks on gamers,” said Emm. “If people want to enjoy their new toys this Christmas, they have to be careful, as it's clear they are facing a greater threat than ever."
Play safe
Here are five tips for avoiding a hack on your gaming account:
1. Don't click
An email with a link and an offer that look too good to be true, whether from your inbox or on social networks like Facebook or Twitter, is probably a scam. Don't click on the link. Just delete the email.
2. Beef up passwords
You need not only strong username/password combinations, they should be different for each gaming account. Gaming companies get hacked and logins are leaked.
3. Get a good quality anti-virus
With all the gaming malware out there, and the increasing sophistication of the malicious software, you'll need a high level of protection against it. You'll need an anti-virus program that goes beyond signature-based detection to look at file reputation, if you want to stop the smartest malware getting on your system.
4. Choose friends carefully
It's easy to make friends in virtual worlds today, but not all are doing so innocently. Beware anyone who asks for your personal details, as they may want to do more than just contact you.
5. Only buy from legitimate sellers
Downloading a bootleg copy of a game is no deal. You're risking getting malware on your machine, as crooks often disguise game files as malicious software.