Risk of information being stolen from a gaming account
According to the latest research by the cybersecurity team Kaspersky Digital footprint Intelligence (DFI) released on the afternoon of September 4, in 2024, up to 11 million gaming accounts had their login information leaked.
This data shows that the Steam platform alone has had up to 5.7 million accounts attacked by malware to steal information.
Based on data from malware logs, the Kaspersky Digital footprint Intelligence team analyzed leaked Steam login information related to the Asia-Pacific region (APAC).
The results showed that Thailand topped the list with nearly 163,000 exposed accounts, followed by the Philippines with 93,000. Vietnam is also in the top 3 with nearly 88,000 accounts. In contrast, the countries with the lowest figures are China, Sri Lanka and Singapore, with about 19,000, 11,000 and 4,000 login information respectively.
It is not surprising that the Asia-Pacific region has become a top target for cybercrime. The region has consolidated its position as a global gaming hub, home to more than half of the world's gamers.
With nearly 1.8 billion players and this number is still increasing, the gaming ecosystem in APAC is not only the largest in scale but also shapes many global trends. Therefore, it is an inevitable consequence that this area has become a fertile ground for data theft threats.
Cibercriminals often release logs containing stolen data months, even years later, from the initial attack, says Polina Tretyak, a researcher at Kaspersky Digital footprint Intelligence.
Even stolen login information can reappear on dark web forums, causing leaked data warehouses to increase. Therefore, the number of game accounts hacked may actually be much higher than what we see.
Ms. Polina Tretyak also shared that theft of information malware is often disguised as fake games, scam software or unofficial mod versions.
Their main goal is to steal sensitive information such as passwords, cryptocurrency wallet information, credit card details and browser cookies. After being stolen, the data will be sold or shared for free on darknet platforms, becoming a tool for further attacks.
Recommendation
To avoid falling victim to data theft attacks, Kaspersky cybersecurity experts recommend that individuals and businesses apply the following measures:
For individuals:
Run a comprehensive security scan across all devices to remove any detected malware.
Change the passwords of the hacked accounts.
Monitor suspicious activities related to affected accounts.
For businesses:
Proactively monitor dark web forums to detect early detection of customers' or employees' accounts with leaked information.
Use specialized solutions to understand what cybercriminals know about company assets, thereby identifying potential attack methods and implementing timely protection measures.
