Online games have become increasingly popular in the last few years, as the internet has become more accessible around the world people have turned to online gaming as an escape from real life. Online games like maplestory, WOW, runescape and now games like fortnite, apex legends and many other cross platform games have millions of active users. Due to this mass adoption it has also become a great target for hackers that want to make quick money or steal user information. Attackers can leverage the name of these popular video games to trick users into downloading malware or performing other actions that can cause users harm. In this article we go over some of the major cybersecurity issues with online games: 1) Trojan Horses
A trojan horse is a type of malware that disguises itself as a legitimate application in order to convince people to download it. In the context of video games a trojan horse would likely disguise itself as a video game or an add-on to a video game in order to convince people to download it. 2) Security vulnerabilities
Video games like any other software application can have security vulnerabilities that allow hackers to steal company or user information by directly exploiting the application. For example in January 2018 Fortnite had a flaw in their authentication process that would ultimately allow hackers to get users' login information and all it required from the hacker was getting the user to attempt a login with a redirected URL. 3) Data Theft
When signing up for online video games users are required to give up a lot of personal information, including many times connections to the person’s social media accounts. If the game is on a mobile device it can have even more information such as location, media engagement and even phone calls, the more information an account has the more valuable it is to a hacker and the bigger the potential risk for the user. 4) Phishing
Phishing attacks are a common attack vector for online video games, the most common type of attack is to set up a fake login page and lure people to the page. This link can be spread through online chat platforms and once someone enters their login information to the webpage those credentials will be sent to the hacker. See an example below: (check the URL)
Source @ steamcommunity.com
5) Weak Authentication
Many video games openly spread people’s usernames in match lobbies and this gives hackers an endless amount of accounts to try and brute force. A good example of this is with the game battlefield 5 where you can have up to 64 players in a single lobby and this provides a hacker with potentially up to 63 usernames to try common or default passwords. Based on the statistics odds are at least a few of those people will be using a password that could be easily guessed and therefore lead to a data breach. Tips for protecting yourself
Download games from reliable sources: Avoid downloading video games from unreliable sources, stick with mainstream platforms like google play, apple’s app store, steam or the company’s official website if they are a popular company. Also be sure to check the URL before downloading anything from the website.
Use 2FA: Enable 2FA on any of your video game accounts where possible to make sure there is an extra layer of security on your gaming accounts. Some video games even offer an incentive for enabling 2FA because it reduces the workload on their part dealing with hacked accounts and helps to protect their customers.
Source @ CNET
Use strong passwords: Make sure to use good passwords when setting up your account, if you're on a laptop I would recommend letting your browser create a password for you and then ask it to remember the password for you. This way you will have a highly secure password without the risk of forgetting it later on.
Only give information when absolutely necessary: Where possible avoid giving up extra information when creating an account or playing with other people online. The less information you have on your account the less you have to lose and the less you tell people online the less likely you are to have someone trying to impersonate you or attempting to steal your account.
How to get more free content
If you like this article and would like to read more of our content for cybersecurity insights, tips and tricks feel free to follow us on our social media. If you’re a struggling business owner who needs help in assessing their business’s cybersecurity posture feel free to take advantage of our free introductory assessment and we’ll help you figure out a game plan for keeping your company safe.