Over the last three years, the following trends were discerned in the firm’s user base:

    • Analysis of the demand credentials can be done through examining the number of Dark Web posts in which threat actors offer or attempt to buy info stealer log files. The demand for ChatGPT account login details spiked in March 2023 after the release of the fourth version of the popular chatbot. Since then, it has stabilized at the same level as that of other AI services.
    • Between 2021 and 2023, almost 34m credentials for Roblox were compromised and posted on the Dark Web, turning the game into a very fruitful target for cybercriminals using info stealing malware. The number of accounts compromised for this popular children’s game had been increasing gradually each year: over the past three years, this figure had risen by 231%, from roughly 4.7m in 2021 to 15.5m in 2023. In general, the average number of compromised accounts in a combination of 11 other random popular gaming platforms or games (Twitch, Electronic Arts, Sony PlayStation, and Steam amongst others) has increased by 112% since 2021.
    • While there were numerous cases of thefts of login credentials on Roblox accounts, they were not the primary goods cybercriminals were seeking. Certain accounts were much more appealing to them: for example, between 2021 and 2023 the number of Dark Web posts selling or buying Steam accounts peaked at approximately 10,000 while advertisements related to stolen Roblox accounts remained at under just 150.
    • The motive behind such high volumes of credential thefts is to exploit children’s vulnerability, as they are susceptible to various kinds of social engineering. For instance, cybercriminals can hide info stealers in files containing cheat codes to deceive young gamers. In some cases, this deception is convincing, as malicious download links can be posted on legitimate and popular social media platforms. As a result, a significant number of compromised accounts have emerged from a game targeted at children.