One cybersecurity firm saw a 57% increase in 2022 attacks on users whose work computers were used for gaming by kids

In analyzing its customer base telemetry this report, the whole of 2022 registered a 57% increase in attack attempts on online gamers aged six to 13.

Last year, 232,735 gamers protected by Kaspersky solutions encountered almost 40,000 files, including malware and ‘potentially unwanted applications’ imitating the most popular children’s games.

Since children of this age group often do not have their own computers and play from their parents’ devices, the threats spread by cybercriminals are most likely aimed at stealing the data and credentials of the parents.

In the same period, nearly 40,000 users tried to download a malicious file that mimicked Roblox, a popular kids’ game platform. This resulted in a 14% increase in the number of victims, compared to 33,000 gamers attacked in 2021 in the firm’s user base.

Since half of Roblox’s 60m users are under the age of 13, the majority of victims of these cybercriminals’ attacks are potentially children who lack sufficient knowledge of cybersecurity.

Other key findings

Kaspersky telemetry for 2022 also yielded the following trends:

    • The most popular titles exploited by cybercriminals were Minecraft and Roblox, both in 2022 and 2021, in the firm’s user base.
    • Even games for the youngest children (Poppy Playtime and Toca Life World) aged 3–8 were ranked high in the number of attacked young gamers
    • There was a 41% rise in 2022 in the number of affected users downloading malicious files disguised as Brawl Stars, reaching about 10,000 gamers.
    • One of the most common social engineering techniques targeting young players involves offers of access to popular cheat codes and mods for games. On a phishing site the user may get a whole manual on how to install the cheat properly.
    • Additionally, the game-cheat instructions make a point about the need to disable any antivirus protection on the system before a cheat mod can be installed. This may not alert young players, but it may be specially created so that the malware evades detection on the gaming device. The longer the user’s antivirus is disabled, the more information could be collected.

According one of the firm’s security experts, Vasily M. Kolesnikov: “When focusing on young players, cybercriminals don’t even bother to make deception schemes less obvious. They hope children and teenagers have little or no experience or knowledge of cybercriminal traps and will easily fall for even the most primitive scams. Therefore, parents need to be especially careful about what apps their children download; whether their devices have trusted security solutions installed; and educate their children about (online security).”