Cybercrime and the Gaming Industry

Groups with ominous-sounding names such as Lizard Squad, Team Poison, and the Armada Collective are making a virtual killing from cybercrime. But the attack surfaces they target aren’t what you may have come to expect. Rather than going after financial and banking platforms where more challenging safeguards and harsher penalties are in place, these enterprising cybercriminals are exploiting relatively virgin territory where defenses and even criminal prosecution are almost non-existent.  To make things even more attractive to these bad actors, their victims have a stubborn resistance towards cybersecurity and as a result, cybercrime and the Gaming industry have become wedded in an ugly battle of fraud and opportunistic greed.Criminal exploitation of the gaming industry goes back to its earliest days. Piracy and game counterfeiting have a long legacy and the focus of game publishers has been on thwarting reverse engineering and intellectual property theft. But the monetization strategy of selling virtual game currency and other virtual assets has attracted the attention of those looking to make a quick buck. Today, the gaming industry has a valuation of one hundred billion dollars. No wonder it’s become such an inviting target!To make matters worse for the gaming industry, the highly-distributed nature of modern gaming platforms, especially those based on the MMORPGs model, has played directly into the hands of hackers. All of the same strategies and tools used in traditional hacking can be applied with little modification to attacking online gaming platforms. A prime example of a recent attack against such a platform is the on-going attacks against Steam.Steam is a multi-OS gaming platform owned by gaming company, Valve, which is an e-store for video games. It boasts millions of members and thousands of games in its online catalog. Steam also offers trading cards along with other valuable goods for purchase from within member accounts. It’s these in-game assets as well as user financial information that are being targeted by cybercriminals.A new breed of malware specific to the online gaming industry has popped up as a result. “Steam Stealer” was created to target the Steam platform and to date, has been used to hijack millions of user accounts. The core software used by Steam has evolved into 1200 variations and is the entry level malware of choice by script-kiddies.Steam Stealer and other gaming-specific malware are delivered through the typical distribution channels: phishing, infected game clones, and through a fake version of the Chrome Steam extension. This malware is then used to steal user financial information and gaming assets which in turn are sold via Steam Trade. Some of these assets go for hundreds of dollars in trade.Evidence that the cybercrime industry is growing and maturing around exploiting the gaming industry is the emergence of Malware as a Service (MaaS). This is similar to what’s occurring with ransomware. Further sophistication is evident from using botnets to fraudulently generate in-game assets to later sell on gray markets. This process is referred to as “Gold Farming” or “Grinding.” Flaws in game code make such malware viable. A big assist to allowing these kinds of exploits to succeed and proliferate comes from the gamers themselves.Gamers are well-known for squeezing the last drop of performance from their systems. Whether it’s overclocking CPUs, maxing out video adapter RAM, or tweaking network performance to shave a millisecond off their ping time for an edge in online first-person shooter games, there’s little a hardcore gamer won’t attempt in order to gain an advantage. It should then come as little surprise that one of the very first things gamers do is disable or even uninstall anti-virus software. If that isn’t a head smacker, then nothing is! They need to ask themselves what is the real cost of such a reckless maneuver.There is also a truly dark side to cybercrime targeting the gaming industry. And this is no exaggeration. Lifting up the rock under which this activity hides reveals something akin to true evil. The fact that there are few laws governing defrauding gaming platforms pretty much has given these criminals the green light. Proceeds from reselling ill-gotten gaming assets and user financial information is often used to fund illicit activities up and down the cybercrime continuum.Laundering stolen assets is a relatively easy process. They first are converted to virtual currency such as Bitcoin. From there, further cleaning is offered by “laundry services” which clean the virtual currency by mixing it with other cryptocurrencies erasing transaction records making it untraceable. The proceeds can then be used to fund DDoS attacks and other exploits or even put back into funding further exploits on gaming platforms.Where things cross over into real darkness is the use of forced labor in the commission of these cybercrimes. There’s automation using software tools and then there’s the brute force from using hordes of human beings. The latter is now being used to “Gold Farm” or “Grind” for in-game assets. It’s been revealed that the Chinese government has been forcing labor camp inmates to work long hours for such purposes. Sounds like a scenario in a video game, but sadly, this is real life.As we’ve seen, both publishers and users have been extremely slow to protect their industry, but some grudging progress is being made. Steam has put some safeguards in place to protect user accounts and in-game assets. They now have a two-factor authentication process in place and have instituted a 15-day hold on traded items to mitigate the risk of fraud.Identifying bad actors and keeping them out of the system continues to prove challenging. A new breed of anti-virus program created for gaming in mind is now available from a company called Panopticon. It is modeled after similar tools in the financial industry and is designed to identify suspicious behavioral signatures during gaming sessions. A gaming mode has also been added to several AV programs which reduces the load on system resources by suppressing notifications during a gaming session.Clearly, a lot of work still needs to be done to better safeguard the gaming industry. The first order of business is the creation of tougher laws to punish crime targeting the industry much in the same way as laws evolved to protect the banking and financial industries. And perhaps most importantly, a greater awareness needs to be created about the problem. A new field of cybersecurity is taking shape around an exciting industry that provides immense entertainment for millions around the world. A solid foundation in the principles of cybersecurity as provided by the many courses on Cybrary.it is a great place to start. Considering what’s at stake, this isn’t a game!