Games Are Targets for Ransomware and Credential Stuffing

Cybersecurity firm Cyren recently discovered Syrk, a free tool that allows players to cheat at video game “Fortnite.” It also learned that Syrk can disable anti-malware software and encrypt batches of user files for ransom. Akamai has reported a significant rise in so-called credential-stuffing attacks, by which criminals use stolen identities in automated attacks to break into accounts. Akamai found 55 billion credential stuffing attacks from November 2017 to the end of March 2019. Gaming sites had 12 billion of these attacks.

VentureBeat spoke with Akamai global director of media industry strategy Nelson Rodriguez to discuss the problem. “You might remember from 10 or 15 years ago, the way folks got access to your computer was often through things like fake security scares or fake security software,” said Rodriguez. “Now games are such a rich way in … free-to-play is driving it more than anything … [because] the way they’re built and designed, they lend themselves to manipulation, or at least the desire for players to have some kind of advantage.”

He added that consumers and companies need software to prevent malware and that game companies in particular need to make sure their games are not at fault.

Rodriguez said that Akamai’s security team looked into the threat and “recognized it had nothing to do with the game.” “It looks a lot like typical ransomware,” he said, adding that, “game companies are the most attacked companies in the world, more attacked than defense contractors or financial services companies.” He described the strategy as “a classic phishing scam,” in which a user clicks on something that introduces the malware.

“The historical model is, you build a wall and you make sure nobody can get inside the wall,” he said. “The trick to that technique is, as soon as somebody gets inside the wall, they have full access to everything. One of the steps to having a zero-trust approach to security — first of all, don’t assume the wall is going to protect everyone.”

Instead, he suggested that security should be evaluated “inside out.” “Make sure that you are in a secure network environment,” he advised. “The other is very old-school, but if it seems too good to be true and it’s not being offered by the game publisher, then it’s not something that’s going to work out for you … if it’s not coming from the publisher, you’re opening yourself up to risk.”