Playing for Keeps: Hackers Target Gaming and Gambling

Author Avatar


Posted on April 11, 2023

Want to interview Mendy?


Online gaming and gambling companies are increasingly being targeted by cybercriminals.

According to a report from Akamai, cyberattacks on gaming companies were up a hefty 167% last year. The Michigan Attorney General, Dana Nessel, also warned residents to be careful when using online gambling sites after cyberattacks hit several popular sites including DraftKings, FanDuel, and BetMGM.

Why is Gaming Being Targeted?

Several factors are behind the surge in attacks on gaming companies.

  1. It’s a huge target. An estimated 3 billion people played online games in 2022 alone. Gaming experienced a boom during the COVID pandemic as billions of people sought diversion during long periods of lockdowns. Despite the fact that restrictions have been lifted, the upward gaming trend is continuing.
  2. It’s a tempting target. There’s a lot of money in gaming — an estimated $203 billion in 2022. In addition to initial purchases, users continue to spend on “micropurchases” of enhancements to games. While those purchases seem “micro” to gamers, they are anything but for the game companies that sell enhancements.
  3. It’s a vulnerable target. Many gaming companies are moving to the cloud, meaning more users can play from more places and more devices. That also means more attack vectors through which cybercriminals can find their way in. Additionally, any time new infrastructure or software is introduced – which for cloud native apps is very frequently – there are new opportunities for things to go wrong: misconfigurations, undetected vulnerabilities, and more.

What Kind of Attacks are Hitting Gaming Companies?

Gaming companies are vulnerable to the same kind of attacks as any other business including, for example, ransomware attacks. Due to the nature of gaming, companies – and individuals – are also vulnerable to additional forms of exploitation by cybercriminals.

Money Laundering

Gaming has gained popularity as a way to launder money. Criminals can get an account, buy in-game currency, and then resell the account at a discount, masking the source of the ill-gotten gains. In addition, the small dollar value of in-game micropurchases makes it easy for criminals to stay under the radar of law enforcement.

DDoS Attacks

Distributed Denial of Service (DDoS) attacks target gaming more than any other industry, with gaming accounting for 37% of all DDoS traffic. Financial services were in a distant second place with 22% of DDoS traffic.

What DDoS means in gaming varies. DDoS attacks can be broad, bringing down an entire network, as was the case in the 2014 Christmas DDoS attack on PlayStation and Xbox that impacted 160 million gamers. Or they can be narrow. A narrow attack can create a latency advantage for one single player, which can be just enough for them to win. Given the very high stakes of some games, these attacks can have significant financial impact on players.

Web Application and API Attacks

Akamai describes web application attacks as the “800-pound gorilla in the security operations center, accounting for more than half of all data breaches.” These attacks can have many different goals: stealing in-game assets from users, stealing source code to facilitate cheating (which brings real money rewards), and stealing stored data including user logins, game details, or personal information.

Ice Breaker

A new threat to cyber security in gaming and gambling industries is known as “Ice Breaker.” Ice Breaker attacks start by using social engineering approaches such as phishing to install a JavaScript backdoor on a platform.

The attacker then contacts the game’s customer service, posing as a legitimate customer having problems registering for a new account. In a chat session with a customer service agent, the attacker convinces the agent to click on a Dropbox link that they enter in the chat or email to see a screenshot of the supposed problem the fictitious user is having. When the unsuspecting customer service agent clicks on the link, it retrieves malware in the form of an LNK payload or VBScript file. The backdoor provides all the usual access, including the ability to steal passwords, run VBScript from a remote server, open a reverse proxy, and more.

Protecting Gaming from Cyberthreats

With so many different ways to attack gaming companies, online gaming security teams need to rely on a state-of-the-art Zero Trust cybersecurity approach. With Zero Trust, every user, every transaction, is viewed as potentially dangerous unless validated as safe.

A comprehensive Zero Trust platform, such as ZTEdge, provides many tools that can enhance cybersecurity in gaming:

  • Web Application Isolation (WAI) cloaks the gaming app from attackers, protecting the app surface from cybercriminals seeking to probe for vulnerabilities to exploit.
  • Remote Browser Isolation (RBI) provides protection against Ice Breaker type attacks that are based on clicking on an infected link. All links are opened in remote browser in an isolated, cloud-based container and only safe rendering data is sent to the browser on the user device so malicious content never reaches the user device or the company network.
  • ZTEdge Instant Messenger Isolation protects against malware sent directly in chats even for chats that are E2EE.

Serious gamers know that gaming is serious business. Cybercriminals know it, too, and know that the profits to be gained from hacking gaming apps is serious as well. The best way for companies in the industry to stay ahead of the attackers is by trading in yesterday’s cybersecurity solutions for an up to date Zero Trust based platform.

Share this on:

Author Avatar

About Mendy Newman

Mendy is the Group CTO of Ericom's International Business operations. Based in Israel, Mendy works with Ericom's customers in the region to ensure they are successful in deploying and using its Zero Trust security solutions, including the ZTEdge cloud security platform.

Recent Posts

Air Gapping Your Way to Cyber Safety

Physically air gapping enterprise networks from the web is a great way to protect operations, keep data safe … and squelch productivity. Virtual air gapping is a better approach.

Motion Picture Association Updates Cybersecurity Best Practices

The MPA recently revised its content security best practices to address, among other challenges, the issue of data protection in the cloud computing age.

FTC Issues Cybersecurity Warning for QR Codes

QR codes on ads are a simple way to grab potential customers before they move on. No wonder cybercriminals are using QR codes, too.