With a nice chunk of the country covered in snow and other cold, miserable forms of precipitation, you probably don’t want to venture out more than necessary. It’s times like this when you just want to curl up with your Kindle and a cup of hot cocoa and hibernate. If there ever was a good time to spend your time gaming, now would be it.
Playing League of Legends and World of Warcraft for hours on end while the snow whirls around outside is a fun and easy way to burn brain cells and kill time, to be sure. But you may be getting more than you bargained for if you’re not careful.
World of MalwareCraft
Gaming sites are plagued with malware which kind of makes sense, considering that most of the earliest malware samples originated in games back in the 80’s. Now instead of Elf Bowling, (which featured Santa trying to knock over his mini-people with a bowling ball, and was never confirmed to definitively have malware) malware within games is far more clever. In 2015 cyber crime related to online gaming came in the form of phishing and other social engineering ploys, via spoofed websites and malicious downloads and database hacks.
Then there were the famed DDoS attacks this past Dec 25th (For the uninitiated, that’s a Distributed Denial of Service attack, when hackers flood a particular server with way too much traffic in an attempt to shut it down temporarily). In a clear rip off of 2014’s Christmas Day XBox take down by the notorious LIzard Squad, the really not cleverly named hacker group Phantom Squad shut down Sony PlayStation Network and then extended their exploits to Sony PlayStation Music and other PSN services.
Malware can hide in online game demos as was seen with Octopus City Blues, a game on the most popular gaming platform, Steam. In the case of Octopus City Blues, the hackers even took the time to spoof 7 entire levels of the game in their attempts to lure victims. The game’s developers reported the incident to Steam but the platform was slow to remove the spoof.
Mo’ lives, Mo’ problems
If you’re an avid gamer, you know that you might consider (but just for a fleeting moment) trading your first born for more assets in your virtual wallet. Extra lives, armor and inventory are hotter than hot commodities and sometimes gamers are willing to throw caution to the wind to get them.
But beware, hackers know that in a moment of panic you might just be willing to hit that shady “download” button, as was displayed in this past September’s “Eskimo” attack. The malware which is disguised as a weekly raffle prompts gamers to click a link and download a form. The download installs and executes a windows binary code, clearing out the gamers virtual wallet and giving the hacker access to the victim’s Steam account.
And just last week, The Register.com reported a new gaming scam posing as a chrome browser extension that supposedly “helps” gamers get more points and trade inventory with other trusted players. Installing the extension gives hackers access to players accounts and virtual wallets. The only ones these scams help is the hacker and their cronies.
How to keep safe while gaming
If you’re a gamer or if you’re just stuck inside bored and looking for a semi-hibernative way to pass your time, there are some things you need to stay safe while gaming.
Steer clear of phishing and social engineering
Let’s say you get an email telling you that you need to update your Guild Wars password or reset some information. Don’t fall for it, chances are that it’s a phishing email and if you do enter your password you’re handing information over to creeps, not Steam or XBox.
How do hackers know that you even have accounts for games? They deploy bots that monitor gaming forums and social media and look for patterns to deduce who has an account for what. Then they send them infected links to spoofed websites.
No matter what, keep your antivirus and antimalware up and running
Gamers need their computers to be fast and everything you run on your computer uses up resources, which just slows you down. To this end, there’s an alarming trend in the gaming world of disabling security software for the sake of speed.
Needless to say, scammers are all too happy to capitalize on this doltish behavior. You should always have your AV program and a solid anti-malware program like Reason Core Security running – But the necessity for security is even more important when you venture on to potentially perilous sites – and face it, gaming sites like Steam can be pretty perilous. Do yourself a favor, keep your security measures enabled while gaming – and all the time.
Use strong passwords and enable 2FA where you can
There may not be anything you can do to keep Sony PSN from getting pwned. But you can make sure you are using strong and unique passwords and 2 factor authentication wherever you can. Steam allows you to enable 2FA, which provides you with extra layers of security so go ahead and set it up asap.
Now you should be all set for a malware-free gaming marathon if that’s your thing. If not, go outside and make a snow angel, read a book or play Monopoly. At least there’s no malware there.