Online Games Fortnite case: The constant increase in cyber attacks does not spare the online gaming sector, which involves over 2.5 billion players worldwide and an important turnover.
According to research, gaming revenue in 2021 is expected to be at $ 175.8 billion, an increase of 13% compared to the previous year and remember the year 2020 in itself saw a steep rise due to Covid, which led to people staying home.
The criminal interest for similar numbers cannot, therefore, surprising, and it is estimated that in the 17 months between 2017 and 2019 were perpetrated about 12 billion cyber attacks against websites and console games online (the study was developed by the Akamai Company).
The Fortnite case
It might be old news now, but the famous game Fornite would thus generate, in addition to the turnover of the Epic Games company that produces it, also a turnover of one billion dollars a year for the sale of the stolen accounts to the “black market”. Each hacked profile can, in fact, be resold for 200-250 dollars, depending on the specific content with the one purchased or earned and, in case a payment method is connected (such as a credit card), the hacker can also buy in-game goods and currencies to increase their value, before putting them back up for sale.
An attack technique called credential stuffing is used for the violation of accounts and consists in exploiting for access to sites or services credentials stolen during a data breach, which are “tested” on the various profiles to check if they allow you to access.
This operation can be accomplished in an extremely simple and fast way: with the use of botnets, which are computer networks infected with malicious code, it is possible to verify about 500 accounts per second.
Attacks can also be perpetrated through phishing (with targeted social engineering campaigns that offer discounts, gadgets, exchanges to the gamer community) or malware that allows the hacker to take possession of the device.
The risks for players are not limited to crimes committed by for-profit criminals, such as theft, fraud or money laundering, but extend to cyberbullying and sextortion, blackmail and extortion that exploit information, images or videos of sexual or otherwise private character.
For contact with the victim, in fact, criminals can use audio communication channels and chat, which are integrated into online games to allow multiplayer game modes and which sometimes are instead vectors of risks and threats, especially for younger or vulnerable users.
While not exactly a crime but microtransactions are taking a toll on the video gaming industry. As free to play games have taken hold of the industry. Companies have resorted to microtransactions and loot boxes to gain revenue, and this model has been quite successful. But for the consumers, it presents its own challenges. First of all, it can be akin to gambling, and on the basis of that, loot boxes have already been banned in few countries, and other governments are also preparing legislation.
To give you an idea of how this works, let us take an example of a free play game like Path of Exile. Now since it’s free to play but developers still need to make money. So what they do is create a gaming model where if a player wants to dominate and progress further in-game, he needs to upgrade his character. Now he can do it one of two ways. He can either grind the game for hours in search of gems and items which increase the character’s attributes, or he can purchase them from in-game vendors using path of exile currency. And he can buy this currency either for real-life dollars, either in-game or from independent websites. And as path of exile currency prices are often lower on outside vendors. There is a chance it can be a scam. So at the very least player is constantly spending five or ten dollars every few days on the game, and at the very extreme, he becomes the target of a scam and loses his credit card or banking information.