ACID Technologies provides the gaming industry with 24/7/365 dark web monitoring services, while also monitoring multiple additional sources and platforms. When detecting a threat, ACID sends real-time, actionable alerts with all available information, to enable the targeted gaming platform operator to effectively respond to the threat and mitigate its harmful impact on its operation, whether service disruption, ransom demand, data theft or other.

What makes the gaming industry attractive to cyber attackers?

The gaming industry is on a continuous a multi-year upward trend, with a valuation of $282 billion in 2024, with China alone generating a quarter. The second largest market is the USA, and the third largest – Japan (Data.ai). It is estimated that the industry will be worth more than $363 billion by the year 2027.

The number of gamers worldwide is approximately 3.03 billion. Online gamers constitute 2.82 billion of these (Statista).

With the number of gamers in the billions and the amount of personal information a veritable potential goldmine, it is no wonder that cybercriminals find this industry attractive.

Furthermore, the immense revenue of the gaming industry does not escape the attention of malicious actors, who identify it as a potentially lucrative source of financial gain.

Another reason that cybercriminals target the gaming industry is the use of third-party programs, cheat tools, etc. by gamers aiming to gain an advantage over their competitors; this expands the possibilities of launching an attack.

Which are some of the methods of attack used by cybercriminals targeting the gaming industry?

• Distributed Denial of Service (DDos) attacks, causing service disruptions by overwhelming the system with internet traffic. As a result, legitimate requests do not receive a timely response. This affects not only the gamers while playing, but can also harm the gaming company’s bottom line and its reputation.
• Phishing attacks, in which gamers are tempted to click unsafe links, which lead to the unintentional downloading of malicious content. They might also be tricked into entering their login details to pages from which these can be stolen. Also, since many gamers attribute great importance (not to say addicted) to this hobby and invest effort and resources to get ahead of the competition, they are likely to be quick to respond to fake messages threatening to suspend their accounts or delete them altogether, without exercising proper caution.
• API abuse, in which application programming interfaces (APIs) are exploited by cybercriminals intending to manipulate gaming platforms. As a result, not only the user experience, but also the security of the platform and protection of data are impaired. The fast development of gaming platforms, compounded by the complex nature of their architecture, increases their vulnerability to API abuse.

Have gaming industry studios been targeted by cybercriminals in recent years?

• The network supporting the popular Axie Infinity blockchain gaming platform was targeted in 2022 in the largest cryptocurrency hack to date. The hackers managed to steal $625 million worth of Ethereum and the USDC stablecoin. Sources in the USA believed that Lazarus Group, a hacking collective backed by North Korea, was linked to this attack.