In this blog, we turn our focus to trust and safety in online gaming, helping companies learn about the ways that threat actors abuse platforms and players alike. As part of this endeavor, ActiveFence has investigated how threat actors perpetrate fraud in online gaming, showing how they target, evaluate, and access players’ accounts in order to sell their digital assets. For our comprehensive analysis – download the complete report below.
Online Gaming Fraud
The global number of online gamers has grown consistently over the past decade, jumping sharply in the wake of the COVID-19 pandemic. In fact, a recent survey by Statista found that between October 2020 and January 2021, 80 percent of UK children aged 12 to 15 had played online games. But while the player base has grown, so have the risks in the online gaming arena.
Moreover, as more games offer in-game or in-app purchases, allowing users to convert legal tender into in-game currencies and accumulate funds, these gaming accounts are becoming more attractive targets for fraud and theft.
The victims of gaming fraud include gamers from all age groups, though children are particularly vulnerable. Furthermore, the impact of such exploitative and deceptive activities can have tragic results. For example, in India, a 13-year-old boy committed suicide after losing 40,000 Rupees ($538) of his parent’s money to fraudsters.
Companies seeking to protect both their platforms and users from falling prey to threat actors committing theft and fraud must be proactive. However, in order to do so, a comprehensive understanding of the threat is required.
When a thief steals a car, they typically can either sell the stolen vehicle as a whole or strip it for parts to be sold separately. Cybercriminals operating in online gaming take a similar approach: first, they will look to compromise valuable accounts before either selling the accounts as a whole or stripping them of valuable assets to be sold separately. Stolen digital items listed for resale include, among other things, gift cards with a financial value and in-game items such as customized weapons and character skins.
However, before a threat actor can even think about selling a stolen account or its in-game items, they must first acquire the account. There are a variety of techniques available to threat actors to assist them in this endeavor, from malware and phishing campaigns to social engineering within specific gaming platforms. Others may engage in credential stuffing attacks—an automated process of inserting user and password list combinations using automated tools or bots against a target website in an attempt to gain access to existing valid accounts.
Fraud actors will often deploy malware designed to target the computers of online gamers and steal their credentials and digital information in order to compromise their accounts. Credential stealers primarily include three types of malware: (1) Programs that wait for a user to log in to steal their credentials; (2) Programs that dump information stored in Windows, such as password hashes, to be used directly or cracked offline; (3) Programs that log keystrokes.
There are also a number of forums and marketplaces dedicated to the facilitation of gaming fraud available on both the surface and dark web. In particular, cracking forums are those that specialize in account takeover and sharing account cracking techniques.
Reaching The Market & Evaluating Stolen Accounts
In order to make a financial profit from these activities, threat actors must sell the information that they have acquired. To do so, threat actors utilize instant messaging platforms and servers as a straightforward means of communication. While fraud actors may opt to exploit pre-existing instant messaging servers, others will create and administer their own, where engaged members can discuss the purchase and sale of accounts, items, and in-game currency.
When it comes to appraising the value of an account being sold, a variety of factors are at play. Notably, games, in-game currency, and skins all contribute to the valuation of a stolen account—the more of each they have, the more valuable the account is. Additionally, the platform on which the account is on or the game it is tied to can also impact the price.
The Bigger Picture
The surging popularity and profitability of online gaming have presented significant financial opportunities for fraud actors looking to prey on gamers. Seeking to maintain the integrity of their platform, and the safety of users, gaming platforms must be able to quickly identify and stop the fraudulent acquisition and use of accounts.
By consulting our full report—available for download below—trust and safety teams in online gaming will receive detailed insights into how bad actors buy and sell malware and malware logs to entrap users on their platforms, compromise their accounts, and sell their digital assets.