Threat Actors Target Gen Z Gamers Through Popular Titles

Kaspersky security researchers have discovered sophisticated threat actor activities that take advantage of the digitally native Gen Z population, which was born between 1997 and 2012 and is heavily involved in gaming, streaming, and anime, for malevolent purposes.

Over a one-year period from April 1, 2024, Kaspersky documented at least 19 million attempts to disseminate malware camouflaged as popular games, with Grand Theft Auto (GTA), Minecraft, and Call of Duty topping the list at 11.2 million incidents.

These titles’ high replayability, coupled with expansive online ecosystems fostering user-generated content, mods, and cheat distribution, renders them prime vectors for cyberattacks.

Phishing Campaigns Exploit Replayable Titles

Threat actors exploit this by deploying phishing schemes that impersonate legitimate entities, enticing users with promises of in-game rewards, exclusive trades, or monetary gains to harvest sensitive data such as login credentials, financial information, and personal identifiers.

A notable case involved a phishing domain mimicking Riot Games’ official Valorant-Arcane crossover campaign, where users were lured into a “spin the wheel” mechanic for purported exclusive skins.

This ruse facilitated the exfiltration of gaming accounts, banking details, and mobile numbers, underscoring the efficacy of social engineering tactics that blend recognizable intellectual property with gamified interfaces.

Beyond phishing, Kaspersky’s Global Research and Analysis Team (GReAT) identified the Hexon stealer, propagated via fraudulent game installers across forums, Discord channels, Telegram groups, and file-sharing platforms.

Operating under a malware-as-a-service (MaaS) model, Hexon targeted platforms like Steam for credential theft, while extending its reach to messaging apps (Telegram, WhatsApp) and social media (TikTok, YouTube, Instagram, Discord).

The malware’s subsequent rebranding to “Leet” introduced advanced evasion techniques, including sandbox detection via public IP address and system specification checks, enabling it to terminate execution in virtual environments and evade analysis.

Malware Infiltration in Streaming

The threat landscape extends to Gen Z’s affinity for movies, TV shows, and anime, with Kaspersky Security Network (KSN) data revealing over 85,000 attacks baited with Netflix branding equating to approximately 233 daily incidents alongside 250,000 anime-centric exploits and more than seven million leaked streaming accounts.

Prominent platforms like Amazon Prime Video, Disney+, Apple TV+, and HBO Max were frequently impersonated in phishing operations, where attackers mimicked official communications to solicit subscription renewals or payment updates, directing victims to counterfeit sites for data harvesting.

These campaigns often incorporated RiskTool utilities, comprising 80% of detected threats, which facilitate the concealment of secondary payloads such as cryptocurrency miners within compromised systems.

Anime enthusiasts, representing over 65% of Gen Z demographics, faced targeted assaults on titles like Naruto (114,000 attempts), One Piece, Demon Slayer, Attack on Titan, and Jujutsu Kaisen, totaling 250,000 incidents.

Compromised accounts from these platforms are repurposed for phishing propagation or sold on underground markets, amplifying the attack chain.

Such operations highlight the intersection of cultural phenomena with cyber threats, where threat actors capitalize on digital immersion to deploy infostealers and credential dumpers.

To mitigate these risks, Gen Z users should adhere to cybersecurity best practices: procure content exclusively from official repositories to avoid torrent-based malware vectors; activate multi-factor authentication (MFA) across services and ideally managed via secure password vaults.

They exercise caution against unsolicited offers of in-game assets or leaked media, recognizing them as potential lures; employ virtual payment cards with predefined limits for online transactions; and deploy comprehensive endpoint protection solutions capable of real-time phishing detection and malware neutralization.

For deeper insights, Kaspersky’s interactive browser game, Case 404, simulates real-world vulnerabilities, reinforcing the importance of digital hygiene in an era of weaponized entertainment.

Stay Updated on Daily Cybersecurity News. Follow us on Google News, LinkedIn, and X.