Main menu


Hackers target online gamers, hijacking accounts and accessing financial information

InvestigateTV – video games offer users the opportunity to escape reality and enter a virtual world where almost anything is possible.

According to industry lobby group the Entertainment Software Association (ESA), multi-platform options are plentiful for the more than 215 million Americans who play video games from mobile to console to desktop.

Kids aren’t the only ones picking up controllers. That same ESA report states, 71% of children under the age of 18 are gamers, and nearly two-thirds of video game players are adults.

The $60 billion gaming industry is increasingly under attack by hackers. In a 2020 report, cybersecurity firm Akamai tracked more than 246 million of his web attacks against the gaming industry. Those numbers mark his 340% increase from 2019.

Alex Nette, cybersecurity expert and CEO of Hive Systems, said it is often difficult to identify direct costs to consumers.

“There isn’t a lot of information about all of this, and more importantly, how much will it end up costing consumers,” Nette said.

lose control

Chris Stephens started playing games as a kid and still does.

“I grew up in an era when online and computer games were just getting started,” says Stephens.

Stevens, 36, said his first game was “Super Mario Bros.” On the original Nintendo Entertainment System (NES). Stevens’ tastes have evolved with video game technology. Now that his 8-bit world of Mario is gone, he’s become a regular on his Twitch, his streaming gaming platform.

“It’s definitely gotten a lot more complicated,” says Stephens.

Chris Stevens streams himself playing on Twitch. “I brought your teammate! I brought your teammate,” he said to another gamer over a headset.(Chris Stevens)

Stevens said he uses video games to connect with gamers across the country, but he didn’t expect that same system to happen while playing games, he said, being hacked. I released him to the situation.

In 2017, Stevens said he received an email from video game company Electronic Arts (EA) about a suspicious login attempt. However, Stevens said the hackers appeared to have changed the language settings on his account, and that the email was sent in Russian.

“I got the email and it was in full Russian. Luckily Google Translate exists so I was able to decipher what it said,” Stephens said. say. “The bottom line was that my password was reset. If I didn’t reset my password, I need to update my password.”

Stephens said he doesn’t know how the hackers got access to his account. He was immediately concerned about what other information the hackers might have stolen.

“When I get the first email in Russian, go through it, and think about what happened here, I stop and wonder what else was compromised,” Stephens said. increase.

The Russian email you see on the left was sent to Stephens by Electronic Arts...
The Russian-language email you see on the left was sent by Electronic Arts to Stephens to notify him of strange activity on his account. The email on the right shows the translation after Stephens performed it via an online translation service.(Daniela Molina, InvestigateTV)

The next attack happened three years later. In 2020, Stevens said he was playing Fortnite, Epic Games’ popular online video game, when an intruder hacked his account and changed his username. He did some research and said the IP address was pinging someone in India.

Stevens said he was eventually able to recover his account, but he wasn’t the only one to be hacked.

Norton LifeLock, a software company that provides tools to prevent hacking, said in its 2021 report that nearly half of its users have experienced some form of cyberattack on their gaming accounts or devices.

hacker attack

Alex Nette says that most people fall prey to hackers without realizing it until it’s too late. One of the main targets: usernames and passwords.

“Video games are like many other online accounts for children and adults. These accounts usually have passwords and usernames associated with them,” said Nette. “So hackers and scammers may want access to these accounts, especially kids who spend a lot of time playing video games and have all their achievements in one place. Even more so for adults.”

Akamai’s “State of the Internet” report highlights “credential stuffing” as a common tactic used by hackers. Credential stuffing starts with hacked accounts. Compromised victim usernames and passwords can be sold on the black market. Hackers may use the same credentials to access multiple accounts, as players often use recycled or easily guessed usernames and passwords.

This screenshot from Akamai's report shows an example of credential stuffing. Hackers use these...
This screenshot from Akamai’s report shows an example of credential stuffing. Hackers use these posts to access people’s usernames and passwords, and use the same credentials to access other devices.(Akamai)

In 2018, the BBC reported that hackers admitted to selling player accounts for just £25 (equivalent to US$30). According to Nette, video game accounts are not only worth a lot of money due to in-game purchases and software, they are often tied to credit cards.

“Children and adults alike are really great targets for these hackers and scammers,” he said. The risk is the same if you are using it.”

According to Nette, another popular way for hackers to gain access is in-game chat features, especially when targeting children.

The game provides a way to communicate via text chat or microphone while playing online. He said everyone could be on the other side of the conversation.

“Kids and adults alike, be aware of who you’re talking to,” Nette said. “Be aware and anticipate what they are chatting about, and watch out for links that look malicious or dangerous.”

The Entertainment Software Association (ESA) lobbies on behalf of several major game companies to provide guidance to manufacturers and encourage regulation to protect gamers nationwide.

In 1994, the ESA established a self-regulatory body, the Entertainment Software Rating Board (ESRB). This group provides guidance to consumers, especially parents, on safety concerns. The ESRB has also developed a rating system to identify the age relevance of games.

The Entertainment Software Rating Board has seven ratings to categorize levels of concern.
The Entertainment Software Rating Board has seven ratings that categorize the level of concern and interest parents may have with games. This extends to sexually explicit content, language and violence.

Other agencies, such as the ESA and the Federal Trade Commission (FTC), are pushing to create codes that protect children’s privacy and information.

The FTC says on its site: The COPPA rule introduces additional protections and simplifies other procedures that companies subject to the rule must follow. “

In the ESA’s Trust and Safety Policy, the ESA says, “The video game industry is very passionate about online safety, especially when it comes to children.” ESA also has a walkthrough on how to navigate the settings and restrict communication in its parental controls section.


Marcy Thornhill is a mother and youth advocate for Kollege and Career for Youth, a non-profit organization based in Richmond, Virginia.

Thornhill raised two daughters who weren’t avid gamers, but grew up playing video games. Her kids have never been into her games online, but in her current role, Thornhill teaches her parents and kids how to play safe games. “We hear a lot of concern from parents about games and the need for young people to feel plugged in,” she said Thornhill.

While working for the nonprofit, she said she noticed that children were playing video games more often, especially during the summer.

“For so many young people, gaming is a big part of their lives, just a daily desire and drive,” said Thornhill. “This game has motivated many young people in our community.”

Like Nette, she cautioned about who might be on the other side of her online communications.

“As we continue to navigate this new era of Zoom, video games and apps, we must work diligently as parents, educators and community leaders to keep our children and families safe.” said Thornhill.

She said she recognizes that video games are part of children’s bonding in the classroom, in their personal lives, and at home, but she said parents need to play an active role. rice field.

Thornhill suggested some things parents can do.

  • See what games your kids are playing – check ratings to see if you’re in the right age group to play
  • Discuss process and security controls with them and talk about why it’s important.
  • Turn on all security protocols on your device

“It is our responsibility to ensure [children] “They know how to turn it on and operate it, so they’re well-informed and don’t make assumptions,” Thornhill said.

Gamer Chris Stevens also recommended that parents discuss protocols and safety precautions when playing online games with their children, especially when money is involved.

According to Stevens, his nephew plays online games and uses virtual currency from Christmas gifts to buy skins (character outfit add-ons) for online games.

“Without that conversation, the account can be lost, and it can be lost entirely,” says Stephens.

As for his own account, Stevens said he learned from his own experience.

“We knew there were security risks out there, but we really didn’t think anyone would do anything about it,” says Stephens. “And lo and behold, both of my accounts were compromised. I’ve gotten better about it over time. But it’s one he doesn’t think will happen to me until it actually happens.” .”

Stephens said he enables two-factor authentication on his gaming devices to avoid hacking.

Experts and victims tell InvestigateTV there are other ways to protect themselves before it’s “game over.”

  • If you have a credit card associated with your or your child’s account, regularly monitor purchases from that account.
  • Check to see if the game company offers a “scrubbing” chat feature. This allows companies to censor certain languages ​​and prevent links from being posted.
  • Report strange activity to the company, especially if you know something looks like a scam.

To give parents more access to how to protect their children on specific devices, the ESRB has provided additional tips in a blog post.