In a startling revelation, Kaspersky has reported over 19 million attempted cyberattacks between April 1, 2024, and March 31, 2025, involving malicious files disguised as popular video games. Titles such as Grand Theft Auto (GTA), Minecraft, and Call of Duty were most frequently exploited by cybercriminals targeting Gen Z gamers.
The cybersecurity firm’s research highlights a growing trend: attackers are leveraging the popularity of top gaming franchises to trick users into downloading malware, password-stealing trojans, and other malicious software.
Gaming Popularity Fuels Cyber Threats
According to Kaspersky, Generation Z (born 1997–2012) leads in both the amount of time spent gaming and in gaming-related spending. Their preference for exploring multiple game titles and chasing viral trends makes them more vulnerable to phishing, fake installers, and mod-based malware.
More than 400,000 users worldwide were directly affected by such attacks during the 12-month period studied.
Top Games Exploited in Cyberattacks (Q2 2024 – Q1 2025)
Kaspersky’s analysis used 20 of the most searched games among Gen Z, identifying the following top targets:
- GTA-related content: 4,456,499 attack attempts
- Minecraft: 4,112,493 attack attempts
- Call of Duty: 2,635,330 attack attempts
- The Sims: 2,416,443 attack attempts
The report also noted that March 2025 was the peak month, with 1.84 million attempted attacks.
Despite being over a decade old, GTA V continues to attract cybercriminal interest due to its open-world mods and online communities. With GTA VI anticipated in 2026, experts warn of an impending surge in fake game installers and early access scams.
Common Cyberattack Tactics Used
Cybercriminals lure users with offers of:
- Cracked versions of popular games
- Free mods and expansion packs
- Cheats and rare in-game items
Once downloaded, these files may install:
- Downloaders for additional malware
- Trojans for password theft and remote access
- Ransomware that locks users out of their devices
One major goal is the theft and resale of gaming accounts, which are then traded on the dark web, private Telegram channels, and closed forums.
Dark Web Marketplaces Now Selling Gaming Skins and Accounts Openly
Kaspersky’s investigation reveals a troubling trend: the barrier to selling stolen gaming accounts and digital skins has drastically dropped. What was once a niche cybercrime has now become mainstream, with sellers offering:
- High-ranking accounts
- Rare skins
- Premium in-game access
Buyers can now access illicit listings with just a few clicks via private groups on Telegram and closed platforms, making account theft a widespread risk.
Kaspersky’s Gamified Cyber Awareness Campaign
To combat this growing threat, Kaspersky has launched an interactive online game, Case 404, tailored specifically for Gen Z. The cyber-detective experience immerses players in fictional investigations inspired by real threats, helping them
- Identify phishing attacks
- Avoid scam downloads
- Protect their accounts from takeover attempts
