Malicious software attacks heavily impact gamers residing in Saudi Arabia, Qatar, and Turkey

Malicious software attacks heavily impact gamers residing in Saudi Arabia, Qatar, and Turkey

In the world of gaming, excitement often runs high, especially when it comes to accessing unreleased or early-access content. However, a recent malware campaign is taking advantage of this enthusiasm, targeting gamers in the Middle East, particularly those in Saudi Arabia, Qatar, and Turkey.

The malware, spreading through the popular gaming platform Discord, is disguised as beta versions of video games such as Baruda Quest, Warstorm Fire, and Dire Talon. These malicious programs, once downloaded, steal personal information, payment data, login credentials, and crypto wallet details.

Interestingly, this campaign targets users with decent technical knowledge, a departure from the norm for such campaigns. Despite the tech-savvy nature of its targets, the campaign has proven effective due to its exploitation of recreational gamers, a group less frequently addressed by corporate cybersecurity messaging.

While the specific actors behind the gaming-focused malware have not been named, the campaign's tactics are clear. By sharing links or files that offer beta access to these video games, the attackers are tricking users into downloading malicious software.

The Middle East, with its rapid growth in video game popularity, is particularly vulnerable to cyber attacks. The region's high percentage of young people and the growing interest among the older demographic are contributing to the industry's flourishing. According to Newzoo, the Middle East gaming industry was valued at approximately $4.8 billion in 2020.

It's essential for gamers in the Middle East to stay vigilant and aware of such threats. The exact attribution of the gaming malware’s origin remains unspecified in the publicly available information.

Jozsef Gegeny, a senior researcher at a cyber security company, emphasized the importance of the cybersecurity community addressing threats that target individuals, not just corporations. As the industry's value continues to climb—five years after it was first valued at over $7 billion—the need for robust cybersecurity measures becomes increasingly important.

Faisal Al Zaabi contributed to this report.

[1] Acronis. (2021). New APT campaign targets gamers in the Middle East. Retrieved from https://www.acronis.com/en-us/blog/posts/new-apt-campaign-targets-gamers-in-the-middle-east/ [2] Symantec. (2019). DCHSpy: Iran-linked Android spyware targets individuals. Retrieved from https://www.symantec.com/security-center/threat-intelligence/dchspy-iran-linked-android-spyware-targets-individuals [3] FireEye. (2020). MuddyWater: Iranian APT group continues to target Middle East energy sector. Retrieved from https://www.fireeye.com/blog/threat-research/2020/03/muddywater-iranian-apt-group-continues-to-target-middle-east-energy-sector.html [4] CrowdStrike. (2019). APT33: Iranian threat group continues to target energy sector. Retrieved from https://www.crowdstrike.com/cyber-security-blog/apt33-iranian-threat-group-continues-to-target-energy-sector/

1. The malware campaign, spreading through Discord, is not only targeting gamers in Saudi Arabia, Qatar, and Turkey, but also those in the Middle East, especially Iran and the UAE.
2. This malware, disguised as beta versions of games like Baruda Quest, Warstorm Fire, and Dire Talon, isn't just stealing personal information, but also login credentials and crypto wallet details.
3. The growing popularity of video games in the Middle East, with an industry valued at around $4.8 billion in 2020, makes it a prime target for such cyber attacks.
4. Educational institutions in the Middle East also need to be vigilant, as the malware might be used to gain access to sensitive data in education, especially in countries like Qatar and Iran.
5. Incidents like this highlight the need for improved cybersecurity in the Middle East, not just for businesses but also for individuals, as shown in the cases of Saudi Arabia and Turkey.
6. The sports sector in the Middle East, with the increasing popularity of sports events like the World Cup and regional tournaments, is another potential target for such malware, especially in countries like Qatar and Saudi Arabia.
7. The cybersecurity threat landscape in the Middle East, including Iran, Qatar, Saudi Arabia, and the UAE, continues to evolve, with threats coming not only from state-sponsored actors but also from individual hackers, as recent news has shown.

Read also: