OSINT Can Save the Gaming Industry. The expansion of cybercrime in the gaming industry can be attributed to two major factors: the opportunistic nature of malicious actors and the less stringent nature of gaming regulations compared to the rest of the internet.
A recent survey indicates that the ease with which the source of funds can be concealed is directly related to the rise of crime in the gaming industry. As a result, the majority of crimes involve financial fraud and money laundering. Hackers stealing user accounts and selling them to other gamers is a common occurrence in the gaming community. The research paper’s author, a security researcher named Steve Ragan, had the following to say:
“There are criminals that will sell you usernames and passwords to that game so you can walk in and play. Let’s say a criminal’s going out and they launch a credential stuffing attack, and they come back with, say, 100 accounts that are valid. They can sell those hundred for $5 a pop.”
Steve Ragan
This demonstrates why the criminal community is attracted to the gaming industry. Potential profits are enormous, as the market is ripe for exploitation.
Effects of Covid-19
The Covid epidemic has been a major factor in the expansion of the online gaming industry. Lockdowns produced a world filled with bored, pajama-clad individuals who were unable to leave their homes and desperate for something to do. This tremendous growth in such a short period of time meant that security measures fell behind. With a global gaming population of 3 billion and an industry worth $18 billion, criminals seized the opportunity to size up the industry.
A research paper published in 2020 by content delivery network specialists Akamai highlighted the threats the gaming industry faces. During the outbreak of the Covid pandemic from 2018 to 2020, web app attacks in the gaming industry increased by 415 percent, while the global growth of web attacks slowed to 2 percent annually. In 2020, gaming saw a greater increase in attack traffic than any other industry.
Three Significant Dangers to Online Gaming
Research on OSINT has significantly contributed to the detection and prevention of online financial crime. Let’s examine the primary cybersecurity threats and how OSINT can be used to combat them.
Extremism
Not all problems in the gaming industry are monetary in nature. Given the number of online gamers around the world, far-right extremists have recognised the gaming industry as a vast recruitment resource. Rachel Kowert, research director at the gamer-related mental health organisation Take This, discovered that gaming friendships are “closer, more enduring, and form faster than in other online spaces.”
Similar increases in extremism have been observed on social media platforms in previous years. It was discovered that the Steam platform served as a breeding ground for far-right extremists. It was known that the Nordic Resistance Movement (perhaps best known for the 2016/17 Gothenburg bombings) had a presence on Steam. In addition, the Discord platform has become a hub for offline event organisation, such as the 2017 Unite the Right rally in Charlottesville.
In addition, according to a 2019 report by the Anti-Defamation League, 53% of online multiplayer game players who have experienced harassment believe “they were targeted due to their race/ethnicity, religion, ability, gender, or sexual orientation.” 23% of players, according to the same report, said they had been “exposed to discussions about white supremacist ideology.” However, the current measures to prevent and combat violent extremism in gaming spaces are “virtually undetectable.”
Gaming Platforms Fraud
Kount, a company specialising in fraud prevention, has discovered financial fraud in the realm of buying and selling virtual currencies, character skins, weapons, and armour. These artefacts are frequently purchased with stolen credit cards and then sold to unsuspecting players.
Cybercriminals can steal credentials in a variety of ways, ranging from phishing scams (requesting user information for non-genuine purposes) to purchasing user information on the Dark Web: an artifact-loaded account can be sold for hundreds or thousands of dollars, with the hacker incurring no costs other than his or her time.
A recent Kount survey revealed that nearly one-fourth of all gamers have been victims of financial fraud. This number illustrates the magnitude of the problem facing the gaming industry. If one in four gamers has been a victim of fraud, anyone who registers on a platform does so at their own peril.
Laundering of Funds in the Gaming Industry
Some criminals take financial fraud to the next level by using accounts to launder money. This may be accomplished via a legitimate account, which is not subject to the same anti-money laundering (AML) scrutiny as, say, bank accounts, or a stolen account.
Numerous online games have their own internal currency, which can be exchanged for real money and then spent on character artefacts. Frequently, it is discovered that such funds were previously obtained through credit card fraud or other illegal activities. The artefacts are then resold on a separate trading website, with the user’s footprints effectively concealed.
At-Risk Popular Gaming Platforms
This list focuses on two of the most popular and well-known gaming platforms to emerge in recent years. To clarify, nearly every platform of this type is susceptible to the same threats.
Discord
Discord has experienced the type of exponential growth that business owners can only imagine. From 2016 to 2020, the estimated revenue valuation of the brand increased from $5 million to a staggering $3.5 billion, and it now has a user base of over 300 million, which is a significant indication of its popularity.
However, the platform has come under scrutiny regarding extremism, financial fraud, and money laundering. Chat histories are visible to everyone who registers on a chat topic without encryption, and users who fail to change their settings to receive private messages leave themselves vulnerable to phishing and other scams.
Extreme elements of Discord have been diligently identified and removed by the platform’s creators. However, by virtue of its nature as a community-style website, its predominantly young and impressionable audience is still susceptible to manipulation. Moreover, hate-related content is still readily accessible on the Discord network.
Steam
The perpetrators of financial fraud and money laundering have also targeted Steam, a gaming-related platform. The company revolutionised the gaming industry by emphasising hard-drive downloads at a time when purchasing physical game discs was the norm. As a result, its current user base of 120 million is expected to continue growing, and game developers are eager to sell downloads directly through the platform.
Prior to discovering that 50% of transactions were fraudulent, the app accepted Bitcoin payments. Steam has also decided not to pursue NFT payments, given the prevalence of high-profile scams.
In addition, Steam has been in the news for its prevalence of phishing scams. Users are sent a link in a private message that leads to a website that is an exact replica of the app. Unsuspecting users share their personal information with criminals when prompted to input their information. As we’ve seen, these account information will inevitably be stolen and sold for a fee.
How OSINT Tools Provide a Fix
Given the increase in gaming-related criminality, OSINT investigations have become an indispensable component in the pursuit of justice. Those who fail to utilise the capabilities of open source intelligence will be left behind.
People would be incapable of extracting and analysing such vast quantities of data without OSINT investigations.
OSINT tools can assist in constructing digital footprints and mapping connections between gamer accounts and a person’s broader online presence. Whether a user’s online relationships are personal or business-related, they can be evaluated through character analysis. In addition, the tools perform the majority of the manual labour, freeing up time and mental capacity for the decisions that drive the investigation forward.
Accessibility and popularity of Discord and Steam may play a significant role in how user data is compromised. With the proper OSINT investigation, however, any platform can become a crucial source of evidence in the race to combat cybercrime in the gaming world and beyond.
Sources:
Social Links
Axios.com
Securityweek.com