A study by the company shows how cybercriminals who target competitions and pro player accounts are already acting
eSports has evolved from a niche entertainment to a hugely profitable industry. Increasing advertising and sponsorship revenue allows tournaments to grow, as do prize pools. This increase in popularity and revenue leaves brands and teams more vulnerable and visible to cybercriminals looking for an opportunity to profit.
Hacks and codes are widely available on illegal markets, catering to players seeking an unfair advantage in tournaments. Criminal groups also spread distributed denial of service (DDoS) and ransomware attacks, zero-day exploits, data breaches and profit-driven malware.
Trend Micro predicts that more threats will target the growing esports industry in the coming years. The company has identified four threats that are expected to increase in the future:
hardware attacks
Professional tournaments often allow players to bring their own hardware, such as a mouse and keyboard. Specialized methods were created to go through the cheat detection mechanism. For example, in 2018, "Ra1f" was caught using an advanced hardware scam, which managed to get past ESEA's anti-cheat technology.
After investigating hardware hacks available for sale on the underground market, Trend Micro concluded that they require an Arduino or Rubber Ducky USB. Both devices have legitimate uses and are readily available on the legal market, but vendors offer the hardware with other scams for an additional fee. These legitimate tools are reconfigured to load custom fraud software to avoid detection – did a site offer custom hardware from the US? 500
DDoS attacks
DDoS attacks can cause serious lag issues, which is a critical issue in competitions where milliseconds can determine wins and losses. Such an attack can damage a tournament's reputation, or be used as a match-fixing tactic. It can also be used for extortion, with cybercriminals demanding tournament money to stop the disruption.
A variety of DDoS-related items are readily available on the market, such as DDoS tools, paid services, and even DDoS protection.
As games are mostly consumed live, eSports organizers may feel pressured to pay cybercriminals' demands to prevent or stop any disruption. Considering the availability of DDoS services, it appears these and other extortion attempts may continue.
Vulnerable game servers
Servers will be a popular target for cybercriminals as they are a great place for game disruption and information theft. Trend Micro analyzed game-related eSports servers that use Shodan (a search engine that allows a user to find specific types of computers connected to the Internet), including those run by organizations and private gamers, and found 219,981 accessible assets as of July 25, 2019. 2019
Servers are online in nature and this exposes them to a certain level of risk. Shodan is a simple way for cybercriminals to conduct open-source intelligence (OSINT) for different geographic locations, organizations, devices, services, etc. Software and firmware information collected by Shodan helps identify unpatched vulnerabilities in accessible assets. A deeper probe into these accessible servers revealed a number of critical vulnerabilities.
Targeted malware
There have been previous incidents of players being specifically targeted by ransomware. In 2018, criminals attacked players with ransomware that required people to play PlayerUnknown's Battlegrounds (PUBG) to unlock their files. Trend Micro believes this type of activity could increase as tournaments and pro players are increasingly in the spotlight. High level accounts and profiles have already been compromised and are being sold on forums in the illegal market.
In addition to selling reputable gaming accounts, attackers also compromise profiles to gain access to lines of credit that allow them to buy in-game goods to resell. Trend Micro also projects cybercriminals to compromise Twitch and YouTube pages of famous gamers in order to ask for ransom or use as a platform to spread some message. Attackers will look for accounts that have millions of followers and will use targeted phishing attacks and malware to take control of them.
security recommendations
The eSports industry will face the same level and type of cyberattacks that the gaming community already faces – but on a larger scale. Such exposure can lead to identity theft, financial loss, and even reputational damage.
All parties must be aware of online security and ensure that profiles and accounts are kept secure. Organizers must be fully aware of the eSports threat landscape and deploy appropriate security solutions for sophisticated cyberattacks such as DDoS, ransomware, known exploits, targeted malware and more.
However, the eSports industry is not unprepared. Gaming companies and organizers are always on the lookout for new fraud tools and techniques, but several anti-fraud services that are specifically geared towards protecting eSports and gaming competitions are now available.
For more information on the threats facing esports, read our report "Cheats, Hacks, and Cyberattacks: Threats to the Esports Industry in 2019 and Beyond."
EN 
PT 
