Image: Getty Images
The Acronis Threat Research Unit (TRU) has uncovered a sophisticated global malware campaign targeting consumers, especially gamers, by exploiting the massive popularity of online gaming, an industry valued at over $7bn in the Middle East alone. With rapid growth fueled by young, digitally savvy players, countries like Saudi Arabia, Qatar, and Türkiye have emerged as top global targets, according to the cybersecurity firm.
The campaign is designed to deceive gamers aged 18–35 by promoting fake beta versions of indie games such as Baruda Quest, Warstorm Fire, and Dire Talon. Instead of real content, victims unknowingly download infostealer malware including Leet Stealer, RMC Stealer, and Sniffer Stealer, which then harvest sensitive data like login credentials, payment information, and cryptocurrency wallet access.
“This campaign is notable for its sophistication and its focus on what could be considered a highly tech-savvy demographic,” said Jozsef Gegeny, senior researcher at Acronis TRU. “Our team uncovered the threat by analysing a wave of suspicious files and websites masquerading as legitimate game content, which were spreading largely undetected by major antivirus tools. While enterprises are often protected by managed service providers and robust defences, consumers remain highly exposed to such risks. That’s why it’s important for the cybersecurity community to shine a light on threats that target individuals and not just corporations.”
The malware is being circulated primarily through popular platforms like Discord, where cybercriminals share links to fraudulent game installers. These installers often display convincing installation errors to obscure their malicious intent. Attackers go to great lengths to appear credible, using stolen branding, fabricated promotional websites, and even fake YouTube trailers to lure unsuspecting users.
Read: Cohesity’s Johnny Karam, Mark Molyneux on raising cyber resilience among UAE employees
“We strongly urge gamers to remain vigilant, only download games and beta content from official stores or verified developer websites, and enable multi-factor authentication wherever possible,” added Gegeny. “This campaign shows that even well-informed users can be tricked, especially when malware evades detection by mainstream antivirus tools. Extra caution and awareness are the best defences against such complex and convincing threats.”
