Cyber security experts have detected in a single year over 19 million attempts to download some malicious or unwanted files, disguised in popular games among the generation Z. With titles such as GTA, Minecraft and Call of Duty among the most exploited, it is clear that cyber criminals are closely following the gaming trends.
1.5 million attempts of cyber attacks were only discovered on Roblox
Gen Z plays more than any other generation – and not only more, but also different. They surpass Millenial and Gen X in games related to games and, instead of staying at a few favorite titles, those in the Gen Z quick from one game to another, following viral trends and new experiences. But spontaneity and openness also make them vulnerable, cyber criminals exploiting the habits and confidence of these players on various platforms. For example, during the analyzed period, over 400,000 users from all over the world have been affected.
Attacks of attack on users by malicious or undesirable files, disguised in the favorite games of the Z, during the reported period
As part of the new report, Kaspersky experts performed a detailed analysis using 20 of the most popular game titles among Z – from GTA, NBA and FIFA to The Sims and Gershin Impact – as search terms. The study covered the period from Q2 2024 to Q1 2025, March 2025 noting as the peak month, with 1,842,370 attempts of registered attacks.
Top 10 games exploited, popular among Z gen, depending on the number of attack attempts from the reported period
Although GTA V was released more than a decade ago, the Grand Theft Auto franchise remains one of the most exploited, due to the open-world modding and very active online community. In total, the experts detected 4,456,499 attack attempts involving disguised files as if they were legitimate, related to the GTA franchise, but also over 1.5 million attacks related to Roblox. With the long -awaited launch of GTA VI in 2026, experts predict a new wave of attacks, cyber criminals being able to exploit enthusiasm by distributing false installers, early access offers or beta invitations.
Minecraft ranked second, with 4,112,493 attack attempts, thanks to its vast modding ecosystem and lasting popularity among Z. Call of Duty players followed by 2,635,330 and 2,416,443 attack attempts. The demand for cheats (codes that help you to pass a level) and crack-looked versions (pirated versions) around competitive launches, such as Modern Warfare III, feed the malicious activity, while the Fans The Sims, looking for personalized content or non-launched expansion packages, may fail to fail.
As a result of these attacks, users’ devices can be infected with various types of malicious or unwanted programs – from downloading that can install additional dangerous programs, to Trojans who steal passwords, monitor the activity, provide remote access attackers or install ransomware. The goals of these attacks vary, but a frequent reason is the theft of gaming accounts, which are later sold on Dark Web or on closed forums.
Experts have also analyzed the Darknet markets and closed platforms for ads that sell compromised games and skins. The research shows an increasing number of such offers that appear not only on Darknet, but also on ordinary closed forums and on Telegram channels – making these illicit goods more visible and accessible than ever.
A post from a closed forum promoting a digital store that sells access to Minecraft accounts and streaming services, boasting over 500 sales
This shows that the theft of gaming accounts and digital objects is no longer limited to limited circles of cyber crime – but it begins to spread in lighter online spaces. The entrance barrier for the sale or purchase of stolen accounts has reduced significantly. What once was a technical, underground practice, has become a fast, accessible and global market. Now it only takes a few clicks to join a private telegram channel and access hundreds of ads that offer rare skins, high rank accounts and access to premium objects. And for gamers, this means that the risk of losing an account or seeing it is no longer a rare incident-but a generalized threat.
The advice of the specialists
In order to play safely, experts recommend the following GEN:
• Download games, modes and tools only from official sources. Avoid torrents, third-party sites or links distributed on forums and chats-even if they promise rare skins or free bonuses.
• be skeptical about competitions and giveaway. If a site or message offers something too good to be true (free virtual currency or legendary equipment), it is most likely a trap – especially if you ask for your authentication data.
• use strong and unique passwords for each gaming and email account. A password manager can help you generate them and store them safely.
• to activate the authentication in two steps (2FA) whenever possible – especially on platforms such as Steam, Epic Games and Discord.
• Carefully check the URLs. Phishing sites look almost identical to the real ones, but use minor spelling mistakes or false subdomains.
• not to share authentication accounts or data, not even with friends. Shared access often leads to unintentional exposure or theft.
• use a reliable security solution to detect malicious files that can compromise personal data.
• to ensure safe navigation and protected messaging that hides the IP address and prevents any data leaks.
