The findings, presented at Kaspersky's Cybersecurity Week event in Da Nang , showed that 5.7 million Steam accounts were compromised by infostealer malware in 2024, and were also linked to the leak of 6.2 million accounts across other global gaming platforms such as the Epic Games Store, Battle.net, Ubisoft Connect, GOG, and EA apps.
Hackers are still developing new variants of malware
Photo: AFP
DFI analyzed leaked Steam logins related to APAC countries, based on data from the malware's log files. It found that nearly 163,000 leaked logins were related to Thailand, followed by the Philippines with 93,000 compromised username and password pairs. Vietnam rounded out the top three with nearly 88,000.
In contrast, the lowest numbers were recorded for accounts linked to China, Sri Lanka and Singapore, with around 19,000, 11,000 and 4,000 logins respectively.
APAC is now considered the global gaming hub. According to a recent report, more than half of the world’s gamers reside in the region, with leading markets such as China, India, Japan, South Korea, and emerging economies in Southeast Asia contributing to this dominance. Rapid digital adoption, widespread mobile penetration, and demand from the youth have fueled exponential growth in both the casual and competitive gaming segments.
With nearly 1.8 billion gamers and growing, the APAC gaming ecosystem is not only the largest in terms of numbers but also one of the most influential regions in shaping global gaming trends and behaviors. It is therefore no surprise that APAC is quickly becoming a breeding ground for a range of data-stealing cyber threats.
“Cybercriminals often publish stolen log files months or years after the initial breach. Even stolen credentials from years ago can resurface on dark web forums, adding to the pool of leaked credentials. Therefore, the number of compromised gaming accounts could be much higher than what we are seeing,” explains Polina Tretyak, analyst at Kaspersky’s DFI division.
Tretyak added that the threats from infostealers are not always immediate or obvious. “If you suspect you have been hacked, running a security check and removing the malware is the recommended first step. In general, regularly updating passwords and avoiding reuse across multiple platforms can help reduce personal risk,” DFI experts said.
How does the gaming threat affect businesses in APAC?
Modern businesses may not consider themselves part of the gaming ecosystem, but they can still be at risk, for example when employees sign up for entertainment platform accounts using their corporate email addresses. Kaspersky Digital Footprint Intelligence research found that 7% of Netflix, Roblox, and Discord users whose accounts were leaked signed up using their work email addresses.
The ability for employees to use corporate email to sign up for personal services, including games, has created cybersecurity risks. Polina Tretyak noted that corporate email exposed in an infostealer leak could open the door to larger threats to businesses.
“An attacker can contact an employee and trick them into installing malware on a company device or brute force a password. If the password uses an easy-to-guess pattern like ‘Word2025!’, it can take an hour or less to figure it out. Additionally, the scammer can gain access to various non-company systems under the employee’s account, extracting important data or accessing corporate resources,” explains Polina Tretyak.
The gaming market is the new target of hackers.
Photo: AFP
Infostealers are often disguised as cracked games, cheats, or unofficial mods. They are used by attackers to steal sensitive information, with the main targets being account passwords, cryptocurrency wallet information, credit card details, and browser cookies. Once extracted, the stolen data is traded or offered for free on dark web platforms, and can be used by other cybercriminals for further attacks.
Additionally, this malware package is particularly dangerous in hybrid and bring-your-own-device (BYOD) work environments prevalent across APAC, where personal and work activities often coexist on the same device.
If an individual user experiences a data leak via infostealer, Kaspersky DFI experts recommend the following steps to take immediately:
- Run a comprehensive security scan on all devices, removing any detected malware.
- Change the password of the compromised account.
- Monitor for suspicious activity related to accounts affected by infostealer.
Businesses are encouraged to proactively monitor dark web marketplaces to detect compromised accounts before they pose a risk to customers or employees. For example, Kaspersky Digital Footprint Intelligence can be leveraged to track what cybercriminals know about corporate assets, identify potential attack vectors, and deploy protection in a timely manner.
Source: https://thanhnien.vn/cac-moi-de-doa-nham-vao-linh-vuc-game-tang-manh-185250811163449412.htm
![[Photo] President Luong Cuong receives Chairman of the House of Representatives (Lower House) of the Republic of Belarus Igor Sergeyenko](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/1/a67d61e41405410999a43db45a0ba29c)
![[Photo] Marching together in the hearts of the people](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/8/31/8b778f9202e54a60919734e6f1d938c3)
![[Photo] General Secretary To Lam holds talks with First Secretary and President of the Republic of Cuba Miguel Diaz-Canel Bermudez](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/1/a2eab2ee4e4a4a81a8c605e46055ab78)
![[Photo] The first meeting of the Cooperation Committee between the National Assembly of Vietnam and the National People's Congress of China](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/8/31/f5ed4def2e8f48e1a69b31464d355e12)
![[Photo] General Secretary To Lam presides over the welcoming ceremony for First Secretary and President of Cuba Miguel Diaz-Canel Bermudez](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/1/4f6ef5136b90463db3ebdd3d3d83ebe4)
Comment (0)