The findings, presented at Kaspersky's Cybersecurity Week event in Da Nang , showed that 5.7 million Steam accounts were compromised by infostealer malware in 2024, and were also linked to the leak of 6.2 million accounts across multiple global gaming platforms including Epic Games Store, Battle.net, Ubisoft Connect, GOG, and EA apps.
Hackers are still developing new variants of malware.
Photo: AFP
DFI analyzed leaked Steam logins related to APAC countries, based on data from malware log files. Accordingly, nearly 163,000 leaked logins were related to Thailand, followed by the Philippines with 93,000 compromised username and password pairs. Vietnam rounded out the top three with nearly 88,000.
In contrast, the lowest numbers were recorded for accounts linked to China, Sri Lanka and Singapore, with around 19,000, 11,000 and 4,000 logins respectively.
APAC is now considered the global gaming hub. According to a recent report, more than half of the world’s gamers reside in the region, with leading markets such as China, India, Japan, South Korea, and emerging economies in Southeast Asia contributing to this dominance. Rapid digital adoption, widespread mobile penetration, and demand from young people have fueled exponential growth in both the casual and competitive gaming segments.
With nearly 1.8 billion gamers and growing, the APAC gaming ecosystem is not only the largest in terms of numbers but also one of the most influential regions in shaping global gaming trends and behaviors. It is therefore no surprise that APAC is fast becoming a breeding ground for a range of data-stealing cyber threats.
“Cybercriminals often publish stolen log files months or years after the initial breach. Even stolen credentials from years ago can resurface on dark web forums, adding to the pool of leaked credentials. Therefore, the number of compromised gaming accounts could be much higher than what we are seeing,” explains Polina Tretyak, analyst at Kaspersky’s DFI department.
Ms. Tretyak added that the threats from infostealers are not always immediate or obvious. "In the event that you suspect you have been attacked, running a security check and removing the malware is the recommended first step. In general, regularly updating your passwords and avoiding reusing them across multiple platforms can help minimize your personal risk," the DFI expert said.
How does the gaming threat affect businesses in APAC?
Modern businesses may not consider themselves part of the gaming ecosystem, but they can still be at risk, for example, when employees register for entertainment platform accounts using their corporate email addresses. Kaspersky Digital Footprint Intelligence research found that 7% of Netflix, Roblox, and Discord users whose accounts were leaked had registered with their work email addresses.
The ability of employees to use corporate email to sign up for personal services, including games, has created cybersecurity risks. Polina Tretyak noted that corporate email exposed in an infostealer leak could open the door to larger threats to businesses.
“An attacker can contact an employee and trick them into installing malware on a company device or brute force a password. If the password uses easy-to-guess patterns like 'Word2025!', it can take just an hour or less to figure it out. Additionally, the scammer can gain access to various non-company systems under the employee's account, extracting important data or accessing corporate resources,” Polina Tretyak explains.
The gaming market is the new target of hackers.
Photo: AFP
Infostealers are often disguised as cracked games, cheats, or unofficial mods. They are used by attackers to steal sensitive information, with the main targets being account passwords, cryptocurrency wallet details, credit card details, and browser cookies. Once extracted, the stolen data is traded or offered for free on dark web platforms, and can be used by other cybercriminals for further attacks.
Additionally, this malware package is particularly dangerous in hybrid and bring-your-own-device (BYOD) work environments prevalent across APAC, where personal and work activities often coexist on the same device.
If an individual user experiences a data leak via infostealer, Kaspersky DFI experts recommend the following steps to take immediately:
- Run a comprehensive security scan on all devices, removing any detected malware.
- Change the password of the compromised account.
- Monitor for suspicious activity related to accounts affected by infostealer.
Businesses are encouraged to proactively monitor dark web marketplaces to detect compromised accounts before they pose a risk to customers or employees. For example, Kaspersky Digital Footprint Intelligence can be used to track what cybercriminals know about corporate assets, identify potential attack vectors, and deploy protection in a timely manner.
Source: https://thanhnien.vn/cac-moi-de-doa-nham-vao-linh-vuc-game-tang-manh-185250811163449412.htm
![[Photo] Many streets in Hanoi were flooded due to the effects of storm Bualoi](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/18b658aa0fa2495c927ade4bbe0096df)
![[Photo] General Secretary To Lam receives US Ambassador to Vietnam Marc Knapper](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/c8fd0761aa184da7814aee57d87c49b3)
![[Photo] National Assembly Chairman Tran Thanh Man chairs the 8th Conference of full-time National Assembly deputies](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/2c21459bc38d44ffaacd679ab9a0477c)
![[Photo] General Secretary To Lam attends the ceremony to celebrate the 80th anniversary of the post and telecommunications sector and the 66th anniversary of the science and technology sector.](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/8e86b39b8fe44121a2b14a031f4cef46)
![[Photo] General Secretary To Lam chairs the meeting of the Central Steering Committee on preventing and combating corruption, waste and negativity](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/fb2a8712315d4213a16322588c57b975)
Comment (0)