From April 1, 2024 to March 31, 2025, Kaspersky detected over 19 million attempts to download malicious or unwanted files disguised as popular Gen Z games.
With GTA, Minecraft and Call of Duty among the most exploited, it’s clear that cybercriminals “are actively following gaming trends to reach their targets.”
To help players stay safe, Kaspersky is launching “Case 404” — an interactive cybersecurity game that teaches Gen Z how to “recognize threats and protect their digital worlds while doing what they love: playing.”
Gen Z plays more than any other generation — and “not just more, but differently.”
They outpace Millennials and Gen X in gaming-related spending, and, instead of sticking to a few favorites, Gen Z jumps “between numerous titles, chasing viral trends and new experiences.”
Yet this same spontaneity and openness also “make them vulnerable, with cybercriminals exploiting the habits and trust of these players across the platforms.”
For instance, throughout the reported period, “more than 400,000 users worldwide were affected.”
As part of the new report, Kaspersky experts conducted “an in-depth analysis using 20 of the most popular game titles among Gen Z — from GTA, NBA and FIFA to The Sims and Genshin Impact — as search keywords.”
The study covered the period from Q2 2024 to Q1 2025, “with March 2025 standing out as the peak month, recording 1,842,370 attempted attacks.”
The top-10 exploited games popular “with Gen Z by the number of attempted attacks throughout the reported period”
Despite GTA V being released over a decade ago, the Grand Theft Auto franchise remains “one of the most exploited, thanks to its open-world modding capabilities and thriving online community.”
In total, Kaspersky detected “4,456,499 attack attempts involving files disguised as GTA franchise-related content.”
With the highly anticipated release of GTA VI expected in 2026, experts predict a “potential spike in such attacks, as cybercriminals may exploit the hype by distributing fake installers, early access offers or beta invites.”
Minecraft ranked second, with “4,112,493 attack attempts, driven by its vast modding ecosystem and enduring popularity among Gen Z players.”
Call of Duty and The Sims followed with “2,635,330 and 2,416,443 attack attempts respectively.”
The demand for cheats and cracked versions “around competitive CoD releases such as Modern Warfare III fuels malicious activity, while The Sims fans searching for custom content or unreleased expansion packs may inadvertently download harmful files presented as mods or early access.”
As a result of such attacks, users’ devices can be “infected with various types of unwanted or malicious software — from downloaders that can install additional harmful programs, to trojans that steal passwords, monitor activity, grant remote access to attackers or deploy ransomware.”
The goals of these attacks vary, and one common motive is “stealing gaming accounts, which are later sold on the dark web or closed forums.”
Kaspersky GReAT experts also “analyzed darknet marketplaces and closed platforms for advertisements selling compromised gaming accounts and skins.”
The research indicates a “growing number of such offers showing up not just on the darknet, but also on regular closed forums and Telegram channels — making these illicit assets more visible and accessible than ever.”
A post from a closed forum “advertising a digital store, which sells access to Minecraft and streaming service accounts, boasting over 500 sales.”
This shows that the “theft of gaming accounts and digital items is no longer limited to niche cybercrime circles — it’s starting to spread into more open online spaces.”
The barrier to entry for “selling or buying stolen accounts has significantly lowered.”
What was once a technical, underground practice has “become a marketplace — fast, accessible and global.”
It now takes just a few clicks to “join a private Telegram channel and access hundreds of listings offering rare skins, high-rank accounts, and access to premium in-game items.”
And for gamers, this means that the risk of “losing an account or having it resold is no longer a rare incident — it’s a mainstream threat.”
To address this, Kaspersky has launched “an interactive online game, “Case 404”, created especially for Gen Z gamers.”
In this cyber-detective adventure, players “dive into fictional cases inspired by real digital threats, learning how to spot scams, phishing attempts and account takeover tactics common in gaming.”
With “Case 404”, Kaspersky isn’t “just raising awareness — it’s equipping players with the mindset and skills to stay secure while doing what they love.”
Those who complete the game also “receive a discount on Kaspersky Premium, giving them reliable tools to protect their gaming and digital lives.”
This makes them a prime target — “not because they’re careless, but because they’re constantly online, exploring, downloading and sharing.”
That’s why digital self-defense is “no longer optional.”
Learning how to recognize threats should “be as natural as leveling up in a game.”
Through “Case 404”, they want to equip young players “with tools and instincts to protect what matters to them most — their digital identity, their accounts and their freedom to play safely,” comments Vasily Kolesnikov, security expert at Kaspersky.”
As noted in the update, the Threat Research team is an “authority in protecting against cyberthreats.”
By engaging in threat analysis and technology creation, their TR professionals ensure “that Kaspersky’s cybersecurity solutions are informed and powerful, providing critical threat intelligence and robust security to our clients and the broader community.”
Established in 2008, Global Research & Analysis Team (GReAT) operates at the core of Kaspersky, “uncovering APTs, cyber-espionage campaigns, major malware, ransomware and underground cyber-criminal trends across the world.”
Today GReAT consists of 30+ prfessionals working globally – “in Europe, Russia, Latin America, Asia and the Middle East.”
Security professionals provide company leadership “in anti-malware research and innovation, bringing expertise, passion and curiosity to the discovery and analysis of cyberthreats.”