NEARLY 11 million gaming accounts worldwide were compromised last year, with Asia-Pacific emerging as one of the most affected regions, according to new research by Kaspersky Digital Footprint Intelligence (DFI).
The digital security firm found that 5.7 million Steam accounts were exposed in 2024 alone through infostealer malware, while another 6.2 million accounts linked to platforms such as Epic Games Store, Battle.net, Ubisoft Connect, GOG and EA App were also compromised.
Kaspersky said its analysis of leaked Steam credentials associated with Asia Pacific countries showed Thailand recorded the highest number of compromised accounts at almost 163,000. The Philippines followed with 93,000, while Vietnam registered 88,000.
In comparison, China, Sri Lanka and Singapore reported far fewer leaks, with about 19,000, 11,000 and 4,000 respectively.
With more than 1.8 billion players, it said Asia Pacific has firmly established itself as the global hub of gaming, driven by rapid digital adoption, strong mobile penetration and youth-driven demand. This dominance, however, has also made the region a prime target for cybercriminals.
“Cybercriminals often release stolen log files months after the original compromise,” said Kaspersky’s Digital Footprint Intelligence analyst, Polina Tretyak.
“Even credentials stolen years ago can resurface on dark web forums, contributing to a growing pool of leaked information. As a result, the number of compromised gaming accounts is likely much higher than what is immediately visible.”
Tretyak added that infostealer malware does not always reveal itself instantly.
“It’s important for people to understand that infostealer threats aren’t always obvious. If one suspects they have been attacked, running a security check and deleting any malware should be the first step.
“Regularly updating passwords and avoiding reuse across platforms can also help reduce personal risk,” she said.
CORPORATE RISKS FROM PERSONAL GAMING
While the attacks target gamers, businesses are not immune.
Kaspersky said its research found that seven per cent of leaked accounts from platforms such as Netflix, Roblox and Discord had been registered using corporate email addresses.
Tretyak said this practice could open the door to wider corporate threats.
“For example, attackers may reach out to an employee and lure them into installing malware on a corporate device. If the password uses predictable patterns — such as Word2025! — it could be brute forced in about an hour or less,” she said.
“Fraudsters could also exploit compromised accounts to retrieve sensitive data or gain unauthorised access to company resources.”
INFOSTEALERS HIDDEN IN POPULAR DOWNLOADS
Infostealers are often disguised as cracked games, cheat tools or unofficial modifications. Their primary targets include account passwords, crypto wallet credentials, credit card details and browser cookies.
Stolen data is then traded or shared freely on darknet platforms, often enabling further attacks by other cybercriminals.
This is particularly dangerous in hybrid work and bring-your-own-device (BYOD) environments common in in the Asia-Pacific, where personal and corporate activities overlap on the same device.
Kaspersky advises individuals to run full security scans, remove any detected malware and change passwords if they suspect their accounts have been compromised. Monitoring for suspicious activity linked to affected accounts is also recommended.
Companies, meanwhile, are urged to monitor the dark web for compromised accounts and take preventive measures.
“By tracking what cybercriminals know about your company’s assets, organisations can identify potential attack vectors and implement defences before it’s too late,” Tretyak said.
© New Straits Times Press (M) Bhd
