By ; Wall Elgafary

From April 1, 2024 to March 31, 2025, Kaspersky detected over 19 million attempts to download malicious or unwanted files disguised as popular Gen Z games. Over 47,800 such attempts were registered in Turkiye, making it one of the countries most affected by such incidents. With GTA, Minecraft and Call of Duty among the most exploited, it's clear that cybercriminals are actively following gaming trends to reach their targets. To help players stay safe, Kaspersky is launching “Case 404” — an interactive cybersecurity game that teaches Gen Z how to recognize threats and protect their digital worlds while doing what they love: playing.

Gen Z plays more than any other generation — and not just more, but differently. They outpace Millennials and Gen X in gaming-related spending, and, instead of sticking to a few favorites, Gen Z jumps between numerous titles, chasing viral trends and new experiences. Yet this same spontaneity and openness also make them vulnerable, with cybercriminals exploiting the habits and trust of these players across the platforms.

For instance, throughout the reported period, more than 400,000 users worldwide were affected.Attempts to attack users through malicious or unwanted files disguised as Gen Z’s favorite games throughout the reported period

As part of the new report, Kaspersky experts conducted an in-depth analysis using 20 of the most popular game titles among Gen Z — from GTA, NBA and FIFA to The Sims and Genshin Impact — as search keywords. The study covered the period from Q2 2024 to Q1 2025, with March 2025 standing out as the peak month, recording 1,842,370 attempted attacks.

Despite GTA V being released over a decade ago, the Grand Theft Auto franchise remains one of the most exploited, due to its open-world modding capabilities and thriving online community. In total, Kaspersky detected 4,456,499 attack attempts involving files disguised as GTA franchise-related content. With the highly anticipated release of GTA VI expected in 2026, experts predict a potential spike in such attacks, as cybercriminals may exploit the hype by distributing fake installers, early access offers or beta invites.

Minecraft ranked second, with 4,112,493 attack attempts, driven by its vast modding ecosystem and enduring popularity among Gen Z players. Call of Duty and The Sims followed with 2,635,330 and 2,416,443 attack attempts respectively. The demand for cheats and cracked versions around competitive CoD releases such as Modern Warfare III fuels malicious activity, while The Sims fans searching for custom content or unreleased expansion packs may inadvertently download harmful files presented as mods or early access.

As a result of such attacks, users’ devices can be infected with various types of unwanted or malicious software — from downloaders that can install additional harmful programs, to trojans that steal passwords, monitor activity, grant remote access to attackers or deploy ransomware. The goals of these attacks vary, and one common motive is stealing gaming accounts, which are later sold on the dark web or closed forums.

Kaspersky Global Research & Analysis Team experts also analyzed darknet marketplaces and closed platforms for advertisements selling compromised gaming accounts and skins. The research indicates a growing number of such offers showing up not just on the darknet, but also on regular closed forums and Telegram channels — making these illicit assets more visible and accessible than ever.

A post from a closed forum advertising a digital store, which sells access to Minecraft and streaming service accounts, boasting over 500 sales

This shows that the theft of gaming accounts and digital items is no longer limited to niche cybercrime circles — it's starting to spread into more open online spaces. The barrier to entry for selling or buying stolen accounts has significantly lowered. What was once a technical, underground practice has become a marketplace — fast, accessible and global. It now takes just a few clicks to join a private Telegram channel and access hundreds of listings offering rare skins, high-rank accounts, and access to premium in-game items. And for gamers, this means that the risk of losing an account or having it resold is no longer a rare incident — it’s a mainstream threat.

To address this, Kaspersky has launched an interactive online game, “Case 404”, created especially for Gen Z gamers. In this cyber-detective adventure, players dive into fictional cases inspired by real digital threats, learning how to spot scams, phishing attempts and account takeover tactics common in gaming. With “Case 404”, Kaspersky isn’t just raising awareness — it’s equipping players with the mindset and skills to stay secure while doing what they love. Those who complete the game also receive a discount on Kaspersky Premium, giving them reliable tools to protect their gaming and digital lives.

“From open-world blockbusters like GTA to cozy simulators like The Sims, cybercriminals target games across every genre. What unites them is the audience: Gen Z is the most digitally active generation, leaving behind a rich trail of data, clicks and curiosity. This makes them a prime target - because they’re constantly online, exploring, downloading and sharing. That’s why digital self-defense is essential. Learning how to recognize threats should be as natural as leveling up in a game. Through “Case 404”, we want to equip young players with tools and instincts to protect what their digital identity, their accounts and their freedom to play safely,” comments Fatih Sensoy, senior security researcher at Kaspersky.

To play games safely, Kaspersky recommends the following:

●      Check out the interactive online game, “Case 404” by Kaspersky, explicitly designed for Gen Z.

●      Download games, mods and tools only from official sources. Avoid torrents, third-party websites or links shared in forums and chats — even if they promise rare skins or free bonuses.

●      Be skeptical of giveaways. If a website or message offers something too good to be true (like free currency or legendary gear), it probably is — especially if it asks for your login credentials.

●      Use strong, unique passwords for every gaming and email account. A password manager, such as one from Kaspersky, can help generate and store them securely.

●      Enable two-factor authentication (2FA) wherever possible — especially on platforms like Steam, Epic Games and Discord.

●      Check URLs carefully. Phishing sites often look almost identical to the real ones but use slight misspellings or fake subdomains.

●      Don’t share accounts or login details, even with friends. Shared access often leads to unintentional exposure or theft.

●      Use a reliable security solution, like Kaspersky Premium, to detect malicious attachments that could compromise your data.