Akamai: Web application attacks against gamers increased by 167%

Interested in knowing what’s next for the gaming industry? Join gaming executives to discuss emerging parts of the industry in October at GamesBeat Summit Next. Register today.


It is dangerous these days to be a careless player. The research conducted by the folks at Akamai only confirms this. Attacks by cybercriminals against player accounts and gaming companies are on the rise. From May 2021 to April 2022, web application attacks increased by 167%.

Web application attacks, to break them down, are the things you kind of think of when someone talks about getting hacked, like a phishing email. But they can get more complicated than that, like SQL injection attacks. It’s a bit like digging through a website’s database over and over again to force it to respond.

The top three web application attacks this year are LFI attacks (38%), SQLi attacks (34%) and XSS attacks (24%). DDOS attacks have also increased by 5% this year. There have been 821,648,208 web application attacks this year in the gaming industry alone.

The question is why is there such an increase? The answer? It’s money. It’s always a question of money.

Cybercriminals use these types of attacks to breach gaming systems and accounts, which can give them access to player credentials, passwords, account details, and more. Access to back-end databases can allow them to create cheats in games and then resell them. They can quietly manipulate in-game savings for their own ends, usually in pursuit of real money.

It’s not just silent manipulation either. Once hackers have a pool of player login credentials, they can use these accounts as disposable advertisements. I’m sure we’ve all seen accounts selling gold in MMOs. It’s all part of the scam.

The future looks like trouble

Research from Akamai suggests that the industry’s push towards cloud gaming could cause problems in the future. Cloud services offer a wider attack field; instead of just one game, hackers could access all games on the service.

So what can players do? Well, honestly, these are the same tips and tricks we already use. Do not click on suspicious email links. Do not visit unsecured websites. Enable two-factor authentication.

Specifically, app-based two-factor authentication. It is useless if you receive email codes and your email is hacked. Keep your fingers crossed that the games and services you use protect themselves.

The GamesBeat creed when covering the video game industry is “where passion meets business”. What does it mean? We want to tell you how much the news means to you, not only as a decision maker in a game studio, but also as a game fan. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about and engage with the industry. Learn more about membership.

Comments are closed.