Easy target

1.2 million attempted cyberattacks on children

In the first quarter, security experts recorded more than 1.2 million attempted attacks under the guise of popular topics among children.

(Bild: candy1812 - stock.adobe.com)

Cyber criminals particularly targeted children in the first quarter of this year: the number of attempted attacks in the name of popular brands such as Lego, Disney, Roblox, Brawl Stars and Minecraft increased by 35% compared to the same quarter last year, according to a recent Kaspersky analysis.

According to a statement, the security experts recorded 1,264,866 attempted attacks between January and March 2024 under the guise of popular themes among children, almost all of which targeted desktop computers (98.7 percent; mobile devices; 1.3 percent) - an increase of 35 percent compared to the 936,840 attempted attacks identified in the first quarter of 2023.

However, the number of attacked users decreased by 14 percent from 57,873 to 49,630 during the same period, indicating that children were repeatedly exposed to new threats by repeatedly downloading malicious files from the Internet, Kaspersky said. 

The most popular attack lures
Cyber criminals most frequently use popular children's games for their malicious activities: the sandbox game "Minecraft", the game construction kit "Roblox" and the gaming app "Brawl Stars". They also tried to lure children with popular children's brands such as LEGO, the animated series "Paw Patrol" and "Bluey" as well as cartoons, films, games and merchandise from the Disney cosmos, and hacked legitimate websites offering toys, dolls and other popular children's products in order to spread malware.

According to the IT experts, over 1.2 million of the attacks detected were downloaders, i.e. unwanted programs that are not original malware, but which attackers can use to reload them in a second step. The second most common type of infection, with 27,576 attempted attacks, were Trojans, which enable cyber criminals to obtain credit card details and login data, modify files and impair computer performance; followed by 27,570 cases of annoying adware, which unintentionally displays advertising via pop-ups.

SMS Trojan disguises itself as a cheat code
In the course of the analysis, Kaspersky also came across an SMS Trojan disguised as an app for cheat codes (which give users an unfair advantage over their fellow players) for the popular mobile game "Brawl Stars". "During installation, the app requests numerous authorizations, many of which are unnecessary or even dangerous. Once these are granted and the app is launched, the attackers misuse the infected device to send spam text messages that use up the cell phone credit of those affected," the company explained.

Uninstallation is made more difficult by hiding the app on the home screen with a transparent icon and empty name field. Users would only see a notification to unlock the promised content, which would never be provided.

Easy target
"Our analysis shows that attacks on children are increasingly becoming a common attack vector for cybercriminals," commented malware analyst Vasily M. Kolesnikov. "Children are often unfamiliar with the basics of cybersecurity, making it easy for them to fall into cybercriminals' traps, such as trying to download free versions of popular games or cartoon episodes. Parents therefore need to talk to their children about cyber security so that they can navigate the internet safely."