Newsletters
Türkiye has emerged as one of the top three countries most affected by a new wave of cyberattacks that target gamers with fake game installation files, according to Switzerland-based cybersecurity firm Acronis.
The attacks, which first appeared in the Americas, have increasingly spread to the Middle East, focusing on younger users.
Researchers say the malicious software is primarily aimed at 18–35-year-old gaming enthusiasts in countries including Türkiye, Saudi Arabia, and Qatar. These attacks often involve fake “beta” game versions distributed via popular platforms such as Discord and YouTube.
Once installed, the malware steals sensitive information, including login credentials, payment data, and cryptocurrency wallet details. In some cases, the stolen data leads to account takeovers, financial losses and even blackmail.
The cyberattack wave initially hit Brazil and the United States before spreading to the Middle East, where demographic factors made the region a prime target. Türkiye has now become the third most-affected country.
Data from VirusTotal, a platform that aggregates malware detection, shows that Türkiye accounted for 17% of all global detections of these fake installers, following the U.S. and Brazil.
One of the more notable findings is that certain variants of the malware, particularly those linked to the “Leet Stealer” family, can download and execute additional malicious files.
Comment lines in the source code contained not only English but also Portuguese and Turkish words, suggesting that the malware’s code has passed through several hands and been modified by different individuals.
1 min read
