With the increasing number of online chess players, the risk of cyber attacks in this area is also increasing. Kaspersky cybersecurity experts have discovered that even on Google Play, chess players are the target of a number of different attack techniques, from cybercriminals that can spread malicious or unwanted mobile software, to Trojans and ransomware disguised as chess apps for PC and mobile devices. In 20222, cybercriminals attempted 12 attacks targeting approximately 139 chess players.
Over the past decade, the world of chess has been growing rapidly with the emergence of more and more platforms and applications for online education and numerous global tournaments held in digital formats. However, the online development and spread of chess has also attracted the attention of cybercriminals who try to catch online chess players with various tricks.
While chess players are constantly learning new tactics and playing with others online, they download apps for their computers and mobile devices, often from third-party sites. Naturally, harmful files can be hidden under the guise of legal practice. According to the latest Kaspersky statistics, in 2022 cybercriminals attempted 12 attacks targeting approximately 139 chess players.
Most of the chess players are from Russia, India, Vietnam, Brazil and Germany.
In most of the analyzed cases, Kaspersky researchers discovered downloaders that can install other unwanted programs. Among them were other malicious programs in the form of Adware and even Trojan horses that could allow cybercriminals to collect credit card information, credentials, alter data or disrupt computers performance. It was also found that cybercriminals spread ransomware disguised as chess apps and could encrypt all files on the infected device. The majority of chess players attacked were located in Russia, India, Vietnam, Brazil and Germany.
Number of attempts to attack chess players in 2022
Kaspersky researchers have also discovered that over the past few years, cybercriminals have been distributing malicious mobile apps or unwanted software under the guise of a game of chess. One of these, simply called "Chess" and later removed, was even able to take place on Google Play. Scammers are actively spreading mobile malware and adware through third-party sites other than Google Play. One of the apps detected in 2023 was sending SMS messages from the infected user's phone, making the device a spam tool for cybercriminals. The other was adware that periodically opened advertisement tabs in the browser against the user's request, such as files that most attackers hide behind chess apps. The app imitated a real app called “Chess Pro”, which has been downloaded more than 100 times on Google Play.
“The popularity of chess is being abused by attackers”
Kaspersky Security Specialist Igor Golovin said:
“The world of chess has changed dramatically in recent years and has become digital. Training and even international championships take place online, allowing players to share experiences and compete with each other globally. However, as we see, the popularity of chess is also abused by attackers. As a result, thousands of malicious files disguised as chess are distributed. It has never been more important to be vigilant and remember basic cybersecurity rules to avoid falling victim to cybercriminals, whether it's phishing emails or suspicious mobile apps spoofing chess.”
World Chess CEO Ilya Merenzon said, “The chess world has been going digital for decades. One of the first computer games was chess. But recently, chess has made a huge digital leap and not only ordinary players, but also chess education, elite level competitions, chess clubs, schools have joined this trend. For example, our e-gaming platform FIDE Online Arena hosts more than 600 tournaments every month. That's why new challenges connected to the digital world are now key to chess: cheating, cybersecurity, identity management, the connection between digital and OTB (board game), the computational arms race, and more. Technology is changing the world of chess. Therefore, players should be ready to respond to the challenges they will face at this point.” he said.
Kaspersky is the official cybersecurity partner of the 7 FIDE World Championship, the most influential event in the chess world, which will take place in Astana, Kazakhstan, from April 1 to May 2023.