Kaspersky detected over 19 million attempts to download malicious or unwanted files disguised as popular Gen Z games.
Over 47,800 such attempts were registered in Turkiye, making it one of the countries most affected by such incidents. With GTA, Minecraft and Call of Duty among the most exploited, it’s clear that cybercriminals are actively following gaming trends to reach their targets.
To help players stay safe, Kaspersky is launching “Case 404” — an interactive cybersecurity game that teaches Gen Z how to recognize threats and protect their digital worlds while doing what they love: playing.
Gen Z plays more than any other generation — and not just more, but differently. They outpace Millennials and Gen X in gaming-related spending, and, instead of sticking to a few favorites, Gen Z jumps between numerous titles, chasing viral trends and new experiences.
Yet this same spontaneity and openness also make them vulnerable, with cybercriminals exploiting the habits and trust of these players across the platforms.
For instance, throughout the reported period, more than 400,000 users worldwide were affected.
As part of the new report, Kaspersky experts conducted an in-depth analysis using 20 of the most popular game titles among Gen Z — from GTA, NBA and FIFA to The Sims and Genshin Impact — as search keywords. The study covered the period from Q2 2024 to Q1 2025, with March 2025 standing out as the peak month, recording 1,842,370 attempted .
Despite GTA V being released over a decade ago, the Grand Theft Auto franchise remains one of the most exploited, due to its open-world modding capabilities and thriving online community. In total, Kaspersky detected 4,456,499 attack attempts involving files disguised as GTA franchise-related content. With the highly anticipated release of GTA VI expected in 2026, experts predict a potential spike in such attacks, as cybercriminals may exploit the hype by distributing fake installers, early access offers or beta invites.
Minecraft ranked second, with 4,112,493 attack attempts, driven by its vast modding ecosystem and enduring popularity among Gen Z players. Call of Duty and The Sims followed with 2,635,330 and 2,416,443 attack attempts respectively. The demand for cheats and cracked versions around competitive CoD releases such as Modern Warfare III fuels malicious activity, while The Sims fans searching for custom content or unreleased expansion packs may inadvertently download harmful files presented as mods or early access.
As a result of such attacks, users’ devices can be infected with various types of unwanted or malicious software — from downloaders that can install additional harmful programs, to trojans that steal passwords, monitor activity, grant remote access to attackers or deploy ransomware. The goals of these attacks vary, and one common motive is stealing gaming accounts, which are later sold on the dark web or closed forums.
Kaspersky Global Research & Analysis Team experts also analyzed darknet marketplaces and closed platforms for advertisements selling compromised gaming accounts and skins. The research indicates a growing number of such offers showing up not just on the darknet, but also on regular closed forums and Telegram channels — making these illicit assets more visible and accessible than ever.
