Acronis Uncovers Sophisticated Malware Campaign Targeting Gamers in the Middle East and Beyond

A global cybercrime operation targeting gamers has been exposed by the Acronis Threat Research Unit (TRU), revealing a sophisticated malware campaign aimed at harvesting sensitive personal data from users across regions including the Middle East, particularly in Saudi Arabia, Qatar, and Türkiye.

According to Acronis, the campaign exploits the booming popularity of online gaming — an industry worth over $7 billion in the Middle East alone — by tricking users aged 18 to 35 into downloading fake beta versions of indie games. These counterfeit titles, such as Baruda Quest, Warstorm Fire, and Dire Talon, contain stealthy infostealer malware including Leet Stealer, RMC Stealer, and Sniffer Stealer.

Once installed, the malware covertly siphons off login credentials, payment data, and cryptocurrency wallet information, putting victims at serious risk of identity theft and financial fraud.

“This campaign is notable for its sophistication and its focus on what could be considered a highly tech-savvy demographic,” said Jozsef Gegeny, senior researcher at Acronis TRU. “While enterprises have protective measures in place, individual users — especially young gamers — are more vulnerable.”

The malware is being circulated primarily through platforms like Discord, where cybercriminals post links to fraudulent game installers. These files often simulate installation errors to divert suspicion, while the malware operates in the background. Attackers also deploy realistic marketing tactics, including fake promotional websites, stolen branding, and misleading YouTube trailers to boost credibility.

“This operation has gone largely undetected by major antivirus tools, making it particularly dangerous,” Gegeny warned. “Even well-informed users can fall prey to these tactics, which are carefully engineered to bypass traditional security systems.”

Acronis is urging gamers to exercise extreme caution by only downloading games from official sources and enabling multi-factor authentication on all accounts. “Extra vigilance is crucial,” said Gegeny. “This campaign highlights the need for increased cybersecurity awareness at the individual level — not just within corporations.”

The discovery underscores a growing trend in cybercrime: shifting from large-scale corporate targets to high-value consumers, particularly those in fast-growing digital markets. With the gaming industry continuing to expand, experts say such threats are likely to become more common — and more sophisticated — in the months ahead.