Victims who had their gaming accounts hijacked are receiving unsolicited Telegram or Discord messages from scammers claiming to have their login credentials and offering help. But it's a trap – gamers lose both the account and their money, Bitdefender warns.
Ongoing double-hit cyberattacks are targeting gamers. First, hackers use phishing, credential stuffing, malware, and other techniques to hijack gaming accounts and change email addresses to Rambler.ru inboxes. But weeks later, a stranger on various platforms starts offering help:
“I found your account.”
“I can help you recover it.”
“I even have the login credentials.”
Desperation makes this type of scam highly convincing because the messages appear helpful, and the stranger already knows the stolen email address and the linked details, such as purchase history.
They don’t resemble typical phishing lures and have no login pages or obvious malware links.
“Instead, the scam relies on something more powerful: a partial truth,” Bitdefender warns in a new report.
“The attacker is quite probably the same person who stole the account in the first place.”
Many victims of this type of scam report that Rambler.ru email accounts are associated with the compromise. Rambler is a legitimate Russian email provider. However, attackers are likely abusing it for disposable mailboxes for stolen accounts, where they receive password resets, verification, or recovery requests, etc.
Attackers are not limited to one email provider and can use other services like Mail.ru or Yandex.ru.
Bitdefender can’t confirm whether attackers ever return stolen accounts.
Check if your data has been leaked
Usually, they are not helping,” the report reads.
“Sometimes the goal is straightforward extortion. The attacker offers to ‘return’ the account in exchange for payment, often posing as a middleman or ethical hacker.”
The attackers might also be after the victim's email and other accounts, crypto wallets, sensitive documents, etc.
The researchers warn that victims are likely to lose both the account and their money. Hackers may even temporarily grant access to the account, but retain full control through linked emails, trusted devices, OAuth connections, or other means.
Instead of sending money or complying with other scammer instructions, the safest approach is to use official support to recover the account. The researchers suggest ignoring unsolicited messages and avoiding any interactions with attackers.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked