The gaming community is a rising target for credential stuffing attacks
An extensive Akamai report on the state of Internet security highlights the growing cyber threat for gamers. According to the study, gaming websites were the target of around 12 billion credential stuffing attacks between (November 2017 and March 2019. In a credential stuffing attack, a threat actor uses leaked or stolen login credentials for user accounts of one service, to try to gain access to accounts for another service, based on the knowledge that many people reuse passwords for multiple accounts. Akamai warns that credential stuffing attacks in the gaming industry are increasing faster than in most other sectors.
Another striking finding is that SQL Injection (SQLi) attacks account for almost two-thirds (65.1%) of all campaigns targeting web applications. Local File Inclusion (LFI) attacks represent 24.7% of web app attacks