Week 7: Mods and cheats - What you should be aware of in video games

20.02.2024 - Computer games are very popular and, as in real life, not everyone always plays by the rules. The following report explains how searching for ways to cheat a game can end badly.

Seek and ye shall find! But not always what you’re looking for…

The NCSC has received several reports of incidents that have coincided with the release of a new, already very popular video game. This is not the first time that the NCSC has received reports of scams targeting the gaming community. Back in October, the NCSC warned about compromised accounts on the Discord community platform being used to spread malware via social engineering:

The NCSC is currently receiving reports of several video game-related websites spreading malware. These sites are specifically designed to trap players who are trying to cheat games. In video games, the temptation to outdo your opponent or improve the gaming experience often leads players to seek unorthodox solutions:

  • ‘Mods’, short for modifications, are programmes that are used to add new functions to the game or enable actions that were not originally intended. These can be aesthetic adjustments or significant changes to the gaming experience.
  • ‘Cheats’ are ways of gaining unfair advantages by circumventing the normal rules and challenges of the game.

Players usually take the search engine route and combine the name of the game with terms such as ‘mods’, ‘hack’ or ‘cheat’. These searches lead via developer portals to websites that claim to offer simple ways to achieve gaming superiority.

Example of a site (in this case Palworld) suggesting cheats.
Example of a site (in this case Palworld) suggesting cheats.


The search for advantages in video games with the help of such mods and hacks often leads players to websites where they are asked to download files that are misleadingly advertised as harmless programmes or tools. The download usually takes place via well-known file hosting websites. This often involves a password-protected ZIP archive. Sometimes it is also possible to downad the ZIP archive directly from the website itself.

There are often warning signals that should have your alarm bells ringing. The use of a password-protected ZIP file is reminiscent of methods used to spread malware. If a malicious file is password-protected, security measures such as virus scanners may no longer be effective. What is even more worrying is that the installation instructions often require users to deactivate anti-virus software ‘only during installation’ along with any active VPN services. After downloading, users are asked to open the archive and execute the file.

Analysing such files reveals that they contain malware. In most cases, this malware either enables access to the system from outside (by the fraudsters) or steals information from the local device and transfers it to systems controlled by the fraudsters. Both of these threats jeopardise the victim's data and computer security. For example, intrusions into e-banking could result in significant financial losses, or the user's accounts could be hijacked (email, social media, etc.). If that device is used by several members of a family, the impact will be great.

Precautions you should take

  • Only download software from trustworthy and official sources. This significantly reduces the risk of inadvertently installing malware.
  • Do not just click on the first link that comes up in a search. The first hits are often paid search results. Not only companies, but also fraudsters pay to appear at the top of the results page.
  • If the device is used by several family members, individual user accounts should be set up. In contrast to the privileged Administrator account, you cannot install programmes with simple user accounts. An ordinary user must request administrator rights in order to install a programme. This allows a certain degree of control over the use of the computer.
  • Enable two-factor authentication: Using two-factor authentication adds an extra layer of security to your online accounts, making unauthorised access more difficult – even if the password has been leaked.
  • If you suspect that your system has been compromised, have it cleaned with the help of a specialist. The safest thing to do is to reset the system.
  • If you suspect that fraudsters have had access to your passwords, it is essential to change all passwords immediately.
  • Make regular backups of your system. In the event of a malware infection, you can ensure that your data is not lost for good.
  • Inform yourself about current cyber security threats and scams. Raising awareness is an important pillar in the fight against cybercrime.

Last modification 20.02.2024

Top of page