Hackers Impersonate E-Sports Gamers to Steal Cryptocurrency from Counter-Strike Fans

Cybercriminals are hijacking YouTube accounts and impersonating professional Counter-Strike 2 (CS2) players in an elaborate scam to steal cryptocurrency, researchers at cybersecurity firm Bitdefender have revealed.

 

Exploiting E-Sports Popularity

 

The latest campaign coincided with major e-sports events, including IEM Katowice 2025 and PGL Cluj-Napoca 2025, capitalising on the surge in online viewers. Attackers take over YouTube channels with existing subscribers, rebrand them to mimic famous CS2 players—such as Oleksandr ’s1mple’ Kostyliev, Nikola ’NiKo’ Kovač, and Danil ’donk’ Kryshkovets—and launch fake livestreams.

 

These streams loop old gameplay footage, making it appear as though the impersonated player is live. Viewers are then lured to fraudulent websites via QR codes or links displayed on the stream, promising free CS2 skins, cases, or cryptocurrency rewards.

 

Bitdefender did not disclose the number of victims or attribute the scam to a specific hacker group.

 

Gaming Industry Under Attack

The video game industry has become a prime target for cybercriminals due to its massive online presence.

• In 2023, a DDoS attack disrupted Activision Blizzard’s servers, preventing players from accessing Diablo IV, World of Warcraft, and Call of Duty.
• Earlier this year, Russian-speaking hackers were found distributing malicious versions of pirated games containing cryptomining software XMRig, infecting gamers who downloaded titles such as BeamNG.drive and Garry’s Mod.
• A 2023 phishing campaign targeted Enlisted players, using a fake website to distribute ransomware to Russian-speaking users.

Staying Safe

Cybersecurity experts urge gamers to verify YouTube channels before engaging, avoid clicking unknown links, and use multi-factor authentication to protect their accounts from takeover attempts.