A recent targeted phishing attack has impacted Call of Duty players who were seeking third-party “cheat” software, according to cybersecurity firm VX Underground. The attack also targeted players looking for “pay-to-cheat” software for use on Activision Blizzard’s Battle.net platform. The malicious software installed crypto-drainer malware on users’ computers, allowing hackers to gain access to sensitive information and potentially steal coins from Bitcoin wallets.
VX Underground took to Twitter to raise awareness about the attack, stating that an unidentified threat actor was using an “info stealer” to target individuals who cheat in video games. The malware affected more than 4.9 million user accounts, including nearly 3.7 million Battle.net accounts, over 560,000 Activision accounts, and approximately 117,000 ElitePVPers accounts.
The crypto-draining malware specifically targeted Electrum Bitcoin wallets, although the exact amount stolen remains unknown. VX Underground highlighted the scope of the impact, noting that Activision Blizzard is working with cheat providers to assist affected users.
The malware attack also compromised cheat providers UnknownCheats and PhantomOverlay, with over 572,831 and 1,365 accounts compromised, respectively. PhantomOverlay was made aware of the attack when users reported unauthorized purchases. Elite PVPers, a gaming platform, confirmed that over 40,000 valid user accounts were compromised.
Activision Blizzard emphasized that the attack was not limited to their own games and platforms and reassured players that their servers remain secure and uncompromised. The company encouraged players to change their passwords and follow recommended security practices, such as enabling two-factor authentication.
At this time, it is unclear how the hackers delivered the malware. Traditionally, malware is distributed through malicious websites, phishing emails, or messages that prompt users to install programs on their computers. To protect themselves, users should exercise caution when clicking on suspicious links and consider implementing additional security measures.
Instances of crypto wallet drainers and phishing attacks have been on the rise recently, underscoring the importance of maintaining online security and being vigilant while engaging in online activities.
The recent targeted phishing attack on Call of Duty players seeking third-party “cheat” software highlights the growing threat of cyberattacks in the gaming industry. This attack, discovered by cybersecurity firm VX Underground, not only impacted players looking to cheat in video games but also those searching for “pay-to-cheat” software for use on Activision Blizzard’s Battle.net platform.
The malicious software installed crypto-drainer malware on users’ computers, causing significant concerns regarding the safety of sensitive information and potential theft from Bitcoin wallets. While the exact amount stolen through the attack remains unknown, the hackers targeted Electrum Bitcoin wallets specifically.
VX Underground took to Twitter to raise awareness about the attack, emphasizing that over 4.9 million user accounts were affected. This includes approximately 3.7 million Battle.net accounts, over 560,000 Activision accounts, and about 117,000 ElitePVPers accounts. The impact of this attack is substantial, prompting Activision Blizzard to work closely with cheat providers to assist affected users.
In addition to compromising user accounts, the attack also targeted cheat providers themselves. UnknownCheats and PhantomOverlay, two popular cheat providers, had over 572,831 and 1,365 accounts compromised, respectively. The attack on PhantomOverlay was brought to their attention when users reported unauthorized purchases. ElitePVPers confirmed that over 40,000 valid user accounts on their gaming platform were also compromised.
Activision Blizzard made it clear that the attack was not isolated to their own games and platforms, assuring players that their servers remain secure and uncompromised. They advised players to change their passwords and follow recommended security practices, like enabling two-factor authentication.
While the exact delivery method of the malware used in this attack is still unclear, it is common for malware to be distributed through malicious websites, phishing emails, or deceptive messages that prompt users to install programs on their computers. To protect themselves, users should be cautious when clicking on suspicious links and consider implementing additional security measures.
Instances of crypto wallet drainers and phishing attacks have been on the rise in recent times. This underscores the importance of maintaining online security and remaining vigilant while engaging in online activities. Players and users should be proactive in safeguarding their personal information and staying informed about potential threats in the gaming industry.
For more information on gaming security and related topics, visit the following links:
– Australian Cyber Security Centre
– Europol
– Federal Bureau of Investigation