Cheaters in Call of Duty and other Activision Blizzard games are currently affected by malware that steals their credentials, but also for some, their Bitcoin wallets. The publisher is aware of this and is investigating the ongoing attack.
Cheating in a video game is obviously a practice that can be judged as deplorable, unfair, and ultimately sadly pathetic when it affects our own gaming sessions.
In addition, these cheat tools are far from being the most reliable, according to malware that seems to have been spreading for several days among players using programs of this kind.
Millions of accounts affected
It was the user @vxunderground on Twitter (X), quoted by the sites TechCrunch and Decrypt. co, who reported the scale of the attack. The malware is believed to first hit cheat software users with the goal of stealing their credentials within Activision Blizzard games, including Call of Duty, Overwatch, Diablo, and World of Warcraft.
Over the past couple of days we have become aware of malware targeting gamers! More specifically, a currently unidentified Threat Actor is utilizing an infostealer to target individuals who cheat (Pay-to-Cheat) in video games.
A Call of Duty cheat provider (PhantomOverlay) was…
— vx-underground (@vxunderground) March 27, 2024
According to figures put forward by the specialist, more than 3.6 million Battle.net accounts have been compromised and 560,000 Activision accounts. The information is reported by the providers and communities of cheat tools UnknownCheats, Elite PVPers (specialized in MMOs), and PhantomOverlay (for Call of Duty and Counter Strike FPS).
The victims were allegedly infected by installing cheat software that looked genuine but worked in the background to steal their confidential data. In addition, some players have had their cryptocurrency wallets emptied, specifically the Electrum BTC which allows them to manage their bitcoins. As our colleagues at 01net recall, malware of the same type was rampant in the game Fortnite in 2018.
vx-underground says the malware also targeted users of VPN tools, as well as gamers who use programs to upgrade their controllers. We imagine that we are talking here about the different tools that allow you to pass your keyboard/mouse for a controller, the famous Cronus Zen or ZIM.
Activision’s servers were not affected by the attack
When contacted by TechCrunch, Activision Blizzard confirmed that it is aware that “the credentials of some players across the industry could be compromised by malware when downloading or using unauthorized software.”
But the publisher assures that its servers “remain secure and not compromised” while advising all players to secure their account by activating, for example, two-factor authentication after changing their password.
If you don’t use cheats in your video games, then you shouldn’t be worried about this threat.