Call of Duty Players Targeted in Malware Attack
In a recent revelation by cybersecurity firm VX Underground, it has come to light that Call of Duty players seeking illicit third-party software to cheat in the popular first-person shooter game were among the victims of a targeted phishing attack. This attack also extended to players looking for “pay-to-cheat” software for use on Activision Blizzard’s Battle.net platform, which hosts several other games such as World of Warcraft, Overwatch, and Diablo. The cheat software, when installed, contained crypto-drainer malware that could potentially compromise the user’s Bitcoin wallet, leading to theft of coins.
Scope of Impact
VX Underground reported that the malware attack affected over 4.9 million accounts, including approximately 3.7 million Battle.net accounts, more than 560,000 Activision accounts, and around 117,000 ElitePVPers accounts. Such crypto-draining malware is designed to target a user’s hot wallet, be it a standalone application on their computer or a browser extension. While the specific amount stolen remains unknown, the malware focused on Electrum Bitcoin wallets, highlighting the severity of the breach.
Response and Consequences
Activision Blizzard, in an unprecedented move, is collaborating with cheat providers to assist users affected by this large-scale info-stealer campaign. The attack also compromised accounts of cheat providers, including UnknownCheats and PhantomOverlay, leading to unauthorized purchases. As a testimony to the reach of the attack, Elite PVPers confirmed that over 40,000 user accounts were compromised.
While the exact delivery mechanism of the malware remains unknown, hackers typically propagate malware through malicious websites, phishing emails, or deceptive messages that prompt the victim to download malicious programs. In some cases, cloned websites mimic legitimate platforms to deceive victims into revealing sensitive information, enabling hackers to drain wallets undetected.
Recent incidents, such as the attack on the Bitcoin Rock Discord server, where thieves stole significant amounts of cryptocurrency, underscore the importance of robust security measures to protect against such threats. User vigilance, including avoiding suspicious links, using two-factor authentication, and adhering to cybersecurity best practices, is imperative to safeguard personal and financial data from malicious actors.
Image/Photo credit: source url