Players of the iconic first-person shooter game Call of Duty and other popular titles on Activision Blizzard’s Battle.net platform fell victim to a cunning phishing scheme. The cybersecurity firm VX Underground has brought to light that individuals seeking unauthorized “cheat” software for games like World of Warcraft, Overwatch, and Diablo inadvertently downloaded crypto-drainer malware, placing their Bitcoin wallets at significant risk.
This malware, designed to siphon cryptocurrencies from unsuspecting gamers’ wallets, specifically preyed upon those in pursuit of “pay-to-cheat” solutions, thereby exploiting the gamers’ quest for an unfair advantage. The “info stealer” malware has potentially compromised over 4.9 million accounts, encompassing nearly 3.7 million Battle.net accounts, more than half a million Activision accounts, and approximately 117,000 ElitePVPers accounts, according to VX Underground.
These crypto wallet drainers operate by targeting hot wallets, either through applications on the user’s computer or via browser extensions, and have become a dire threat in the digital currency space. Notably, the malware in this instance focused on Electrum Bitcoin wallets, with the total amount stolen remaining uncertain.
In an unprecedented response, Activision Blizzard has initiated collaborations with cheat providers to assist users affected by this extensive info stealer campaign. This unusual alliance highlights the severity of the situation and the lengths to which the company is willing to go to mitigate the damage.
Additionally, cheat providers UnknownCheats and PhantomOverlay have reported hundreds of thousands of compromised accounts, with PhantomOverlay becoming aware of the breach through user reports of unauthorized transactions. Following these revelations, Elite PVPers confirmed the compromise of over 40,000 valid user accounts.
The response from Activision Blizzard emphasizes that this malware attack spans beyond their games and platforms, asserting that their servers remain secure. They have advised players concerned about their account security to change their passwords and adopt two-factor authentication among other best practices.
The precise method of malware delivery remains unknown, though it typically involves malicious websites, phishing emails, or messages that trick users into installing harmful software. VX Underground’s disclosure serves as a stark reminder of the perils associated with downloading or using unauthorized software, underscoring the ongoing battle against cyber threats in the gaming community.
This recent phishing attack targeting gamers through cheat software is a grim testament to the evolving sophistication of cyber criminals in exploiting the digital realm. As the gaming community reels from the impact, the incident calls for heightened vigilance and robust cybersecurity measures. Gamers, now more than ever, must exercise caution, reinforcing their digital defences to safeguard their virtual and financial assets against such insidious threats.
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
Toncoin