Hackers Deploy Malware in Call of Duty Cheats to Steal Bitcoin from Gamers

A group of cybercriminals has launched a campaign using an information-stealing malware targeting individuals cheating in video games, specifically Call of Duty, to exfiltrate their bitcoin holdings.

This nefarious scheme has already compromised the security and finances of hundreds of thousands of gaming enthusiasts, with the victim count continuing to rise, according to insights shared by malware information source @vxunderground.

Over the past couple of days we have become aware of malware targeting gamers! More specifically, a currently unidentified Threat Actor is utilizing an infostealer to target individuals who cheat (Pay-to-Cheat) in video games.

A Call of Duty cheat provider (PhantomOverlay) was…

— vx-underground (@vxunderground) March 27, 2024

Interestingly, not all victims of this cyber attack were engaged in cheating activities.

Some were merely using software enhancements for latency reduction, VPNs, or certain types of controller boosting software, highlighting a broader vulnerability within the gaming community to such exploitative tactics.

It should be noted that some of these accounts are also not cheaters. Some users impacted utilized gaming software for latency improvement (?), VPNs, and Controller Boosting software

(we don't know what this means)

— vx-underground (@vxunderground) March 27, 2024

The situation first came to light when “PhantomOverlay,” a provider of Call of Duty cheat codes, observed suspicious activities following reports from users of unauthorized transactions.

Subsequently, similar incidents were confirmed by competing cheat code providers, including Elite PVPers, who communicated these breaches to @vxunderground.

Victims of this malware reported the theft of sensitive information, including login credentials, and, in some cases, found their Electrum bitcoin wallets emptied.

The extent of the cryptocurrency stolen remains undetermined, underscoring the severity of the breach.

In response to this crisis, Activision Blizzard, the developer behind Call of Duty, is said to be collaborating with the implicated cheat code providers in an effort to assist the affected gamers.

Reports have claimed that a cheat provider for games, including Call of Duty, was compromised with users who purchased the cheats having their personal information stolen. The cheat reportedly had malware that stole information.

Sources confirm Activision Blizzard servers were… pic.twitter.com/lxyvqx8DA9

— CharlieIntel (@charlieINTEL) March 28, 2024

Reports suggest that the breach has extended to over 3.6 million Battlenet accounts, 561,000 Activision accounts, and 117,000 Elite PVPers accounts, though PhantomOverlay has suggested these figures may be exaggerated.

This incident is not the first of its kind; video game cheaters have been targets for hackers for years.

Notably, in 2018, malware disguised as a cheat for the popular game Fortnite was actually a tool designed to steal bitcoin wallet credentials.

Call of Duty players and other gamers seeking "cheat" software were met with malware that could swap their Bitcoin, with potentially millions of accounts impacted. Click to read via @ggDecrypt: https://t.co/DTxN8OmYFd

— Decrypt (@decryptmedia) March 28, 2024

A similar attack occurred in 2019, where Fortnite players faced ransomware that threatened to lock away their computer data, showcasing a continuing trend of cybercriminals exploiting the gaming sector for financial gain.

About The Author