Call of Duty Players Hit by Phishing Scam Involving Cheat Software
In a sophisticated phishing attack targeting gamers, cybersecurity experts at VX Underground have uncovered that players of the popular first-person shooter game, Call of Duty, seeking illicit "cheat" software have fallen victim. This scam also ensnared individuals looking for "pay-to-cheat" software on Activision Blizzard’s Battle.net, a platform hosting renowned titles such as World of Warcraft, Overwatch, and Diablo.
The malicious cheat software went beyond simple game manipulation, installing crypto-drainer malware on the unsuspecting users' devices. This malware poised a significant threat by facilitating unauthorized access to Bitcoin wallets, thereby enabling the perpetrators to siphon off the users' cryptocurrency holdings.
VX Underground reports that this crypto-draining malware potentially compromised over 4.9 million accounts across various platforms, highlighting the extensive reach and impact of this attack. This includes approximately 3.7 million Battle.net accounts, over 560,000 Activision accounts, and around 117,000 ElitePVPers accounts.
The crypto wallet drainers specifically targeted Electrum Bitcoin wallets, though the total amount stolen remains undisclosed at this juncture. In response to the magnitude of this security breach, Activision Blizzard has taken proactive measures, partnering with cheat providers to extend support to affected users, demonstrating a commitment to player account security.
Among the cheat services impacted were UnknownCheats and PhantomOverlay, reporting 572,831 and 1,365 compromised accounts, respectively. Elite PVPers has confirmed the detection of over 40,000 compromised user accounts following an alert from PhantomOverlay administrative staff.
Despite the scale of this cyberattack, an Activision Blizzard spokesperson reassured the public, stating, "Activision Blizzard servers remain secure and uncompromised. Our priority is always player account security.” The company has advised its player base to update their passwords and adopt best practices like two-factor authentication to safeguard against future threats.
The exact delivery method of the malware remains unknown to VX Underground, but it's commonly dispersed via phishing emails, malicious websites, or messages tricking victims into installing harmful programs.
In a related incident, the founder of the Bitcoin Ordinals project, Ordinal Rugs, fell prey to a similar wallet drainer phishing attack. Thieves extracted approximately $103,003 and $208,196 worth of Ordinal inscriptions from Archon's personal wallet, underscoring the growing concern over such cyber threats within the cryptocurrency community.
These incidents serve as a stark reminder of the ever-present risks in the digital landscape, particularly for those engaged in gaming and cryptocurrency activities. Ensuring robust cybersecurity measures and exercising caution with third-party software remains crucial in safeguarding personal and financial information against sophisticated phishing schemes.
Analyst comment
This news is negative. The phishing scam targeting Call of Duty players and involving cheat software has compromised over 4.9 million accounts, potentially stealing Bitcoin from unsuspecting users. The market is likely to see a negative impact as players become more cautious and demand heightened cybersecurity measures from gaming and cryptocurrency platforms.
