Call of Duty Gamers Using Pay-to-Cheat Software Targeted By Bitcoin Hackers

Key Takeaways

• Vx-underground warns of malware stealing login credentials from gamers using cheat software.
• This malware campaign specifically targets gamers’ Bitcoin wallets, leading to reported thefts.
• Over 4.9 million compromised accounts linked to major gaming platforms raise concerns about a widespread attack.

The malware database vx-underground has issued a warning  about a new wave of information-stealing malware targeting video gamers, particularly those utilizing cheating software.

This emerging threat has been specifically draining the Bitcoin wallets of gamers as part of a new campaign aimed at individuals seeking an unfair advantage in games.

Game Cheat Malware Steals Millions of Accounts, Crypto Wallets Hit

The malware information hub vx-underground disclosed  in a March 28 social media post its discovery of an unknown threat actor deploying malware to steal credentials from users of pay-to-cheat video game software.

This cyber assault has impacted players, including those purchasing cheating software, leading to over 4.9 million compromised accounts associated with Activision Blizzard and its Battle.net game store, as well as the game-focused trading platform Elite PVPers and cheat software markets PhantomOverlay and UnknownCheats.

Affected users have started to report incidents of cryptocurrency theft, with their Electrum BTC wallets being emptied. vx-underground noted that it lacks details regarding the total amount of funds stolen.

Cheat Seller Denies Hacking, Blames “Garbage” Data in Database

In a March 27 message on Telegram , PhantomOverlay suggested that the reported number of hacked accounts was exaggerated, noting that more than half of the login details in a database they examined were “invalid garbage.”

They stated :

“It’s the largest infostealer malware campaign in gaming/cheating community history.”

The group described the malware as part of a widespread network of free or inexpensive software, possibly originating from a latency tool, VPN, or another application widely used by millions of gamers.

PhantomOverlay labeled this incident as “the largest info-stealer malware campaign in the history of the gaming and cheating community.”

In another message,  PhantomOverlay mentioned having a solid suspicion about the malware’s source, although the group behind the malware is aware of these suspicions and has significantly obscured any evidence, making it difficult to confirm.

PhantomOverlay reported  that Activision Blizzard reached out to the cheat-selling website, offering support to assist millions of users affected by the malware.

Millions at Risk After Cheat Software Hack

Vx-underground mentioned in its post that PhantomOverlay became aware of fraudulent activities when users’ accounts started making unauthorized purchases. After contacting the initial victim, PhantomOverlay has since identified more affected individuals.

In a statement, Activision Blizzard said :

“There have been claims that some player credentials across the broader industry could be compromised from malware from downloading or using unauthorized software. Activision Blizzard servers remain secure and uncompromised. Our priority is always player account security.

If players believe they may have clicked on a suspicious link or if they want to ensure their account is protected, they can change their password and follow recommended best practices here such as adding two factor authentication.”

For years, individuals exploiting game cheaters have been a persistent issue. In 2018, a malware  disguised as a cheat tool for the widely acclaimed video game Fortnite was aimed at stealing Bitcoin wallet login information.

In a subsequent event in 2019, Fortnite players became victims when hackers employed tactics that restricted users from accessing data on their computers.

About the Author

Teuta Franjkovic

Teuta is a seasoned writer and editor with more than 15 years of experience. She has expertise in covering macroeconomics and technology as well as the cryptocurrency and blockchain industries. She has worked for several publications as a journalist and editor, including Forbes, Bloomberg, CoinTelegraph, Coin Rivet, CoinSpeaker, VRWorld and Arcane Bear. Teuta began her professional career in 2005, working as a lifestyle writer at Cosmopolitan in Croatia. From there, she branched out to several other publications, covering mainly business and the economy. She then turned her attention to the world of cryptocurrency and blockchain, believing that crypto is among the most important inventions in the history of humanity. Her involvement in fintech began in 2014 and she has since lent her expertise in writing, editing and gathering information about the world of crypto, blockchain, NFTs and Web3. An all-round news hound, mentor, editor, and writer, Teuta enjoys teamwork and good communication. She holds a WSET2 diploma and has a thing for chablis, punkrock music and shoes. She also holds a double MA in Political science and Entrepreneurship.

See more

[email protected] LinkedIn Twitter