Video game giant Activision is investigating a hacking campaign aimed at stealing player credentials, TechCrunch has learned.
At this time, it is unclear what the hacker's specific purpose is other than stealing passwords for various types of accounts. Sources say hackers somehow inject malware into victims' computers and steal passwords for things like gaming accounts and cryptocurrency wallets.
Activision Blizzard staff are investigating, are “cooperating with the removal of the malware,” and are “working to identify and remediate the malware,” said a person familiar with the incident, who requested anonymity because they were not authorized to speak to the press. he said. Delete the affected player's account. ”
“We don't have enough data yet on how to do that. [the malware] It is spreading,” the official said. “Only users who have third-party tools installed may be affected.”
Contact Us Do you know more about this hack? Or is this another video game hack? You can contact Lorenzo Franceschi-Bicchierai securely from any non-work device on Signal (+1 917 257 1382) or on Telegram, Keybase and Wire @lorenzofb, or email. You can also contact TechCrunch via SecureDrop.
Activision spokesperson Delaney Simmons told TechCrunch that the company is aware of “allegations that the credentials of some players across the industry could be compromised by malware through the download or use of unauthorized software.” The company said its servers “remain secure and uncompromised.”
The malware campaign appears to have first been discovered by Zeebler, a developer and distributor of cheating software for the popular first-person shooter game Call of Duty. Zeebler said Wednesday on the PhantomOverlay cheat provider's official channel that hackers are targeting gamers, some of whom use the cheats, to steal their usernames and passwords.
Zeebler described the effort as an “information-stealing malware campaign.” In this campaign, malware is designed to appear legitimate and is unknowingly installed by victims, secretly stealing usernames and passwords.
Zeebler told TechCrunch that PhantomOverlay customers learned about the hacking campaign when their cheat software accounts were stolen. At that point, Zeebler added, he began investigating and was able to find a database of stolen credentials that the hackers had been collecting.
Zeebler then contacted Activision Blizzard and other cheat creators to say that their users appeared to be affected.
TechCrunch obtained a sample of the allegedly stolen login information and confirmed that some of the data was genuine credentials. It is unclear how old or recent the data is.
At this time, there is no reason to think that regular players of Activision games are at risk, only players who use third-party apps such as cheats.
Either way, as Activision's Simmons told TechCrunch, users who suspect they may have been compromised can change their passwords and enable two-factor authentication.