Skip to content

Mystery Malware Targets Call of Duty Cheaters and Drains Bitcoin Wallets

Learn about the alarming rise of malware targeting video gamers, particularly those using cheating software, which aims to steal Bitcoin from their wallets. Stay informed and take proactive steps to protect your accounts from potential cyber threats.

A newly identified malware campaign has specifically targeted gamers, with a particular focus on those involved in cheating, by stealing sensitive information and draining Bitcoin wallets. This sophisticated attack has drawn attention from the gaming community and cybersecurity experts.

Malware Campaign Discovery

Malware information hub vx-underground reported the activities of a significant and currently unidentified threat actor. This actor has been deploying malware to steal credentials from gamers using cheating software, marking a new wave of cyber threats within the gaming community.

Scope of Attack

The malware has successfully compromised over 4.9 million accounts. Affected parties include Activision Blizzard users and communities associated with, Elite PVPers, PhantomOverlay, and UnknownCheats. This broad attack has raised alarms about the security of online gaming accounts and the risks associated with cheating software.

Crypto-Draining Activity

Several victims have reported substantial financial losses, with their Electrum Bitcoin wallets being specifically targeted and drained. The total amount of stolen funds has not been disclosed, but the impact is significant, highlighting the financial risks of malware attacks.

Denial from PhantomOverlay

PhantomOverlay, a cheat software market, responded to the reports by suggesting that the number of compromised accounts might be overstated. They noted that many logins from the leaked database were invalid. Despite this, they acknowledged the malware campaign as the largest in the history of gaming and cheating communities.

Possible Sources of Malware

Speculation about the malware's origin points to widely used software among gamers, such as latency optimization tools or VPNs. The exact source remains unverified, but the widespread nature of the attack suggests a common vector that affected a large segment of gamers.

Activision Blizzard's Response

Activision Blizzard has acknowledged the potential compromise of credentials across the broader gaming industry due to malware associated with unauthorized software. They assured that their servers are secure and recommended users change their passwords to enhance account security.

Community Alert

Both PhantomOverlay and vx-underground are actively investigating the attack and assisting victims. Activision Blizzard's involvement in supporting affected users underscores the seriousness of the threat and the collaborative effort to address it.

This incident serves as a stark reminder of the dangers associated with downloading and using unauthorized software, especially cheat programs. Gamers are urged to maintain high levels of vigilance and prioritize digital security to protect against such sophisticated threats. The industry's response to these attacks highlights the importance of cybersecurity in the online gaming world.