A surge of mysterious malware has reportedly been targeting video gamers and draining their Bitcoin (BTC) wallets as part of a new campaign to steal information. Malware information repository vx-underground reported on March 28 that it had detected an unidentified threat actor using malware to steal login credentials from users of pay-to-cheat video game software.
The attacks primarily target players who purchase cheating software, resulting in over 4.9 million compromised accounts for Activision Blizzard users, as well as accounts for the game store Battle.net, the game-focused trading site Elite PVPers, and cheat software markets PhantomOverlay and UnknownCheats.
Affected users have reported their Electrum BTC wallets being drained, although the exact amount stolen is currently unknown. vx-underground also posted an image showing the scope of the attacks.
In a Telegram post on March 27, PhantomOverlay, one of the cheat software markets targeted by the malware, claimed that the number of hacked accounts was inflated, with over half of the logins in a database being invalid. It also suggested that the malware may have originated from a widely-used latency program, VPN, or some other software used by millions of gamers.
PhantomOverlay further stated that it had a strong suspicion about the source of the malware but that the gang behind it had made it increasingly difficult to prove anything.
Activision Blizzard has reportedly reached out to the cheat-selling site and is working to assist the millions of infected users. A spokesperson for the company stated that they were aware of the potential compromise of credentials due to malware from unauthorized software and emphasized that their servers remained secure. They advised users to change their passwords to protect their accounts.
According to vx-underground, PhantomOverlay became aware of fraudulent activity when unauthorized purchases started being made from user accounts. After contacting the alleged victim, more affected users were identified.
As the video gaming industry continues to attract cybercriminals, it is crucial for gamers to remain vigilant and take necessary precautions to protect their accounts and digital assets.