Gamers downloading cheats for the first-person shooter Call of Duty are reportedly being targeted by crypto-draining malware that has so far compromised the details of more than 4.9 million accounts.
Call of Duty cheat provider Phantom Overlay was made aware of the malware campaign this week after users started to make unauthorized purchases. Phantom Overlay provides a marketplace for Call of Duty gamers to buy cheats, such as aimbot and player detection behind walls.
As reported by malware sleuth VX Underground, an unknown entity is using malware to steal the credentials of cheaters before publishing them online. The culprit has also infected users with crypto-draining malware capable of stealing bitcoin from Electrum wallets.
Well, they're presumably stealing more than just their Call of Duty-related accounts. Being a cheater does not mean you should have your wallet drained.
— vx-underground (@vxunderground) March 28, 2024
Or maybe some disagree ¯_(ツ)_/¯
Malware campaign spawns unlikely alliance
VX claims that “in a bizarre twist of fate,” video game company Activision Blizzard is working alongside cheat providers to help users infected with the malware because “The scope of the impact is so large.”
Indeed, VX reports that the accounts of an estimated 3,662,627 Battlenet, 561,183 Activision, 117,366 Elitepvpers, 572,831 UnknownCheats, and 1,365 Phantom Overlay have been compromised, making up 4,915,372 accounts altogether.
Crypto game exploited for $4.6M, hacker claims to be white-hat
Read more: Fake crypto wallet in App Store for four years drained $120K in Stacks
Phantom Overlay reportedly approached gaming forum Elitepvpers, which confirmed that over 40,000 of its accounts were comprised
VX Underground claims that the amount of crypto stolen and the malware delivery methods are currently unknown. VX also clarified that not all of the comprised accounts are cheaters, adding that some impacted users were utilizing software for latency improvement, controller boosting, and VPNs.
Protos has contacted Phantom Overlay, Elitepvpers, and Activision Blizzard for comment and will update if we hear back.