A wave of mysterious malware has reportedly been targeting video game enthusiasts, draining their Bitcoin (BTC) wallets as part of a new information-stealing campaign that also aims at cheaters.
Malware repository vx-underground disclosed in a post on March 28 that they have detected an unknown Threat Actor deploying malware to steal login details and other credentials from users of pay-to-cheat video game software.
The attacks specifically target gamers, including those who purchase cheating software, and have compromised more than 4.9 million accounts belonging to Activision Blizzard users, as well as accounts on their game store Battle.net, Elite PVPers, and cheat software markets PhantomOverlay and UnknownCheats.
Affected users have reported instances of having their Electrum BTC wallets drained of funds. The exact amount of money stolen remains unknown, according to vx-underground.
In a Telegram post on March 27, PhantomOverlay disputed the number of hacked accounts, claiming that over half of the logins in a database they reviewed were invalid. They suggested that the malware may have originated from a network of free or cheap software tied to widely-used programs like latency tools or VPNs among gamers.
PhantomOverlay also hinted at having a strong suspicion about the source of the malware, but acknowledged that the group behind it has made efforts to cover their tracks, making it difficult to prove anything conclusively.
Activision Blizzard reportedly reached out to the cheat-selling site for assistance in addressing the millions of impacted users. The gaming company reassured that their servers remain secure and advised users to change their passwords to safeguard their accounts.
In another development, vx-underground revealed that PhantomOverlay was alerted to fraudulent activities when unauthorized purchases were made using user accounts. Following this discovery, more victims have come forward, leading to increased awareness of the ongoing cyber threats targeting gamers.
Overall, the gaming community is advised to remain vigilant against such malicious activities and take necessary precautions to protect their personal information and digital assets.