Activision Blizzard’s security team analyzed a hacking campaign in which criminals hid malware inside cheat packages for a popular online game, Call of Duty: Warzone.
Security researchers at the gaming company published their findings in a report on Wednesday.
Criminals distributed a Warzone cheat on popular cheating forums that infected victims’ computers and let hackers take control over it. The cheat contained Cod Dropper v0.1, a type of malware that downloads other malicious payloads, such as credential-stealing malware, on the victim’s computer.
One of the things the malware did was use the victims’ GPUs to mine cryptocurrency.
Building and selling cheats for popular online games is a whole industry. Cheats are used by countless gamers, and many cheats require users to disable anti-virus programs and give the cheat the highest privileges. It then becomes easy for hackers to compromise the system.
“The dependencies for a ‘genuine’ cheat to work are the same as those needed by most malware tools to successfully execute. System protections need to be bypassed or disabled, and privileges need to be escalated to allow the program to run correctly and/or establish persistence,” the Activision researchers wrote in the report.
“While this method is rather simplistic, it is ultimately a social engineering technique that leverages the willingness of its target (players that want to cheat) to voluntarily lower their security protections and ignore warnings about running potentially malicious software.”
The attackers went to lengths to advertise their tool. They shared it on hacking forums, published how-to videos on YouTube, and promoted it as an “undetected cheat for CoD WARZONE.”
CoD Warzone gamers is a free game and that means it’s played by millions of people.
It is unknown how many computers had been compromised. But one can get the scope, by knowing that since the authors posted news about it on a popular gaming forum, the thread has gained over 10,000 views and 260 replies.
Image: Activision Blizzard
