Famous publisher 2K Games’ helpdesk platform was hacked where the attackers attempted to distribute malware to gamers’ devices. Resultantly, 2K Games started investigating the incident and took its support platform offline last week.
It is worth noting that 2K is known for publishing some high-profile games including BioShock, WWE 2K, NBA 2K17, NBA 2K18, Evolve, Spec Ops: The Line, Max Payne Series, WWE 2K22, PGA Tour 2K, and many more.
On September 20th, 2K Games tweeted that an unauthorized third-party accessed the credentials of one of its vendors illegally. The vendor was associated with the helpdesk platform the publisher uses to offer support to its customers. The third party sent malicious links to gamers.
“The unauthorized party sent a communication to certain players containing a malicious link. Please do not open emails or click on any links you receive from the 2K Games support account.”
In this campaign, the attackers first launch a fake support ticket and reply to it soon after. In their reply message, they share a file named 2K Launcher.zip. This file is a lure to invite gamers to run the file on their endpoints.
This file, in reality, hides the RedLine Stealer. It is a notorious info-stealing malware that can steal passwords stored in the browser and banking data. Moreover, it can also steal cryptocurrency wallet credentials, web browser history, VPN credentials, and cookies.
In February 2022, the RedLine Stealer was found infecting unsuspecting victims in fake Windows 11 update campaign. In July 2022, as reported by Hackread.com, the same malware was identified bundling with YTStealer and Vidar malware in an attack that was aimed at hijacking YouTube channels.
The publisher issued a statement, explaining that it will give a notification after interaction with official 2K helpdesk emails is resumed. The company will also follow up with updated information regarding how users can protect themselves against malicious activity. It is yet unclear who perpetrated the attack.
How to Stay Protected
Anyone who clicks on the link must immediately reset their password to stay protected, 2K Games recommends players. Since they have realized the type of malware used by the attackers, the company also suggested that players enable in-app MFA wherever possible instead of SMS-based authentication and keep checking their email accounts for forwarding rules.
“We deeply apologize for any inconvenience and disruption that this matter may cause. We appreciate the ongoing support and understanding from our player communities.”
Gamers and Malware Protection
Big companies spend less on security. However, gaming-related hacks and malware attacks are a big problem for gamers. (Look what “they” did to RockStar Games and its upcoming GTA 6 game). These attacks can ruin your gaming experience and even your computer. There are a few things you can do to protect yourself from malware.
First, be careful what you download. Only download games from trusted sources. If you’re not sure if a site is safe, do some research before downloading anything.
Second, keep your computer up to date. Make sure you have the latest security updates and anti-virus software installed. This will help keep your computer safe from any new malware that comes out.
Third, be careful what you click on. Don’t click on any links in emails or on websites unless you’re sure they’re safe. Many times, malware is spread by people clicking on malicious links.
By following these simple tips, you can help protect yourself from malware and have a better gaming experience overall.
More on Hackread.com
- Fake Microsoft Helpdesk Calls Aim To Install Malware on PC
- Scammers Leveraging Microsoft Team GIFs in Phishing Attacks
- 250 million Microsoft customer support records leaked in plain text
- Facebook Phishing: Crooks Using Messenger Chatbots to Steal Data
- Mainstream Live Chat widgets leaking personal details of employees