2K Games helpdesk hacked to spread malware to players
Company urges gamers not to open any support emails
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The helpdesk platform of popular publisher 2K Games has been hacked in an attempt to spreadmalwareamong gamers, the company has confirmed.
In a tweet, 2K Games said it recently discovered that hackers managed to “illegally access” the credentials of one of its vendors to the helpdesk platform.
“The unauthorized party sent a communication to certain players containing a malicious link. Please do not open any emails or click on any links that you receive from the 2K Games support account,” the company warned.
Setting up MFA
The attackers would first open up a fake support ticket, and soon after, reply to it. In the reply message, they’d share a file named “2K Launcher.zip”, inviting the players to run it on theirendpoints. The file turned out to be RedLine Stealer, a known infostealer that’s capable of, among other things, grabbing passwords stored in the browser, stealing banking data, as well as cryptocurrency wallets. Furthermore, RedLine can grab VPN credentials, web browser history, and cookies.
Knowing the type of malware the threat actor set out to distribute, 2K advised potential victims to reset all passwords stored in the browser, enable multi-factor authentication wherever possible (with an app, rather than via SMS), install an antivirus program, and check the email accounts for any forwarding rules.
GTA 6 leak confirmed by Rockstar Games, ‘early development footage’ is real>GTA 6: here’s everything we know so far>Check out the best antivirus tools right now
In the meantime, 2K took its support portal offline as it thoroughly investigates the incident.
“We will issue a notice when you can resume interacting with official 2K help desk emails, and we will also follow-up with additional information as to how you can best protect yourself against any malicious activity,” 2K said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
At the moment, it is not known who the threat actors behind the attack are, butBleepingComputerspeculates it could be the same group that recently broke into Rockstar Games - Lapsus$.
“Both companies are subsidiaries of Take-Two Interactive, one of the largest video game publishers across the Americas and Europe,” it said.
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now
3 reasons why PIA fell in our best VPN rankings
Stormforce Pro Creator 0601 workstation review
