Tag Archive for: games

Bitcoin-Stealing Malware Disguised as Cheat Software for Popular Games; Millions of Gamers at Risk

/in


Many gamers looking for third-party cheat software to gain a competitive edge in popular titles like Call of Duty (COD), Diablo, and World of Warcraft (WoW) have had their Electrum Bitcoin wallets drained by malware.

This malware campaign, orchestrated by an unidentified actor, potentially affected over 4.9 million gaming accounts across various platforms, info security firm VX Underground said on Wednesday. The exact amount of funds stolen from users is unknown at this time.

On Thursday, TechCrunch said the malware was first uncovered by COD cheat software developer “Zeebler,” who warned gamers about the threat.

“The scope of the impact is so large, and in a bizarre twist of fate, Activision Blizzard is coordinating with cheat providers to aid users impacted by the massive infostealer campaign,” VX Underground said on X (formerly Twitter).

About 4.9 Million Gaming Accounts at Risk

According to VX Underground, the crypto-swiping malware may have impacted 561,183 Activision accounts, 3,662,627 million Battle.net accounts, 117,366 ElitePVPers accounts, 572,831 UnknownCheats accounts, and 1,365 PhantomOverlay accounts.

“When Elite PVPers was approached by PhantomOverlay administrative staff about the compromised accounts, Elite PVPers confirmed they have identified 40,000+ valid user accounts compromised,” VX Underground said. “These are seemingly freshly stolen credentials and are not present from previous publicly available credential dumps.”

VX Underground noted that not all victims of the malware attack were seeking cheat software for games. Some were using “software for latency improvement (?), VPNs, and Controller Boosting software.”

A source told TechCrunch that Activision Blizzard is trying to “help remove the malware” and is “working on identifying and remediating player accounts for anyone affected.” Meanwhile, Activision spokesperson Delany Simmons told the news outlet that the company’s servers “remain secure and uncompromised.”

It isn’t uncommon for hackers to target gamers with compromised software. In June 2023, Cyble Research & Intelligence Labs said threat actors are using trojanized versions…

Source…

Apex Legends hacker said he hacked tournament games ‘for fun’

/in


On Sunday, the world of video games was shaken by a hacking and cheating scandal.

During a competitive esports tournament of Apex Legends, a free-to-play shooter video game played by hundreds of thousands of players daily, hackers appeared to insert cheats into the games of two well-known streamers — effectively hacking the players midgame.

“Wait, what the fuck? I’m getting hacked, I’m getting hacked bro, I’m getting hacked,” said one of the players allegedly compromised during a live stream of the gameplay.

The incidents forced the organizers of the Apex Legends Global Series tournament, which has a $5 million total prize pool, to postpone the event indefinitely “due to the competitive integrity of this series being compromised.”

As the midgame hacks were underway, the game’s chatbot displayed messages on-screen that appeared to come from the hackers: “Apex hacking global series, by Destroyer2009 &R4andom,” the messages read.

In an interview with TechCrunch, the hacker Destroyer2009 took credit for the hacks, saying that he did it “just for fun,” and with the goal of forcing the Apex Legends’ developers to fix the vulnerability he exploited.

The hacks sent the Apex Legends community into a frenzy, with countless streamers reacting to the incidents, and some players suggesting Apex Legends is not safe to play, because every player could be at risk of getting hacked not only in-game, but potentially having their computers hacked, too.

Destroyer2009 declined to provide details of how he allegedly pulled off hacking the two players midgame, or what specific vulnerabilities he exploited.

“I really don’t want to go into the details until everything is fully patched and everything goes back to normal,” the hacker said. The only thing Destroyer2009 said regarding the technique he used was that the vulnerability “has nothing to do with the server and I’ve never touched anything outside of the Apex process,” and that he did not hack the two players’ computers directly.

The hacks “never went outside of the game,” he said.

Destroyer2009 said he did not report the vulnerability to Respawn, the video game developer that makes Apex Legends,…

Source…

Remcos RAT Spreading Through Adult Games in New Attack Wave

/in


Jan 16, 2024NewsroomBotnet / Malware

Remcos RAT

The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea.

WebHard, short for web hard drive, is a popular online file storage system used to upload, download, and share files in the country.

While webhards have been used in the past to deliver njRAT, UDP RAT, and DDoS botnet malware, the AhnLab Security Emergency Response Center’s (ASEC) latest analysis shows that the technique has been adopted to distribute Remcos RAT.

Cybersecurity

In these attacks, users are tricked into opening booby-trapped files by passing them off as adult games, which, when launched, execute malicious Visual Basic scripts in order to run an intermediate binary named “ffmpeg.exe.”

This results in the retrieval of Remcos RAT from an actor-controlled server.

Remcos RAT

A sophisticated RAT, Remcos (aka Remote Control and Surveillance) facilitates unauthorized remote control and surveillance of compromised hosts, enabling threat actors to exfiltrate sensitive data.

This malware, although originally marketed by Germany-based firm Breaking Security in 2016 as a bonafide remote administration tool, has metamorphosed into a potent weapon wielded by adversaries actors to infiltrate systems and establish unfettered control.

Cybersecurity

“Remcos RAT has evolved into a malicious tool employed by threat actors across various campaigns,” Cyfirma noted in an analysis in August 2023.

“The malware’s multifunctional capabilities, including keylogging, audio recording, screenshot capture, and more, highlight its potential to compromise user privacy, exfiltrate sensitive data, and manipulate systems. The RAT’s ability to disable User Account Control (UAC) and establish persistence further amplifies its potential impact.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Source…

Hackers Gain Control of Casino Card Shuffling Machine for Godlike Control Over Games

/in


“Basically, it allows us to do more or less whatever we want.”

Shifty Shufflers

The house doesn’t always win.

Researchers at the security firm IOActive say they’ve discovered that a card shuffling machine called the Deckmate, widely used by casinos and long thought to be impervious, is actually vulnerable to hacking, Wired reports — an exploit that could give a skilled cheater omniscient knowledge of every player’s cards.

The investigation was spurred by a gambling scandal last year, when during a game of poker, a newcomer holding a terrible hand called the bluff of a veteran player — a call so baffling that the commentator thought that the live graphics were displaying the cards incorrectly.

Accusations of cheating followed, along with an official investigation by Hustler Live Casino, the host of the scandalous game. The casino’s report concluded there was no evidence of foul play, and averred that the Deckmate used at the game was “secure and cannot be compromised.”

Under the Table

That’s where the IOActive researchers begged to differ.

“At that point, it’s a challenge,” Joseph Tartaro, a researcher at the security firm, told Wired.

Presenting at a Las Vegas security conference, Tartaro and his team found that the latest version of the card shuffler, the Deckmate 2, can be hacked through its exposed USB port.

They theorize that a conniving player could pretend to drop something, go under the table where the Deckmate lies, and plug a device into the USB port. And if physically plugging in a hacking device lacks subtlety, the researchers claim that it could also be hacked remotely through the Deckmate’s internal modem.

From there, cheaters could access the shuffler’s internal camera that watches the cards, and relay that data over Bluetooth to a phone held by a partner nearby who could communicate with a trick like hand signals.

As a test, IOactive researchers made a hacking device out of a Raspberry Pi, exploiting, among several vulnerabilities, faulty firmware that let them tamper with the Deckmate’s encrypted code without detection. They paired this with a Bluetooth app that displayed the hands of other players based on the data.

“Basically, it allows us to do more or less whatever we…

Source…