Activision is reportedly in the midst of investigating a hacking campaign that’s stealing login credentials from people playing its games. According to TechCrunch, bad actors have been successfully installing malware onto victims’ computers and using their access to steal logins for their gaming accounts and even their crypto wallets. Citing an unnamed source, the publication reported that the video game publisher has been helping victims remove the malware and regain control of their accounts, but that there isn’t enough information yet to say how the malware is spreading.
A spokesperson for Activision, however, denied that the company is helping to remove the malware, stating that the issue is with third-party software vendors and not with Activision software or platforms. TechCrunch’s source said the malware “could be only affecting folks who have third-party tools installed,” insinuating that people are getting it from non-Activision-developed software typically used with its games.
Delaney Simmons, Activision’s spokesperson, told the publication that the company is aware of “claims that some player credentials across the broader industry could be compromised from malware from downloading or using unauthorized software.” He added that the company’s servers “remain secure and uncompromised.”
A third-party origin is certainly a plausible theory, seeing as the hacking scheme appears to have been uncovered by someone known as Zeebler, who develops cheating software for Call of Duty. Zeebler told TechCrunch that he discovered the campaign when one of his customers had their account stolen for his software. Upon looking into it, he reportedly discovered a database containing stolen credentials. He also said that the malware is disguised to look like real software, but they were actually designed to steal the usernames and passwords victims type in. Zeebler is presumably talking about third-party tools like cheating software getting cloned to harvest people’s logins, but phishing schemes that use Activision’s official login design exist, as well. Bottom line is, people should be careful what they download and always double check if the login page they’re typing in is the real deal.
Update, March 30 2024, 5:20PM ET: This story has been updated to include new information from Activision.