![](https://elitedefender.in/wp-content/uploads/2024/04/images-62.jpeg)
An infostealer malware campaign has collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services.
The details emerged after Discord user ‘PainCorp’ notified Zebleer, the developer of Phantom Overlay cheats for Call of Duty and Counter-Strike, about an infostealer database that he had found.
“The DB for the stealer represents gaming related accounts much more than anything else,” Zebleer said, adding that “it’s the largest infostealer malware campaign targeting gamers/cheaters in history.”
According to the Phantom Overlay developer, the database contains credentials for several million gamers whose systems were infected in malware campaign.
Service | Accounts
Battlenet | 3,662,647
Activision | 561,183
Elite PVPers | 117,366
UnknownCheats | 572,831
Phantom Overlay | 1,365
BLOG | 67,152
RN | 1,044
ACD | 3,818
AA | 21,564
EO (two domains) | 85,360
Iniuria | 14,181
Gamesense | 18,465
The cheat developer also notes that the domain with the highest number of stolen accounts is Discord, which stands at 14 million entries in the database.
Although it has not been confirmed how the malware was distributed to such a large number of users, Zebleer says that some free or cheap software advertised to Call of Duty gamers packs an infostealer.
In a separate post, cybersecurity research group vx-underground, says that multiple users have been reporting that their Electrum BTC wallets were compromised as a result of malware activity on the computer.
In the post, vx-underground says that the gaming forum Elite PVPers confirmed that more than 40,000 valid accounts were compromised.
It appears that the credentials are not present in other publicly available databases with stolen account logins.
Although the number of logins in the database indicates a significant impact on the gaming community, it is unclear how many of the accounts are valid or duplicates.
Activision Blizzard recommends 2FA
Reportedly, Activision Blizzard is coordinating with cheat developers to limit the campaign’s impact and provide security instructions to holders of compromised accounts.
“If players believe they may have clicked on a suspicious link or if they want to ensure their account is protected, they can change their password and follow recommended best practices,” the company added, referring to two-factor authentication (2FA).
To ensure the protection of their account and make it more difficult for hackers to profit even when credentials are stolen, users are recommended to enable two-factor authentication.
Leave a Reply