Video game developer, Activision, has uncovered a malware app that downloads secret crypto miners on users’ computers by appearing as a “coach” for the “Call of Duty” video game called Warzone. This was revealed in a statement made by the company on Thursday.
Last month, a threat actor circulated a post on various hacking forums promoting a free, “beginner-friendly,” and ” proven way” to defraud users and distribute a remote access trojan (RAT); that is, malware which, as the name suggests, naturally facilitates remote access to the target it is aimed at. According to the statement, the RAT refers to a “coach,” a program that enables players to generate multiple cheats for famous battle shooter Call of Duty: War zone.
Gamers unknowingly installed malware on their devices
But contrary to gamers’ expectations, they were indeed downloading a ” dropper,” which is a unit of software developed to secretly Install and download different malwares. According to the report, the dropper ‘Cod Dropper v0.1′ is customizable to download much more dangerous malware to the victims’ devices .
The hackers’ advertisement stated that the malware was an undiscovered cheat for COD WARZONE. They even posted some videos on some platforms such as YouTube with instructions, advising players to deactivate their security apps and allow the RAT to access their devices. The hackers advertised the fake video game cheat to persuade their targets to deactivate their security software.
This method is commonly used by scammers whenever they try to make users install cheat programs on their phones or computers. As other malware do, the dropper downloaded many secret crypto-miners on the devices of its victims. However, the researchers have not identified the exact digital assets the hackers created. But the report stated that the scammers deliberately focused on “target audience.”
The hackers chose Call of Duty: War zone because of its popularity, high demand, and unique requirements. All these features give a likelihood that the target victims would be holding a strong graphics card that will accelerate the process of crypto mining.
Another crypto fraud method uncovered
Although this technique seems to be simple, it is indeed a social engineering method of taking advantage of its victims’ eagerness (gamers who are willing to cheat) to willingly remove or reduce their safety measures and security software and disobey warnings against installing possibly malicious programs on their devices.
Crypto hackers and scammers use various means to extort money from their victims. One of their methods is crypto-ransomware, a sort of destructive software that encrypts folders or files available on a computer or phone to steal victims’ funds. The hackers use encryption to distort the content of the target files to render them unreadable.
You need a decryption key to restore the file to its prior status and make it readable. Generally, crypto-ransomware holds the files hostage, requesting a ransom before releasing the decryption key to restore the target file to normal use. Crypto-ransomware posts some messages to attract victims to itself and threaten them to cough up some money as ransom.