Look out, n00bs. Hackers are apparently deploying fake game “cheats” for Call of Duty: Warzone. They sure won’t help you merk your opponents, but they will inject a crapload of malware onto your computer.
A recently disclosed report from game publisher Activision shows that discussion of such schemes was recently observed on several different dark web forums. Criminals discussed tricking unsuspecting gamers into downloading a dropper—a malicious program that can be customized to install other, more destructive forms of malware (such as, say, a RAT) onto a computer or device—by convincing them it was actually a free cheating program.
According to the report, this free “cheat” offers things like infinite ammunition “for all weapons,” “extra speed” and a “1hit1kill” feature. Truly good stuff! If only it were real, and not a pretext for stealing your financial information.
Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.) While the report doesn’t mention which forum they were posted on (that certainly would’ve been helpful), it does say that these offerings have popped up a number of times. They have also been seen advertised in YouTube videos, where instructions were provided on how gamers can run the “cheats” on their devices, and the report says that “comments [on the videos] seemingly indicate people had downloaded and attempted to use the tool.”
Part of the reason this attack could work so well is that game cheats typically require a user to disable key security features that would otherwise keep a malicious program out of their system. The hacker is basically getting the victim to do their own work for them.
“It is common practice when configuring a cheat program to run it the with the highest system privileges,” the report notes. “Guides for cheats will typically ask users to disable or uninstall antivirus software and host firewalls, disable kernel code signing, etc.”
With all this in mind, it might be advisable that gamers keep on the path of goodness and virtue—and just play by the rules for the time being.