Activision is reportedly looking into the malware stealing its users’ login credentials

Activision is reportedly looking into the malware stealing its users' login credentials

Activision is reportedly in the midst of investigating a hacking campaign that’s stealing login credentials from people playing its games. According to TechCrunch, bad actors have been successfully installing malware onto victims’ computers and using their access to steal logins for their gaming accounts and even their crypto wallets. The video game publisher has apparently been helping victims remove the malware and regain control of their accounts, but it doesn’t have enough information at the moment to say how the malware is spreading.

TechCrunch’s source said the malware “could be only affecting folks who have third-party tools installed,” insinuating that people are getting it from non-Activision-developed software typically used with its games. Delaney Simmons, Activision’s spokesperson, told the publication that the company is aware of “claims that some player credentials across the broader industry could be compromised from malware from downloading or using unauthorized software.” He added that the company’s servers “remain secure and uncompromised.”

That’s certainly a plausible theory, seeing as the hacking scheme appears to have been uncovered by someone known as Zeebler, who develops cheating software for Call of Duty. Zeebler told TechCrunch that he discovered the campaign when one of his customers had their account stolen for his software. Upon looking into it, he reportedly discovered a database containing stolen credentials. He also said that the malware is disguised to look like real software, but they were actually designed to steal the usernames and passwords victims type in. Zeebler is presumably talking about third-party tools like cheating software getting cloned to harvest people’s logins, but phishing schemes that use Activision’s official login design exist, as well. Bottom line is, people should be careful what they download and always double check if the login page they’re typing in is the real deal.