Search This Blog

Showing posts with label 2K Games. Show all posts

2K Games’ Support System Hacked via Notorious Malware

 

Days after a hacker targeted Rockstar Games, another American video game developer 2K reportedly suffered a targeted cyberattack wherein the attackers designed a clone version of its support system. The hackers employed RedLine password-stealing malware to access the company’s help desk. 

In a tweet, the video game publisher said it recently unearthed that a hacker managed to “illegally access” the credentials of one of its vendors to the helpdesk platform. 

The company advised users to reset the account passwords stored in their web browser and enable two-factor authentication wherever possible — while avoiding 2FA with text message verification. Additionally, players can install and run a trustable antivirus program and scan their account settings to see if any forwarding rules have been added to their email accounts. 

"The unauthorized party sent a communication to certain players containing a malicious link. Please do not open any emails or click on any links that you receive from the 2K Games support account," the company warned. 

Although 2K did not name the vendor, notably the company uses Zendesk Inc. for its support portal. It’s unknown if a Zendesk account was compromised or if the account belongs to another third-party vendor used by 2K, which also had access to the Zendesk-powered support portal. 

According to Bleeping Computer, the malicious texts received by 2K users originated from a fake 2K support representative called “Prince K.” The messages included an attached file named “2K Launcher.zip” hosted directly on 2ksupport.zendesk.com, which pretended to be a new game launcher. 

The zip file contained an unsigned file called “2k Launcher.exe” that included RedLine Stealer, a low-cost malware employed to siphon a wide range of data after infecting one's system, including web browser history, cookies, saved browser passwords, credit cards, VPN credentials, instant messaging content, cryptocurrency wallets, and more.

“The depth of 2K Games breach is another cautionary tale of supply chain security,” David Maynor, senior director of threat intelligence at cybersecurity training company Cybrary Inc., stated. “This compromise allowed the attackers to send official mail and hosting malware directly on their help desk services.” 

Maynor added that the scope of the attack appeared restricted only by the hackers’ imagination. “2K Games just released ‘NBA 2K23,’ a popular basketball franchise that brought extra scrutiny to the 2K Games support platform,” he said.