Malicious cheats for Call of Duty: Warzone are circulating online

Gloved hands manipulate a laptop with a skull and crossbones on the display.reader comments

10 with 10 posters participating

Criminals have been hiding malware inside publicly available software that purports to be a cheat for Activision’s Call of Duty: Warzone, researchers with the game maker warned earlier this week.

Cheats are programs that tamper with in-game events or player interactions so that users gain an unfair advantage over their opponents. The software typically works by accessing computer memory during gameplay and changing health, ammo, score, lives, inventories, or other information. Cheats are almost always forbidden by game makers.

On Wednesday, Activision said that a popular cheating site was circulating a fake cheat for Call of Duty: Warzone that contained a dropper, a term for a type of backdoor that installs specific pieces of malware chosen by the person who created it. Named Warzone Cheat Engine, the cheat was available on the site in April 2020 and again last month.

An advertisement on a popular cheat site.

Enlarge / An advertisement on a popular cheat site.
Activision

Shields down

People promoting the cheat instructed users to run the program as an administrator and to disable antivirus. While these settings are often required for a cheat to work, they also make it easier for malware to survive reboots and to go undetected, since users won’t get warnings of the infection or that software is seeking heightened privileges.

deep-dive analysis. They provided a long list of Warzone Cheat Engine variants that installed a host of malware, including a cryptojacker, which uses the resources of an infected gaming computer to surreptitiously mine cryptocurrency.

Activision’s analysis said that multiple malware forums have regularly advertised a kit that customizes the fake cheat. The kit makes it easy to create versions of Warzone Cheat Engine that deliver malicious payloads chosen by the criminal using it.

Warzone Cheat Engine.”>An app available in malware forums that creates custom versions of emWarzone Cheat Engine/em.

Enlarge / An app available in malware forums that creates custom versions of Warzone Cheat Engine.

The people selling the kit advertised it as an “effective” way to spread malware and “some nice bait for your first malware project.” The sellers have also posted YouTube videos that promote the kit and explain how to use it.

Activision’s report came on the same day that Cisco’s Talos security team disclosed a new malware campaign targeting gamers who use cheats. The malicious cheats used a previously unknown cryptor tool that prevented antivirus programs from detecting the payload. Talos didn’t identify the game titles that were targeted.

Article Tags:
Article Categories:
Technology

Related Articles