Latest News And Breaking Headlines

A hacker used 2K Games’ support desk to send gamers malware

2K Games logo in white and red surrounded by a pattern of angular black bars
The edge

Hackers have really been targeting the gaming industry this week – and appear to have targeted companies associated with Take-Two Interactive.

On Tuesday, game publisher 2K Games informed the public that an “unauthorized third party” had compromised its help desk platform and used it to send malicious links to customers. The reveal came just a day after Rockstar released development material from… GTA VI was stolen and leaked by a hacker who broke into his network and downloaded confidential data.

There’s no sign (yet) that the 2K hack is related to Rockstar’s previous breach, but both Rockstar and 2K are owned by Take-Two Interactive, making it a particularly damaging week for the parent company’s security record.

2K Games is the publisher of a number of popular franchises in the sports, shooting and action genres, including: border areas, BioShock, Civilizationand the NBA 2K and WWE 2K series. Together, these games have sold hundreds of millions of units: the NBA 2K franchise only had sold 112 million copies as of 2021. With this massive pool of players, it’s a big deal when one of the company’s trusted information channels — in this case, the support desk, which is managed through Zendesk — is compromised.

According to reports from beeping computerOn Tuesday, a number of 2K customers received emails with references to Zendesk support tickets that they had not created. Attached to the emails were zip files containing executable programs that were labeled a new launcher for 2K games, but actually contain information-stealing malware known as RedLine.

The RedLine malware sent to customers is often sold on the dark web and can locate and transmit a wide variety of sensitive data such as saved browser passwords, email account login details, cryptocurrency wallet information, credit card details, and more. In April, Bitdefender’s research identified more than 10,000 attacks with RedLine — probably only a fraction of the number that occurs monthly.

So far, 2K has not provided additional information on the number of customers that may be affected. The company’s Twitter account hadn’t posted any further updates on Wednesday morning, and the company did not respond to questions from The edge at the time of publication.

According to the details shared in the first tweet, the support desk will remain offline while the company is addressing the situation. All customers who interacted with the malicious links were advised to install and run an antivirus program, check their email accounts for unauthorized changes, and reset all passwords stored in the browser – a task that can be difficult and time consuming for everyone involved.

“We sincerely apologize for any inconvenience and disruption this case may cause,” the Twitter statement said.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More