Activision warns that criminals are hiding malware inside software that claims to run cheats for Call of Duty: Warzone.
These cheats are programs that affect games to give players an unfair advantage. These cheat systems typically access computer memory and change player health, ammo, lives, inventory, and other game elements. Cheats are forbidden in almost all games, especially in online games.
Activision announced on Wednesday that a well-known cheating website was circulating fake cheats for Call of Duty: Warzone. The program contains a malware dropper to install malware on the computer instead of Call of Duty cheats. The cheat, known as Warzone Cheat Engine, was available on the website last April and recently became available again.
Hackers promoting the cheat engine told people to run the program as an administrator to prevent it from being caught by antivirus tools. While administrator privileges are necessary to run cheats, they also make it easier for malware to infect systems and achieve persistence.
“While this method is rather simplistic, it is ultimately a social engineering technique that leverages the willingness of its target (players that want to cheat) to voluntarily lower their security protections and ignore warnings about running potentially malicious software,” Activision researchers explained in a deep-dive analysis.
The researchers explained what the malware does, including operating a cryptojacker. A cryptojacker is a virus that uses infected computer resources to mine cryptocurrency.
Activision said multiple malware forums are advertising a kit that customizes the fake cheat package. The kit allows other hackers to create different versions of Warzone Cheat Engine to deliver a customized payload. The hackers selling the product advertise it as being an “effective” way to spread malware and claim it is “nice bait for your first malware project.” The hackers even have YouTube videos and other resources on how to control and deploy the virus.