The malware database vx-underground has identified a new information-stealing virus that specifically targets video gamers who use deceptive software in cyberspace.

Anonymous malware has reportedly inundated video gamers with a fresh influx, causing them to lose Bitcoin (BTC).

wallets in an attempt to steal information as part of a new campaign that has also been aimed at hackers.

In a March 28 X post, the malware information repository vx-underground confirmed that it was cognizant of a “currently unidentified threat actor” who was stealing the logon and other credentials of users of pay-to-cheat video game software using malware.

Elon Musk provides free premium features to X users, including crypto fraudsters.

The attacks, which also target players who purchase cheating software, have compromised more than 4.9 million accounts for Activision Blizzard users and its game store Battle.net, as well as accounts for the game-focused trading website Elite PVPers and cheat software markets PhantomOverlay and UnknownCheats.

“Affected users have started reporting that the crypto-draining process has drained their Electrum BTC wallets.” We don’t know the exact amount of money stolen, according to vx-underground.

Over the past couple of days we have become aware of malware targeting gamers! More specifically, a currently unidentified Threat Actor is utilizing an infostealer to target individuals who cheat (Pay-to-Cheat) in video games.

A Call of Duty cheat provider (PhantomOverlay) was…

— vx-underground (@vxunderground) March 27, 2024

In a March 27 Telegram message, PhantomOverlay claimed that more than half of the logins in a database it examined “are invalid garbage,” inflating the number of compromised accounts.

The malware, according to the report, “appears to be an entire network of free or cheap software” that originated from “some latency program, VPN, or something utilized by millions of gamers.”

“It’s the largest infostealer malware campaign in gaming/cheating community history.”

PhantomOverlay stated in a separate post that it “has a reasonably good idea of where the malware is coming from; however, the malware gang is cognizant of our suspicions and has progressively obstructed our ability to establish anything.”

PhantomOverlay stated that Activision Blizzard had contacted the cheat-selling website and “will assist us in helping millions of infected users.”

A spokesperson for Activision Blizzard told Cointelegraph that the company is aware of claims that malware may compromise credentials “across the industry as a whole” due to the use of or downloading unauthorized software.

Telegram provides a premium subscription in return for the use of your phone number to transmit OTPs.

The company stated that its servers “remain secure and uncompromised” and advised users to alter their passwords to further defend their accounts.

PhantomOverlay received reports of user accounts engaging in unauthorized purchases, according to a post by vx-underground.

Since PhantomOverlay contacted the purported victim, they have identified additional victims.

source