The hackers really targeted the gaming industry this week – and seem to have focused on companies related to Take-Two Interactive.
Tuesday, game publisher 2K Games notified the public that an “unauthorized third party” had compromised its support platform and used it to send malicious links to customers. The disclosure came just a day after Rockstar confirmed that development footage of GTA VI was stolen and leaked by a hacker who broke into its network and downloaded confidential data.
There’s no sign (yet) that the 2K hack is related to Rockstar’s earlier breach, but both Rockstar and 2K are owned by Take-Two Interactive, making this a particularly damaging week for Rockstar’s security record. mother Society.
2K Games is the publisher of a number of popular franchises across the sports, shooter and action genres, including Borderlands, BioShock, Civilizationand the NBA 2K and WWE 2K series. Together, these games have sold hundreds of millions of units: NBA 2K The franchise alone had sold 112 million copies by 2021. With that massive player base, it’s a big deal when one of the company’s trusted news channels – in this case , the helpdesk, operated by Zendesk – is compromised.
According to reports from beeping computer, on Tuesday, a number of 2K customers received emails referring to Zendesk support tickets that they had not created. Attached to the emails were zip files containing executable programs labeled as a new launcher for 2K games – but which actually contained information-stealing malware known as RedLine.
The RedLine malware that was sent to customers is commonly sold on the dark web and is capable of locating and transmitting a wide range of sensitive data, such as saved browser passwords, email account login details , cryptocurrency wallet information, credit card information, etc. . In April, Bitdefender research identified over 10,000 attacks using RedLine – likely only a fraction of the number that takes place on a monthly basis.
So far, 2K has not provided additional information on how many customers may have been affected. The company’s Twitter account had posted no further updates Wednesday morning, and the company did not respond to questions from The edge at the time of publication.
According to the details shared in the initial tweet, the help desk will remain offline while the company deals with the situation. All customers who had interacted with the malicious links were asked to install and run an anti-virus program, monitor their email accounts for unauthorized changes, and reset passwords stored in the browser – a task that could prove to be difficult and time-consuming for everyone involved.
“We deeply apologize for any inconvenience and disruption this matter may cause,” the Twitter statement read.