Video game publisher Activision has warned the gaming community of hidden RAT Trojans masquerading as Call of Duty cheat tools.
The company behind Call of Duty: Warzone and the popular Guitar Hero series said it examined the hacking tool that was promoted for use against gamers on multiple hacking forums.
According to a recent report, threat actors posted a free “newbie friendly” and “effective” method for spreading a RAT – promoting the malicious software as a video game cheat program, as it also requires the user to disable or uninstall security solutions and host firewalls on the device. The post thread soon gained over 10,000 views and 260 replies from readers.
“In addition, the post links to a YouTube video that shows the method and provided files in use which has close to 5,000 views,” Activision explained.
“The post and detailed instructions allow for even unsophisticated threat actors to have a step-by-step guide on utilizing this technique against unsuspecting cheat seekers. Instead of malicious actors putting in hours of work creating complicated mitigation bypasses or leverages existing exploits – they can instead work to create convincing cheat advertisements, which if priced competitively, could potentially get some attention.”
On Dec. 25, the threat actors provided a tutorial aimed at newbies looking to make “$50-$100 in pure profit per DAY with no investment” alongside the COD-Dropper v0.1.
“The dropper itself is a .NET application that downloads and executes an arbitrary executable,” the technical analysis reads. “Unless already disabled, UAC (User Account Control) will prompt the user to agree to allow the downloaded executable to run with administrative privileges.”
Although this method of infecting gamers may seem simplistic, it can be quite effective, based solely on the eagerness of players who want to cheat.
“It is ultimately a social engineering technique that leverages the willingness of its target (players that want to cheat) to voluntarily lower their security protections and ignore warnings about running potentially malicious software,” Activision added.