Security researchers have discovered a new malware campaign targeting users of cheat software for popular battle royale title Call of Duty: Warzone.

In a lengthy report, publisher Activision describes the method of attack, which sees malware dressed up as a Warzone cheat and distributed via online gaming forums.

When the download is triggered, a type of malware known as a dropper is installed on the victim’s machine, laying the groundwork for further attacks and data theft.

“The dropper examined in this report, ‘Cod Dropper v0.1’, can be customized to install other, more destructive malware onto the targets’ machines,” explained Activision.

The architect of the malware has also gone to great lengths to ensure that even the most unsophisticated threat actors can execute the attack. In one post, the dropper is described as ideal for “noobies looking to make some easy money” and “nice bait for your first malware project”.

According to Activision, the campaign has been live for upwards of a year and the various online guides, forum posts and tutorial videos have accrued tens of thousands of combined views.

Call of Duty: Warzone cheaters

Although cybercriminal activity should never be condoned, in any context, fewer people are likely to lose sleep over this particular malware campaign.

While cheating is rife in many online games, it is felt all the more keenly in a game like Warzone, in which the player is given only a single life (albeit with a chance to return to play via the Gulag) before being thrown back to the lobby.

In a notice published in early February, Call of Duty staffers announced the banning of 60,000 accounts caught using cheat software, bringing the total number of “permabans” up to 300,000.

“We are also continuing our efforts to identify and address cheat providers at the source, who distributed unauthorized third party software for modding or hacking. We are committed to delivering a fair and fun experience for all players,” said Activision at the time.

As well as causing frustration among legitimate players, the popularity of cheat software also poses a distinct opportunity for cybercriminals. For many cheats to operate as intended, they need to be given extensive access permissions and configuration guides often encourage users to disable antivirus services and other security measures. 

This combination of qualities makes video game cheats the perfect vehicle for the introduction of malware.

“When it comes down to it, the dependencies for a ‘genuine’ cheat to work are the same as those needed by most malware tools to successfully execute,” explained the researchers responsible for the discovery.

“While this method is rather simplistic, it is ultimately a social engineering technique that leverages the willingness of its target to voluntarily lower their security protections and ignore warnings about running potentially malicious software.”

To shield against this kind of attack, players are advised to download files from reputable sources only, to protect their devices with a leading antivirus service and, alternatively, not to cheat at Call of Duty.

  • Here’s our list of the best password managers right now