Video game company 2K had its help desk platform compromised in a cyberattack, which then involved the distribution of the information-stealing malware RedLine Stealer to embedded links in fake support tickets sent to customers, reports BleepingComputer.
Attackers have sent malicious emails informing recipients about support tickets opened on 2K's online support ticketing system, with opening the said tickets then prompting replies including links for a '2K Launcher.zip' file that contains the RedLine info-stealer malware.
Various types of data could be exfiltrated using RedLine Stealer, including browser history, browser-stored passwords and cookies, VPN credentials, cryptocurrency wallets, credit cards, and instant messaging content.
Customers who received the emails have been urged not to open the messages or links and instead reset their browser-stored passwords, activate multi-factor authentication, modify their email account settings.
"We will issue a notice when you can resume interacting with official 2K help desk emails, and we will also follow-up with additional information as to how you can best protect yourself against any malicious activity," said 2K.
New variants of the QBot malware, also known as Qakbot, have emerged since mid-December despite having been disrupted in August, suggesting continuous testing by the malware developer, BleepingComputer reports.
More than $10 billion in fraud-related losses were reported by U.S. consumers for the first time in 2023, representing a 14% growth over 2022, even though the number of individuals who reported being targeted by fraud held steady at over 2.6 million, BleepingComputer reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news