> Activision Finds Malware Inside Warzone Cheat

Lorenzo Franceschi-Bicchierai at Vice:

Security researchers at the gaming company published an in depth report about the malware on Wednesday, revealing the clever malware campaign. Activision security researchers found that a Warzone cheat advertised on popular cheating forums was actually malware that let hackers take control of the victims’ computers. The cheat installed a “dropper,” a type of malicious application that can be used to download and install other types of malware on the victim’s computer. “The dropper examined in this report, ‘Cod Dropper v0.1,’ can be customized to install other, more destructive, malware onto the targets’ machines,” the report reads.

I think it goes without saying that Malware is bad and I’m against it. That said: fuck ’em. If they’re dumb or desperate enough to cheat I don’t feel bad.

Many popular cheats require users to disable anti-virus programs and give the cheating software the highest security privileges on the cheater’s computer in order to remain undetected by anti-cheating software. This is a golden opportunity for malware, like the kind revealed in Activision’s report. With those security features disabled, cheaters might not see the red flags that warn them that the application they downloaded is actually malware. “When it comes down to it, the dependencies for a ‘genuine’ cheat to work are the same as those needed by most malware tools to successfully execute. System protections need to be bypassed or disabled, and privileges need to be escalated to allow the program to run correctly and/or establish persistence,” the Activision researchers wrote in the report. “While this method is rather simplistic, it is ultimately a social engineering technique that leverages the willingness of its target (players that want to cheat) to voluntarily lower their security protections and ignore warnings about running potentially malicious software.”

This reminds me of the situation we had last spring over Doom Eternal’s anti-cheat system. It wanted kernel level access to Windows. That level of access is reserved for the most fundamental parts of an operating system like basic input/output, CPU scheduling and system calls. It’s the part of the operating system that literally interacts with your hardware. Not a good thing and this was supposed to be the thing that prevented cheating.

I don’t know if Activision needs to go that far but they definitely need to do something before things like this end up affecting legitimate users.

> ▋