2K Games hit by cyberattack in which malware was sent via helpdesk

Publisher 2K Games has been the victim of a cyber attack in which hackers managed to penetrate the company’s help desk. Subsequently, emails containing malware were allegedly sent to gamers via the helpdesk account.

The cyber attack took place on September 20, after which, according to the company, emails were sent to gamers on behalf of the 2K helpdesk containing a link to the so-called new 2K launcher. Therefore, 2K Games has closed the helpdesk for the time being. All recent e-mails from the helpdesk must therefore be seen as fake. As far as is known, no user data was stolen during the cyber attack; it only seems to be a compromised helpdesk account.

2K advises victims not to open the email and the link sent in it. If this has already happened, the company recommends changing all passwords stored in the browser, enabling two-step verification, using an antivirus program, and verifying that no email settings have been changed.

BleepingComputer’s investigation shows that the fake launcher in the emails is actually RedLine Stealer malware. This software is commonly used to steal locally stored credentials. In this case, the program would have looked for sensitive data in files from FileZilla, Discord, Steam and web browsers, among others.