- Many ‘Call of Duty: Warzone’ accounts fall victim to what looks like credential stuffing attacks.
- Activision is failing to address the problem, and its support teams appear to be overwhelmed by user reports.
- The hackers are extorting the account owners and demand Bitcoin payments in order to give them back.
There’s a surge of ‘Call of Duty: Warzone’ online FPS players complaining on social media about their accounts having been hacked, and they also report that the hackers are extorting them. Unfortunately, they all agree on one thing: Activision’s apparent negligence, failure to respond to their reports, and reluctance in helping them regain access to the stolen accounts.
We have recently covered a story about the humongous size of the stolen game accounts market, and it looks like the popularity of ‘Warzone’ was too much for hackers to let it pass.
Activision Accounts are being hacked & sold in increasing numbers. This is HUGE breach, yet @Activision ignores the issue & customers. If a hacker gets into your account they can deactivate it which wipes all progress!!! https://t.co/139WdPzt3U #ModernWarfare #Warzone @ATVIAssist
— 🇨🇺GG RELOADED🇨🇺 (@GOHGAMER) September 5, 2020
As Motherboard reports on the matter, there are multiple forum users who generally sell video game cheats, and who are now including Warzone accounts in their offerings. These accounts are further promoted by taking screenshots to showcase the in-game items owned by the player.
If the accounts have rare weapon skins, the listing gets a tag in the hundreds of dollars. This may sound like a lot, but getting these items from purchased crates would require a much greater amount of money. Also, unlocking some items requires a lengthy playtime, so these accounts are bought by people who want to dive right in with a head-start.
In several cases, people who lost their accounts to hackers had spent money buying in-game items themselves, which is another real-life example of why buying virtual items is never a good idea.
In other cases, the hackers have reached out to the compromised account owners and offered to give them their accounts back if they paid them $400 in Bitcoin. One of these addresses has already amassed 1.2 Bitcoin ($12,225) through payments that range between $20 and $2,600. This tells us that the ransom may range depending on the account value, which makes sense.
Since Activision’s support isn’t doing much about the above, players are left to deal with it on their own. Even the mandatory 2FA verification introduced last month isn’t helping, as hackers are now selling pre-verified accounts that pass through Activision’s filters.
That said, ignoring the game until Activision’s support decides to finally rise to the occasion would send a powerful message. Unfortunately, many of the players who got hacked have simply created a new account and restarted their journey, even buying in-game items again.