Hackers just hijacked 2K’s support site to spread malware to gamers
Be on the lookout for fake support ticket emails from 2K
The online support site of the American video game publisher 2K has been compromised by hackers who are now using it to spread malware to unsuspecting gamers.
2K is well known in the video game industry and the company has published titles from many popular game franchises including Borderlands, Civilization, Bioshock, XCOM as well as sports franchises like NBA 2K, WWE 2K and PGA Tour 2K.
As reported by BleepingComputer, 2K customers recently began receiving emails that said they had opened a support ticket on its support site which is run by Zendesk. However, many users took to Twitter and Reddit to complain that they had received an email despite not actually filing a support request.
If you do happen to receive one of these messages or any follow-up emails purporting to be from 2K, you should delete them immediately and not download any attachments they contain.
Crossing the RedLine
After these fake support tickets were opened, gamers also received another email that contained a reply to their ticket from a support representative named “Prince K” who claims to work at 2K.
These emails include an attachment named “2K Launcher.zip” that may appear like a new game launcher but is actually the RedLine password-stealing malware. After analyzing this attachment, BleepingComputer found that the executable file it contained was not digitally signed by the company and that it’s original file name was “Plumy.exe”
RedLine Stealer is a malware strain capable of stealing victim’s personal data including their browser history, browser cookies, saved browser passwords, credit cards, VPN passwords, system information and cryptocurrency wallets. It’s readily available on dark web marketplaces and has been used in phishing attacks, YouTube videos and fake game cracks and cheats to harvest passwords and other credentials.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
What to do if you downloaded the fake 2K Launcher
If you happened to receive one of the emails sent out in this campaign and went ahead and downloaded and installed the fake 2K Launcher, there are several steps you should take immediately.
First off, you should use one of the best antivirus software solutions to scan your system and remove any malware that’s detected. Next up, you should change the passwords for any sites you frequently visit and consider using one of the best password managers to generate new passwords for your accounts that are both strong and unique.
2K appears to be aware of this issue as the company has taken its support system offline. Tom’s Guide has also reached out to the company and will update this story once we hear back.
Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.