The online support site of the American video game publisher 2K has been compromised by hackers who are now using it to spread malware to unsuspecting gamers.
2K is well known in the video game industry and the company has published titles from many popular game franchises including Borderlands, Civilization, Bioshock, XCOM as well as sports franchises like NBA 2K, WWE 2K and PGA Tour 2K.
As reported by BleepingComputer (opens in new tab), 2K customers recently began receiving emails that said they had opened a support ticket on its support site which is run by Zendesk. However, many users took to Twitter and Reddit to complain that they had received an email despite not actually filing a support request.
If you do happen to receive one of these messages or any follow-up emails purporting to be from 2K, you should delete them immediately and not download any attachments they contain.
Crossing the RedLine
After these fake support tickets were opened, gamers also received another email that contained a reply to their ticket from a support representative named “Prince K” who claims to work at 2K.
These emails include an attachment named “2K Launcher.zip” that may appear like a new game launcher but is actually the RedLine password-stealing malware. After analyzing this attachment, BleepingComputer found that the executable file it contained was not digitally signed by the company and that it’s original file name was “Plumy.exe”
RedLine Stealer is a malware strain capable of stealing victim’s personal data including their browser history, browser cookies, saved browser passwords, credit cards, VPN passwords, system information and cryptocurrency wallets. It’s readily available on dark web marketplaces and has been used in phishing attacks, YouTube videos and fake game cracks and cheats to harvest passwords and other credentials.
What to do if you downloaded the fake 2K Launcher
If you happened to receive one of the emails sent out in this campaign and went ahead and downloaded and installed the fake 2K Launcher, there are several steps you should take immediately.
First off, you should use one of the best antivirus software solutions to scan your system and remove any malware that’s detected. Next up, you should change the passwords for any sites you frequently visit and consider using one of the best password managers to generate new passwords for your accounts that are both strong and unique.
2K appears to be aware of this issue as the company has taken its support system offline. Tom’s Guide has also reached out to the company and will update this story once we hear back.