Hackers just hijacked 2K’s support site to spread malware to gamers

News
By last updated

Be on the lookout for fake support ticket emails from 2K

2K games logo on phone
(Image credit: Shutterstock)

The online support site of the American video game publisher 2K has been compromised by hackers who are now using it to spread malware to unsuspecting gamers.

2K is well known in the video game industry and the company has published titles from many popular game franchises including Borderlands, Civilization, Bioshock, XCOM as well as sports franchises like NBA 2K, WWE 2K and PGA Tour 2K.

As reported by BleepingComputer, 2K customers recently began receiving emails that said they had opened a support ticket on its support site which is run by Zendesk. However, many users took to Twitter and Reddit to complain that they had received an email despite not actually filing a support request.

If you do happen to receive one of these messages or any follow-up emails purporting to be from 2K, you should delete them immediately and not download any attachments they contain.

Crossing the RedLine 

Malware

(Image credit: solarseven/Shutterstock)

After these fake support tickets were opened, gamers also received another email that contained a reply to their ticket from a support representative named “Prince K” who claims to work at 2K.

These emails include an attachment named “2K Launcher.zip” that may appear like a new game launcher but is actually the RedLine password-stealing malware. After analyzing this attachment, BleepingComputer found that the executable file it contained was not digitally signed by the company and that it’s original file name was “Plumy.exe”

RedLine Stealer is a malware strain capable of stealing victim’s personal data including their browser history, browser cookies, saved browser passwords, credit cards, VPN passwords, system information and cryptocurrency wallets. It’s readily available on dark web marketplaces and has been used in phishing attacks, YouTube videos and fake game cracks and cheats to harvest passwords and other credentials.

What to do if you downloaded the fake 2K Launcher

If you happened to receive one of the emails sent out in this campaign and went ahead and downloaded and installed the fake 2K Launcher, there are several steps you should take immediately.

First off, you should use one of the best antivirus software solutions to scan your system and remove any malware that’s detected. Next up, you should change the passwords for any sites you frequently visit and consider using one of the best password managers to generate new passwords for your accounts that are both strong and unique.

2K appears to be aware of this issue as the company has taken its support system offline. Tom’s Guide has also reached out to the company and will update this story once we hear back.

See more Computing News
Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Reddit logo and Reddit logo on phone
Hackers have created hundreds of fake Reddit sites to spread info-stealing malware
A magnifying glass on top of the Steam logo in a web browser
Valve recommends a full PC reset after malware-infected game discovered on Steam
A hacker typing quickly on a keyboard
Hackers are posing as Apple and Google to infect Macs with malware — don’t fall for these fake browser updates
A hacker typing quickly on a keyboard
Thousands of WordPress sites hijacked to spread Windows and Mac malware - how to stay safe
An image of a CAPTCHA
Hackers are using reCAPTCHA to trick users into infecting their own PCs with malware — how to stay safe
MacBook Pro 2023
Macs under attack from North Korean malware stealing passwords and more — how to stay safe
Latest in Malware & Adware
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Green skull on smartphone screen.
Over 1 million Android devices infected with password-stealing, pre-installed botnet malware — how to stay safe
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
PayPal logo on iPhone
Watch out! Scammers are using this PayPal setting to take over your PC
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Monday, March 17 (#645)
iPhone 17 Air render
New leaked iPhone 17 dummy units show off super-thin iPhone 17 Air with this surprising design tweak
Simone Ashley and Hero Fiennes Tiffin in "Picture This" now streaming on Prime Video
Prime Video top 10 has 3 must-watch movies — including a bubbly romcom starring 'Bridgerton's' Simone Ashley
(L-R) Josh Hartnett as Cooper and Ariel Donoghue as Riley in "Trap"
Netflix top 10 movies — here’s the 3 worth watching right now
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #379 (Monday, March 17 2025)
iOS 19 logo on an iPhone
Apple WWDC 2025: iOS 19 and everything we know so far
More about malware and adware
A person trying to set up a new Wi-Fi router

Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.

Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Paul Mescal as Calum Paterson and Frankie Corio as Sophie Paterson in Aftersun (A24)

Paul Mescal's best performance is leaving Netflix soon — stream it while you can
See more latest
Most Popular
Paul Mescal as Calum Paterson and Frankie Corio as Sophie Paterson in Aftersun (A24)
Paul Mescal's best performance is leaving Netflix soon — stream it while you can
a photo of a woman in her 60's working out
Not swimming or Pilates — a Harvard study reveals this exercise protects memories and keeps your mind sharp
Uzo Aduba as Cordelia Cupp and Randall Park as Edwin Park in "The Residence"
I watch Netflix for a living — here’s the 7 new shows and movies I’d stream this week
The Residence; Severance; Good American Family
5 top new TV shows to stream this week on Netflix, Hulu and more (March 17-23)
NYTimes Connections
NYT Connections today hints and answers — Monday, March 17 (#645)
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #379 (Monday, March 17 2025)
iPhone 17 Air render
New leaked iPhone 17 dummy units show off super-thin iPhone 17 Air with this surprising design tweak
Simone Ashley and Hero Fiennes Tiffin in "Picture This" now streaming on Prime Video
Prime Video top 10 has 3 must-watch movies — including a bubbly romcom starring 'Bridgerton's' Simone Ashley
Jack Draper in action at Indian Wells 2025
How to watch Indian Wells men’s and women’s finals: live stream tennis online
(L-R) Josh Hartnett as Cooper and Ariel Donoghue as Riley in "Trap"
Netflix top 10 movies — here’s the 3 worth watching right now