Game developer

2K game developer hacked days after Rockstar hack and GTA6 leak

2K, a game developer owned by Take-Two Interactive Software Inc., was hacked days after Rockstar Games Inc., another division of Take-Two, was also hackedand footage of the upcoming “Grand Theft Auto 6” game has leaked online.

The hack of 2K, which publishes games such as ‘Borderlands’, ‘Civilization’ and ‘Bioshock’, involved an unauthorized third party gaining access to the credentials of a provider of the support platform used by the company. According a warning issued Tuesday by 2k, the unauthorized party sent “a communication to some players containing a malicious link”.

All players who received the malicious link and clicked on it are advised to reset passwords for user accounts stored in their web browsers and enable two-factor authentication where possible, while avoiding 2FA with SMS verification. Players are also advised to install and run a reputable antivirus program and check their account settings to see if any forwarding rules have been added to their email accounts.

The compromise may be in the works, with 2K stating that their support portal “will remain offline while we resolve this issue” and will notify players when support is available again.

Although 2K did not name the vendor, the company notably uses Zendesk Inc. for its support portal. It’s unclear if a Zendesk account was compromised or if the account belongs to another third-party provider used by 2K, which also had access to the Zendesk-powered support portal.

beeping computer reported On Tuesday, that the messages received by 2K users came from a fake 2K support representative called “Prince K.” The messages included an attached file named “2K Launcher.zip” hosted directly on 2ksupport.zendesk.com, which claimed to be a new game launcher. The zip file contained an unsigned file called “2k Launcher.exe” which included RedLine Stealer , a low-cost password stealer sold on underground forums.

“The depth of the 2K Games breach is another supply chain security cautionary tale,” David Maynor, senior director of threat intelligence at the cybersecurity training firm Cybraire Inc., told SiliconANGLE. “This compromise allowed attackers to send official mail and host malware directly on their support server.”

Maynor added that the range of the attack seemed limited only by the imagination of the attackers. “2K Games has just released ‘NBA 2K23′, a popular basketball franchise that has brought additional scrutiny to 2K Games’ support platform,” he said.

Surja Chatterjea, Head of Products and Alliances at Enterprise Cybersecurity Solutions Provider Skybox Security Inc.described the Redline Stealer malware as a “highly sophisticated but inexpensive information stealer” that is known in malware as a service economy for its widespread impact.

“Earlier this year, there were reports of RedLine Stealer being installed on the computers of unsuspecting victims via an Internet Explorer vulnerability on outdated browsers,” Chatterjea explained, adding that “companies should manage the risks of exposure to vulnerabilities before threat actors can exploit them”.

Picture: 2K

Show your support for our mission by joining our Cube Club and our Cube Event community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, ​​Dell Technologies Founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many other luminaries and experts.