September 26, 2022

TheCyberThrone

Thinking Security ! Always

2K Game Developer Breached

2K, a game developer owned by Take-Two Interactive Software, publisher of popular games Borderlands, Civilization and Bioshock, has been hacked.

The hack of 2K, involved an unauthorized third party accessing the credentials of a vendor of the help desk platform used by the company.

Advertisements

Any players who have received the malicious link and who clicked on it are advised to reset user account passwords stored in their web browser and enable two-factor authentication wherever possible while avoiding 2FA with text message verification. Players are also advised to install and run a reputable antivirus program and check their account settings to see if any forwarding rules have been added to their email accounts.

2K says that their support portal will “remain offline while we address this issue” and that it will let players know when support is available again.

Although 2K did not name the vendor, notably the company uses Zendesk for its support portal. It’s unknown if Zendesk account was compromised or if the account belongs to another third-party vendor used by 2K, which also had access to the Zendesk-powered support portal.

As per the Bleeping Computer, the messages received by 2K users came from a fake 2K support representative called “Prince K.” The messages included an attached file named “2K Launcher.zip” hosted directly on 2ksupport.zendesk.com, which pretended to be a new game launcher. The zip file contained an unsigned file called “2k Launcher.exe” that included RedLine Stealer, a low-cost password stealer sold on underground forums.

Advertisements

The depth of 2K Games breach is another cautionary tale of supply chain security. 2K Games just released ‘NBA 2K23,’ a popular basketball franchise that brought extra scrutiny to the 2K Games support platform.

This comes in days after the Rockstar Games has been hacked anddemoralized. Companies must address vulnerability exposure risks before threat actors can exploit them.

%d bloggers like this: