Call of Duty players taken out by dangerous self-spreading malware

Call of Duty Modern Warfare 2 multiplayer
(Image credit: Activision Blizzard)

Hackers have reportedly infected one of the most popular Call of Duty online games with potentially dangerous self-replicating malware.

A report by TechCrunch found Call of Duty: Modern Warfare 2 had been targeted by a worm that was able to spread automatically in online lobbies.

The game, which was released in 2009 but still counts a passionate fanbase, has been taken offline while publisher Activision carries out a full investigation.

Call of Duty malware

“Multiplayer for Call of Duty: Modern Warfare 2 (2009) on Steam was brought offline while we investigate reports of an issue,” a tweet from the official Call of Duty Updates accounts noted.

The issue was first flagged in June 2023 by a user writing on the game's Steam forum. In a thread, the poster noted that hackers, “attack using hacked lobbies,” with initial analysis finding the malware present in the VirusTotal online threat repository.

Further analysis posted in the Steam thread identified the malware as a worm, able to exploit security vulnerabilities in application code, meaning it can get around typical safeguards surrounding code injection. Once it has infected a game lobby, the malware is then able to run localized code, infecting the machines of any user accessing the session.

The issue only appears to affect PC versions of the game, but recent announcements boosting backwards compatibility may have made it a more popular target for hackers and scammers alike.

Players or anyone else who has accessed the game since June 2023 are recommended to run an antivirus or other security protection scan immediately.

Activision was famously the victim of a major cyberattack in December 2022 that saw nearly 20,000 records of employee details, including full names, email addresses, phone numbers and office addresses stolen and published online.

The data, which the hackers claim was stolen from Activision's instance of the content delivery network (CDN) Azure, was offered online for free to all users of a popular hacking forum.

  • Keep your business protected with the best firewall tools around
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.