Hackers have been targeting players of Call of Duty: Modern Warfare 2 with a self-spreading malware, commonly known as a worm, for approximately a month. Their method involves exploiting a bug that was initially reported to the game’s publisher, Activision, five years ago. The screenshot of the malware’s code was shared on Twitter, revealing that it utilizes a bug discovered and reported by security researcher Maurice Heumann in 2018.

Heumann claimed that Activision never issued a fix for the bug, despite his follow-up email six months after the initial report. He chose not to disclose the bug publicly to avoid putting players at risk. Describing the bug, Heumann mentioned that it was a simple buffer overflow with minimal limitations, making it effortless to exploit.

Another security researcher reviewed the malware sample and confirmed the presence of the relevant code. The sample is now acknowledged as “CoDworm” by certain antivirus engines. Activision has not yet commented on the issue but recently took Call of Duty: Modern Warfare 2 offline on the gaming platform Steam for investigation purposes.

The reasons behind Activision’s failure to address Heumann’s bug from 2018 remain unclear. Although the game is 14 years old, it is still available for purchase and has an active online player community. The intentions of the hackers responsible for the worm are also unknown.

In addition to discovering and reporting bugs, Heumann used to develop a modified version of Call of Duty: Black Ops III that patched significant vulnerabilities in the game. This project granted players a safe way to play. However, in May, Activision sent Heumann a cease and desist letter, forcing him to shut down the project.

