Call of Duty players returning to the 2009-launched Modern Warfare II are being targeted by hackers in a massive malware push that's able to self-replicate and spread through the game's multiplayer lobbies. Data collected on the incident seems to point to June 26 as its starting point, as that was when it was first publicly reported directly on Steam's forums. The malware infection has seemingly been enough for Activision to bring the game offline, even if the company's acknowledgement of the issue is as opaque as could be.
📢 Multiplayer for Call of Duty: Modern Warfare 2 (2009) on Steam was brought offline while we investigate reports of an issue.July 26, 2023
Some more knowledgeable players within the Steam community then attempted to dissect the malware, which was found to have a match in Virus Total's database. According to the findings, the rogue malware appears to be a worm, which exploits security vulnerabilities in applications' code. That ability allows it to circumvent usual protections against code injection, and once the malware infects a lobby, it's able to run localized code on machines of the users accessing that session.
For now, malware infections have only been reported for this specific Call of Duty game, but considering that different Call of Duty entries launched around the 2009 time-frame are likely using most of the same multiplayer code, it's possible that other games in the series may be vulnerable to the exploit.
The issue is made especially relevant due to the recent uptick in gamers logging into older Call of Duty titles following a server-side fix that brought the games back to the limelight through Xbox backwards compatibility. It doesn't appear that the game is being exploited on console installations, so it seems like you can rest easy if you're not on PC. But it's certain that following media reports on the resurgent player base, other users too will find reasons to return to the games in their platforms of choice. If that platform happens to be PC and you logged into the games' servers from June 26 through Activision's server closure to solve "an issue", you'd better act on the "safer, not sorry" mentality and run your antivirus solution of choice.
