Games giant Activision took down “Call of Duty: WWII” due to hackers exploiting a flaw in a specific PC version of the game, which led to several players getting their computers hacked, TechCrunch has learned.
Last week, Activision announced that it brought offline the Microsoft Store version of “Call of Duty: WWII,” a 2017 first-person shooter, as the company was investigating “reports of an issue,” without specifying what the issue was. The company had just launched that version of the game, also available on Game Pass, a subscription service that provides access to several games for a monthly fee.
A person with knowledge of Activision’s response told TechCrunch that the company took the game offline because of the hacks and while it works to patch the issue. TechCrunch is not naming the person as they are not authorized to speak to the press.
Several video game news outlets reported on the story and noted that several players complained on social media that they had been hacked while playing the game. Until now, there had not been a confirmed link between the two events.
“The game is not safe to play on PC right now, there’s an RCE exploit,” a player wrote on Reddit last week, referring to a type of bug known as remote code execution, which allows hackers the ability to plant malware capable of essentially taking control of a victim’s device.
The game for the Microsoft Store and Game Pass remains down at the time of publication, per Activision’s status page.
Activision did not respond to multiple requests for comment.
The game publisher took down only the Microsoft Store and Game Pass version of “Call of Duty: WWII” because they were different versions of the game than listed on Steam, and contained an old flaw that had been patched on other versions of the game, according to two sources with knowledge of the situation.
Contact Us
Do you have more information about these hacks? Or other video game hacks? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
In the last couple of years, Activision has had to deal with several hacking incidents. In November 2024, a hacker found a flaw in “Call of Duty’s” anti-cheat system that allowed them to ban thousands of legitimate gamers. Earlier in the year, the company investigated a hacking campaign targeting players with infostealer malware, a type of malicious software designed to steal a victim’s passwords. In 2023, hackers used a self-spreading malware — a computer worm — to hack “Call of Duty: Modern Warfare” players, thanks to an unpatched years-old bug in the game.
In recent times, some video game companies have beefed up their cybersecurity teams, as well as their anti-cheat teams. Activision, however, has gone through several rounds of layoffs in the last few years, some of which have directly affected its cybersecurity teams.
