500,000 employee passwords, trading on the dark web of popular game companies

500,000 employee and consumer passwords that technology firm Kela claims to have stolen from 25 big game firms are traded on the dark web as game businesses begin to be vulnerable to cyber attacks. What is being done has been noticed. In all, they uncovered 1 million violating certificates, half of which are claimed to be for sale.

Over the past year, the gaming industry has attracted intense scrutiny from cyber attackers. Things have occurred in the gaming industry, from stealing IDs in the game ecosystem, to illegal offenses linked to different products, as well as stealing various in-game merchandise collected by players by fully taking ownership of the account itself. Also common are DDoS attacks that paralyze game networks.

What Kella found this time is on the same line as the previous events in which a ‘hacking attack targeting the gaming industry’ persists, but it is a little different in that the material is being exchanged that opens the door to the core of the game industry. “The corona has led to a boom in the gaming industry and has now grown into a $19 billion industry,”Corona has led to a boom in the gaming industry and has now grown into a $19 billion industry. “Cyber attackers are simply gamers. I can’t be happy with a few accounts being touched.”

Hackers now take a range of steps to get into the game business itself, according to Kella’s study, especially using malware such as AZORult, or performing sophisticated phishing attacks against employees. do. Azoralt is a malware that steals knowledge, which is mostly used to steal passwords. This allows attackers to move horizontally within the infiltrated network.

Besides, Jujuman explains, the protection of game companies is not very good. Hackers are still attacking, but the market is not very powerful, so the success rate of attacks will be high, right? Currently, the dark web is filled with the credentials of gaming companies in recent years. “In particular, through VPN service, website management portal, admin panel, and developer environment, the credentials of game company employees began to stand out.” Of course, ransomware attacks continue to occur.

There have been at least four cases of ransomware in the gaming industry in the last three months. Three of these incidents were reported by the newspapers. The other one has not yet been released, but a recent media interview indicated that Sodinokibi was tainted. This is the reason for Kella.

It is none other than the executives and staff who are most often attacked in attacks directed at game firms. The most troublesome are people.

We often target particular individuals through sophisticated phishing attacks, but in previous information leak events that happened in other businesses or services, we sometimes find the login credentials of game company employees. Credentials can be obtained on the dark web at low rates, and people use the same credentials here and there, so there is a high possibility of taking over the account as an intruder, with a limited expenditure of capital.

The Dark Web also sells so-called ‘Advanced’ links to the backend of the game maker. I even saw access in one bundle to SSO, Kibana, Jira, Slack, VPN, password manager, poweradmin, and more.

It can be very high-level data, but it’s not even $10 per right of access.

Kella indicates that in 2021, game enterprises will begin to expand and will also continue to attract hacker scrutiny, and that they should pay particular attention to insider attacks. In other words, staff should not leak classified details or lack account monitoring by security preparation. Some of the aspects that should be accomplished in this sense include configuring better passwords, updating them periodically, and implementing different authentication schemes.

“Any fast-growing industry is bound to be the victim of hackers, not just games. In other words, cyber threats by hackers should involve all potential ‘growth pains’. In the future, the gaming industry will begin to expand as well. Revenues are going to get bigger, and people are going to get wealthy. It has to be an enticing option for stabbing hackers. Render their assaults as awkward as possible. What now needs to be seen by the growing gaming industry is ‘protection.’

Over the past year, the gaming industry has attracted intense scrutiny from cyber attackers. Things have occurred in the gaming industry, from stealing IDs in the game ecosystem, to illegal offenses linked to different products, as well as stealing various in-game merchandise collected by players by fully taking ownership of the account itself. Also common are DDoS attacks that paralyze game networks.

What Kella found this time is on the same line as the previous events in which a ‘hacking attack targeting the gaming industry’ persists, but it is a little different in that the material is being exchanged that opens the door to the core of the game industry. “The corona has led to a boom in the gaming industry and has now grown into a $19 billion industry,”Corona has led to a boom in the gaming industry and has now grown into a $19 billion industry. “Cyber attackers are simply gamers. I can’t be happy with a few accounts being touched.”

Hackers now take a range of steps to get into the game business itself, according to Kella’s study, especially using malware such as AZORult, or performing sophisticated phishing attacks against employees. do. Azoralt is a malware that steals knowledge, which is mostly used to steal passwords. This allows attackers to move horizontally within the infiltrated network.

Besides, Jujuman explains, the protection of game companies is not very good. Hackers are still attacking, but the market is not very powerful, so the success rate of attacks will be high, right? Currently, the dark web is filled with the credentials of gaming companies in recent years. “In particular, through VPN service, website management portal, admin panel, and developer environment, the credentials of game company employees began to stand out.” Of course, ransomware attacks continue to occur.

There have been at least four cases of ransomware in the gaming industry in the last three months. Three of these incidents were reported by the newspapers. The other one has not yet been released, but a recent media interview indicated that Sodinokibi was tainted. This is the reason for Kella.

It is none other than the executives and staff who are most often attacked in attacks directed at game firms. The most troublesome are people.

We often target particular individuals through sophisticated phishing attacks, but in previous information leak events that happened in other businesses or services, we sometimes find the login credentials of game company employees. Credentials can be obtained on the dark web at low rates, and people use the same credentials here and there, so there is a high possibility of taking over the account as an intruder, with a limited expenditure of capital.

The Dark Web also sells so-called ‘Advanced’ links to the backend of the game maker. I even saw access in one bundle to SSO, Kibana, Jira, Slack, VPN, password manager, poweradmin, and more.

It can be very high-level data, but it’s not even $10 per right of access.

Kella indicates that in 2021, game enterprises will begin to expand and will also continue to attract hacker scrutiny, and that they should pay particular attention to insider attacks. In other words, staff should not leak classified details or lack account monitoring by security preparation. Some of the aspects that should be accomplished in this sense include configuring better passwords, updating them periodically, and implementing different authentication schemes.

“Any fast-growing industry is bound to be the victim of hackers, not just games. In other words, cyber threats by hackers should involve all potential ‘growth pains’. In the future, the gaming industry will begin to expand as well. Revenues are going to get bigger, and people are going to get wealthy. It has to be an enticing option for stabbing hackers. Render their assaults as awkward as possible. What now needs to be seen by the growing gaming industry is ‘protection.’