Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Over 500,000 credentials for tens of gaming firm available in the Dark Web

The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked online. The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen credentials belonging to the top 25 gaming firms. The alarm was raised by the threat intelligence firm Kela […]

gaming industry

The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked online.

The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen credentials belonging to the top 25 gaming firms.

The alarm was raised by the threat intelligence firm Kela which reported the availability for sale of the credentials in multiple hacking forums and criminal marketplace.

“KELA found nearly 1 million compromised accounts pertaining to gaming clients and employees, with 50% of them offered for sale during 2020.” reads the post published by Kela.

“KELA detected more than 500,000 leaked credentials pertaining to employees of the leading companies in the gaming sector.”

The profits for the gaming industry increased due to the ongoing COVID-19 pandemic because more people remained at home during the lockdown and had more time to spend with video games.

The researchers found 1 million compromised credentials associated clients of organizations in the gaming industry.

For the past two months, we’ve observed several different actors looking for access to networks of gaming companies.

The leak is related to an intense activity observed by experts in the last months when the demand for initial network access to gaming companies has surged in Russian-speaking hacking communities. Threat actors were interested in access to developers’ networks of major firms, including Microsoft Xbox, Nintendo, Qualcomm, and Apple.

gaming industry
Access to an online game of a Germany-based developer – Source KELA

The post published by Kela includes adv for stolen credentials and accesses for the organizations in the gaming industry along with posts of threat actors searching for them.

“It’s important to note that we detected compromised accounts to internal resources of nearly every company in question. These resources are meant to be used by employees, for example – Admin panels, VPNs, Jira instances, FTPs, SSOs, dev-related environments, and the list goes on and on.” continues the report.

Threat actors obtained precious information by using info-stealer like AZORult and launched spear-phishing attacks against gaming forms.

Game-company credentials for VPN services, website management portals, admin panels, dev-related environments and Jira instance access are flooding the underground marketplace.

Access to the core areas of a company’s network could be obtained paying just a couple of dollars.

For the past three months, the experts also observed four ransomware incidents suffered by gaming firms.

Most of the attacks exploit the human factor to compromise the target organizations, the experts found that the credentials available for sale also include high-profile email addresses (i.e. executives and senior employees)..

Kela recommends the adoption of stringent password guidelines, including enforcing password changes and adopting multi-factor authentication.

“Some attackers try to search for the specific data and information that is relevant to the scope or industry of the victim and reproduce the successful attacks. As the gaming industry continues to grow in revenue, we will likely continue to detect more threats and attacks targeting the online gaming industry,” concludes the report.

In September I published a detailed analysis of cybercriminal activities targeting the gaming sector, It is written in Italian and require a free registration:

https://ilmanifesto.it/perche-i-giochi-online-piacciono-tanto-al-crimine-informatico/

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, gaming industry)

[adrotate banner=”5″]

[adrotate banner=”13″]