The security researchers have spotted over 500,000 leaked data or employee credentials for sale on the dark web. The credentials belong to 25 top gaming companies.
The researchers at Kela Research and Strategy Ltd. had detailed the data leak of the employee credentials and had related them to the employees at leading gaming companies. The credentials totalled to nearly one million accounts of both employees and internal gaming clients. The hacked accounts offer access to the internal resources like the virtual private networks (VPN), admin panels, FTPs, Jira instances, development-related environments and single sign-ons.
The researchers did not disclose many details regarding the names of the companies that have been affected. However, they did state that the stolen employee credentials were from nearly 25 top gaming companies. They had also noted that they had observed four ransomware attacks in the last three months that had majorly affected the gaming companies and of which three were publicly reported.
“Credentials to internal resources of recently attacked companies – such as VPN, website management portals, admin, Jira and more – were put up for sale and hence were available for any potential attacker prior to the cyberattacks that occurred,” the researchers said. “We also detected an infected computer (bot) which had credential logs to plenty of sensitive accounts that could be accessed by attackers upon purchase: SSO, Kibana, Jira, adminconnect, service-now, Slack, VPN, password-manager and power admin of the company – all on a single bot – which strongly suggests that it’s used by an employee of the company with administrator rights.”
Some companies that have been attacked in the latest times included Capcom Co. Ltd. (A Japanese Video Game Developer), which was hit back in November by a Ragnar Locker ransomware attack. Crytek GmbH and Ubisoft Entertainment SA had also been hacked the previous year, while the stolen data appeared on the dark web back in October. In December, Koei Tecmo Holdings Co. Ltd. had disclosed that it had suffered a data loss as well.
The researchers concluded that “organizations in the gaming sector have to act fast as they are the new target that cybercriminals are interested in” and that they should “invest in different measures in order to ensure that they are protecting all of their different assets.”
Discussing the targeting of game companies in November, Mark Kedgley, chief technology officer at information technology security and compliance software company New Net Technologies Ltd., told that cybersecurity needs discipline and strategy, as well as vulnerability management, system hardening and change control. “Mastering all of these is essential to counteract the ‘End of Level Bosses’ of the hacker world, including today’s ever-present ransomware threat,” he said.
Disclaimer: Read the complete disclaimer here.