Popular online shooter leaks 1.2 million user records: What to do
Popular online shooter leaks 1.2 million user records: What to do
Cybercriminals take sold more than than 1.two million user records from online game Stalker Online on a hacker forum.
Ethical hacking group CyberNews, which discovered the data breach, say hackers have gained access to personal data from players and were selling it to the highest bidder.
Researchers institute two databases hosted on Shoppy.gg containing personal information such as usernames, passwords, electronic mail addresses, telephone numbers and IP addresses from users of the popular MMO game.
- Best antivirus: protect yourself from scams with online security
- VPN: add a layer of extra protection thanks to a virtual private network
- Latest: Nasty Mac malware is circulating on Google with you in its sights
It's believed that 1 of the databases contains over one.2 million user records and another has more than 136,000 user records, which are being sold individually for "several hundred euros worth of bitcoin" on the black market.
Created by Australian studio BigWorld, Stalker Online is a free post-apocalyptic online game with many users in Russia and Eastern Europe. The game is available in English and Russian.
Lax security from game makers
CyberNews say the data breach exposes the lax security of the game, explaining that these records could be used to do things like:
- Facilitate credential stuffing to hack the players' accounts on other gaming platforms
- Hold players' game accounts to bribe
- Mount targeted phishing attacks
- Spam the victims' emails and phones
- Brute-strength the change of passwords of the email addresses
The organisation made the discovery final month when information technology was scanning hacker communities and came across a mail service from a hacker claiming that they had breached the game.
"We regularly visit darknet marketplaces and hacker communities in order to help prevent cybercriminals from taking reward of large-scale data breaches," said the researchers.
"In May, we noticed that a hacker had posted a link to a page on the Stalker Online website proving that they had 'personally hacked' and placed their 'tag' on the server."
While the researchers aren't sure if anyone has actually bought the records, they said the fact that the storefront was operational for almost a calendar month suggests copies of the database containing i.ii million user records may have been sold on the black market to multiple buyers.
Taking activeness
Since discovering the breach, CyberNews has alerted the appropriate parties.
The researchers said: "Post-obit CyberNews guidelines, nosotros immediately notified the developers and their parent company, Wargaming.net, about the leak and followed-up several times merely received no reply.
"When we contacted shoppy.gg with a request to remove the digital storefront, they were able to remove the database on the same day."
The researchers have urged users of Stalker Online to modify their passwords immediately, particularly those people using identical passwords for other online services.
"Using a unique password for each service that yous sign up for will prevent attackers from reusing your password for credential stuffing attacks in order to compromise more than i of your accounts."
- Read more: Check out our Antivirus Software Ownership Guide
Source: https://www.tomsguide.com/news/stalker-online-breach
Posted by: collinsthavatabot.blogspot.com
0 Response to "Popular online shooter leaks 1.2 million user records: What to do"
Post a Comment