Security researchers from Kela Research and Strategy have found more than 500,000 leaked credentials linked to top video game companies for sale on dark web platforms.
The data leak was detailed by the researchers at Kela Research and Strategy, the leaked credentials belong to employees of top games companies. There are also nearly 1 million accounts of both clients and employees. The accounts compromised provided access to internal resources like admin panels, Jira instances, Virtual Private Networks, FTPs and development environments.
The researchers at Kela Research and Strategy did not provide the names of the companies affected by this leak, but they said that stolen credentials belonged to nearly all of the top 25 gaming companies. In the past three months, there has been at least four ransomware incidents affecting top video game companies, three of which were reported to the public.
According to the researchers:
“Credentials to internal resources of recently attacked companies – such as VPN, website management portals, admin, Jira and more – were put up for sale and hence were available for any potential attacker prior to the cyberattacks that occurred,”
They also said:
“We also detected an infected computer (bot) which had credential logs to plenty of sensitive accounts that could be accessed by attackers upon purchase: SSO, Kibana, Jira, adminconnect, service-now, Slack, VPN, password-manager and poweradmin of the company – all on a single bot – which strongly suggests that it’s used by an employee of the company with administrator rights.”
Capcom Co Ltd., producers of hit series Resident Evil, were attacked in November 2020, they were hit by a Ragnar Locker ransomware attack. Ubisoft Entertainment SA , producers of hit series Assassins Creed was also attacked in 2020 along with Crytek GmbH, with their stolen data appearing on the dark web in October 2020. In December Koei Tecmo Holdings Co. Ltd. revealed that it was also hacked.
The Kela researchers warned video game companies by saying, “organizations in the gaming sector have to act fast as they are the new target that cybercriminals are interested in” and they should “invest in different measures in order to ensure that they are protecting all of their different assets.”
A warning to video game companies
In November, Mark Kedgley, chief technology officer at information technology security and compliance software company New Net Technologies Ltd., warned video game companies that cybersecurity needs discipline and strategy, as well as vulnerability management, system hardening and change control, according to him, “Mastering all of these is essential to counteract the ‘End of Level Bosses’ of the hacker world, including today’s ever-present ransomware threat,”.