Search This Blog

Showing posts with label Gaming. Show all posts

Google Kills its Game Streaming Service Stadia, Will Refund Purchases

About Stadia

Google is closing down its video game streaming service, Stadia, in January 2023. All purchases will be reverted back and the tech will continue to be used in YouTube and other areas of its business, however, the app for customers and storefront will shut down after five years of its launch, piling in the existing dump of projects that Google has shut down. 

While Stadia's aim towards streaming games for customers was based upon a robust tech foundation, it failed to gain the traction with the users that Google expected, resulting in the difficult decision of shutting down Stadia's streaming service. 

Google's Response

Vice President Phil Harrison said that Google is grateful for the players that have been there since the beginning of Stadia. The company will give back all the in-game purchases done on Google Store, including game and add-on content purchases made via the Stadia store. 

Players will continue to have access to their games library and can play until January 18, 2023, so that they complete the final play sessions. 

The gaming industry giant further said that refunds will be completed by mid-January, emphasizing that while Stadia will die, the tech behind it will still be available to "industry partners" for other joint-ventures, like AT&T's latest attempt to launch Batman: Arkham Knight on smartphones using streaming. 

People had a hunch of Google's moves, but what is surprising has Ubisoft announced "Assassin's Creed Mirage" will stream on Amazon's Luna service, but not Stadia, the first game in the blockbuster series to do this. 

The rise and fall of Stadia

When Stadia was initially launched, Google talked a huge game back during the Game Developer Conference 2019, however, it was evident later that Stadia wasn't quite up for the game. 

The tech was impressive, however, major features were missing, and the launch library was not up to the mark. Stadia kept on adding new games, most of them bought a la carte, to make it a lucrative investment for the casual audience Stadia was made for. 

However, Xbox Game Pass surfaced and combined a giant library with a mere monthly fee. Stadia, on the other hand, was struggling to bring big games to its platform, spending tens of millions to lure games like Red Dead Redemption 2. 

Google's next ventures

It doesn't mean that Stadia was a flop since the beginning. Google's track record, and Stadia's own history, make one ask whether they even wanted to be in this thing in the first place. 

Stadia's first-party studios closed down last year, abandoning projects in the pre-production stage and leaving a few developers who moved to a different place feeling cheated by the company. 

Harrison says Google is committed to gaming and will keep on investing in new tools, tech, and platforms that give a boost to developers, industry partners, cloud customers, and creators. 

Threat Actors Abuse Discord to Push Malware


Cybercriminals are using Discord, a popular VoIP, instant chat, and digital distribution network used by 140 million users in 2021, to disseminate malware files. 

Discord servers can be organised into topic-based channels where users can share text or audio files. Within the text-based channels, they can attach any form of material, including photos, document files, and executables. These files are maintained on the Content Delivery Network (CDN) servers of Discord. 

However, many files transferred over the Discord network are malicious, indicating that actors are abusing the site's self-hosted CDN by forming channels with the sole aim of distributing these harmful files. Although Discord was designed for the gaming community initially, many corporations are now adopting it for office communication. Many businesses may be permitting this unwanted traffic onto their network as a result of these malicious code files placed on Discord's CDN. 

Exploiting Discord channels 

RiskIQ researchers looked deeper into how Discord CDN utilises a Discord domain through links that use [hxxps://cdn.discordapp[.]com/attachments/{ChannelID}/{AttachmentID}/{filename}] as the format to discover malware. 

According to the researchers, they spotted links and queried Discord channel IDs used in these links, enabling them to identify domains comprising web pages that connect to a Discord CDN link with a certain channel ID. 

“For example, the RiskIQ platform can query the channel IDs associated with zoom[-]download[.]ml,” researchers explained. “This domain attempts to spoof users into downloading a Zoom plug-in for Microsoft Outlook and instead delivers the Dcstl password stealer hosted on Discord’s CDN.” 

In another case, RiskIQ determined that the channel ID for a URL containing a Raccoon password stealer file returned a domain for Taplink, a  site that offers users micro landing pages to send them to their Instagram and other social media accounts. 

According to the researchers, the approach allowed them to discover the day and time Discord channels were launched, connecting those generated within a few days after the first observation of a file in VirusTotal to channels with the sole purpose of disseminating malware. They eventually discovered and cataloged 27 distinct malware types hosted on Discord's CDN. 

About the malware 

Discord CDN URLs containing.exe, DLL, and different document and compressed files were detected by RiskIQ. It was discovered that more than 100 of the hashes on VirusTotal were transmitting malicious information. 

RiskIQ discovered more than eighty files from seventeen malware families, however, Trojans were the most frequent malware found on Discord's CDN. For most malware found on Discord's CDN, RiskIQ noticed a single file per channel ID. 

According to Microsoft's identification of the files and further research, there are a total of 27 distinct malware families, divided into four types: 
• Backdoors, e.g., AsyncRat 
• Password Stealers, e.g., DarkStealer 
• Spyware, e.g., Raccoon Stealer 
• Trojans, e.g., AgentTesla 

The exploitation of Discord's infrastructure throws light on the rising problem of CDN abuse by malicious attackers across the web. Using internet-wide visibility to identify malware in CDN infrastructure is significant to limiting the damage these valuable malware delivery techniques might have on the firm.

Twitch Admits to a Major Data Breach


Twitch, Amazon's livestreaming service for video games, has revealed that it has suffered a data security breach. The attack is said to have resulted in the loss of information on live streamer’s pay-out amounts, Twitch source code, and details about a putative Steam competitor from Amazon Game Studios. In a tweet Wednesday morning, Twitch said, “We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available.” 

Twitch was founded in 2011 by the co-founders of, one of the earliest livestreaming websites. Twitch was purchased by Amazon in 2014 for $970 million. 

On the 4chan message board, an anonymous poster has released a 125GB torrent claiming to contain the entirety of Twitch and its commit history. The breach is said to be intended to "promote further disruption and competition in the online video streaming industry," according to the poster. 

The leak includes 3 years’ worth of details regarding creator pay-outs on Twitch, the entirety of, “with commit history going back to its early beginnings,” source code for the mobile, desktop, and video game console Twitch clients, code related to proprietary SDKs and internal AWS services used by Twitch, an unreleased Steam competitor from Amazon Game Studios, data on other Twitch properties like IGDB and CurseForge, Twitch’s internal security tools. 

The leak has been labeled as “part one,” implying that there may be more to come. While personal information such as creator payments is included, it does not appear that passwords, addresses, or email accounts of Twitch users are included in this initial breach. Instead of publishing code that would contain personal accounts, the leaker appears to have focused on sharing Twitch's own company tools and information. 

Malware authors might potentially utilize the leaked Twitch code to infect the platform's userbase by exploiting software vulnerabilities. According to Quentin Rhoads-Herrera, director of professional services at cybersecurity company Critical Start, any return the attackers would obtain would be modest and not worth their effort. 

“This is more of a way to publicly humiliate Twitch and potentially lower the trust the Twitch users may have in the platform and company,” Rhoads-Herrera said.

EA Faces Criticism After Ignoring Warnings from Cybersecurity Researchers


After dismissing cybersecurity researchers' warnings in December 2020 that various flaws left the firm extremely vulnerable to hackers, gaming giant Electronic Arts is facing even more criticism from the cybersecurity industry. Electronic Arts Inc. is a video game developer and publisher based in Redwood City, California. As of May 2020, it is the second-largest gaming firm in America and Europe, after Activision Blizzard and ahead of Take-Two Interactive and Ubisoft in terms of revenue and market value.  

Cyberpion, an Israeli cybersecurity firm, contacted EA late last year to warn them about a number of domains that could be taken over, as well as misconfigured and potentially unknown assets and domains with misconfigured DNS records. Despite delivering EA a detailed document outlining the difficulties as well as a proof of concept, Cyberpion co-founder Ori Engelberg claims EA did nothing to fix the flaws. 

According to Engelberg, EA acknowledged receiving the information about the vulnerabilities and stated that they will contact Cyberpion if they had any further questions, but they never did. "We inspect the entire internet but as gamers, we are customers of EA. So many of our employees play FIFA and other games. We love EA so we wanted to contact them to help because their online presence is significant," Engelberg said. 

"What we found is the ability to take over assets of EA. It is more than just taking the assets of EA, it is about what can be done with these assets because we know EA. We know that if somebody can send emails from the domains of EA to us, the customers, or to suppliers of EA or to employees of EA, then that's the easiest door to the company. It isn't even a door. It is something simpler," Engelberg added. He said that malicious actors might use the stolen domains to send emails appearing to be from EA, asking customers to transfer account details or other data.

Last week, it was revealed that a "chain of vulnerabilities" might have allowed attackers to obtain access to personal information and take control of accounts, causing EA to face outrage. In recent weeks, Motherboard reported that EA's large data breach was caused by a hacker's ability to obtain access to an account by abusing Slack privileges. 

Hackers boasted on forums about stealing 780 GB of data from the company and acquiring full access to FIFA 21 matchmaking servers, FIFA 22 API keys, and various Microsoft Xbox and Sony software development kits. They also claim to have a lot more, such as the Frostbite source code and debugging tools, which is used to power EA's most popular games like Battlefield, FIFA, and Madden.

Attackers Pummelled the Gaming Industry During the Pandemic


According to Akamai, a content delivery network (CDN), the gaming business has seen more cyberattacks than any other industry during the COVID-19 pandemic. Between 2019 and 2020, web application attacks against gaming organizations increased by 340 %, and by as high as 415 % between 2018 and 2020. “In 2020, Akamai tracked 246,064,297 web application attacks in the gaming industry, representing about 4% of the 6.3 billion attacks we tracked globally,” reads Akamai’s Gaming in a Pandemic report. 

Cybercriminals frequently used Discord to coordinate their operations and discuss best practices on various techniques such as SQL Injection (SQLi), Local File Inclusion (LFI), and Cross-Site Scripting (XSS), according to the company. SQLi assaults were the most common, accounting for 59% of all attacks, followed by LFI attacks, which accounted for nearly a quarter of all attacks, and XSS attacks, which accounted for only 8%. 

“Criminals are relentless, and we have the data to show it,” Steve Ragan, Akamai security researcher and author of the report, was quoted as saying in a press release. “We’re observing a remarkable persistence in video game industry defenses being tested on a daily – and often hourly – basis by criminals probing for vulnerabilities through which to breach servers and expose information. We’re also seeing numerous group chats forming on popular social networks that are dedicated to sharing attack techniques and best practices.” 

Credential-stuffing attacks increased by 224% in 2019 compared to the previous year. Surprisingly, distributed denial-of-service (DDoS) attacks decreased by approximately 20% within the same period. Each day, millions of these attacks target the industry, with a peak of 76 million attacks in April, 101 million in October, and 157 million in December 2020, according to Akamai. 

Credential stuffing is a type of automated account takeover attack in which threat actors utilize bots to bombard websites with login attempts based on stolen or leaked credentials. They can then proceed to exploit the victims' personal data once they find the perfect mix of "old" credentials and a new website. 

Last year, these attacks grew so frequent that bulk lists of login names and passwords could be purchased for as little as $5 per million records on dark web marketplaces. Poor cyber-hygiene practices such as reusing the same passwords across many online accounts and employing easy-to-guess passwords could be blamed for the increase in attacks. 

“Recycling and using simple passwords make credential stuffing such a constant problem and effective tool for criminals. A successful attack against one account can compromise any other account where the same username and password combination is being used,” said Steve Ragan.

Data of 6 Million Battle for the Galaxy Players Leaked


WizCase security experts recently uncovered an unsecured ElasticSearch server owned by AMT Games, a Chinese mobile and browser game company, that exposed 5.9 million Battle for the Galaxy users' accounts, as well as 2 million transactions and 587,000 feedback messages. 

Despite the fact that AMT Games used the server to store profile information, payment history, and feedback messages for millions of Battle for the Galaxy players, the researchers discovered that data stored in the ElasticSearch server was not encrypted and the server was not secured with a password. 

AMT Games, which has a slew of mobile and social games with tens of millions of downloads, exposed 1.5TB of data through an Elasticsearch server. AMT Games Ltd. is a renowned mobile and browser-based online game company based in China. It creates games for Android, iPhone, Steam, and web browsers. Battle for the Galaxy, Heroes of War: WW2 Idle RPG, Epic War TD2, and Trench Assault are among of the company's most popular games. 

Player IDs, usernames, country, total money spent on the game, and data from Facebook, Apple, or Google accounts if the user linked them to their gaming account are often included in profiles. Account IDs, feedback ratings, and users' email addresses are all included in feedback messages. 

According to WizCase, transaction data includes price, item purchased, time of purchase, payment provider, and occasionally buyer IP addresses. Users who had their data exposed were advised that it could have been snatched up by opportunistic cyber-criminals looking for misconfigured databases. It went on to say that information on how much money people have spent on the site might help fraudsters target the biggest spenders. 

WizCase warned that "it is common for unethical hackers and criminals on the internet to use personal data to create trustworthy phishing emails. The more information they possess, the more believable these emails look." Bad actors could utilize personal information like email addresses and user difficulties with the service to "pose as game support and send users to fraudulent websites where their credit card credentials can be stolen," according to the report. 

The company advised players to enter as little personal information as possible when purchasing or setting up an account, and parents not to lend their credit cards to their children. WizCase stated that it notified AMT Games of the data breach but received no response. Access to the database was later disabled by the company.

Hackers Attack Gaming Community Using Supply Chain Attacks


Researchers at ESET found that NoxPlayer's latest updated mechanism, which is an android emulator for macOS and Windows, was attacked by hackers. The attacker used the hack to corrupt gamer systems with malware. BigNox, a Hongkong based company, makes these emulators. Gamers across 150 countries around the world use NoxPlayer, says BigNox. However, research by ESET indicates that the supply chain attack only focused on Asian gamers. The attacker used three different malware strains. The threat actor behind the attack is currently named "Nightscout." 

To plant corrupt payloads in their victims' systems, Nightscout attacked BigNox's " storage infrastructure" to store the trojan and " API infrastructure" to run the payloads.  ESET report says, "in January 2021, we discovered a new supply-chain attack compromising the update mechanism of NoxPlayer, an Android emulator for PCs and Macs, and part of BigNox’s product range with over 150 million users worldwide. This software is generally used by gamers in order to play mobile games from their PCs, making this incident somewhat unusual." 

Experts at ESET are positive about BigNox's infrastructure compromise used to host malware, along with the compromise of their API infrastructure. In few cases, attacked used BigNox updater to download additional payloads using hacker-controlled servers. ESET discovered few other supply chain attacks in 2020 like "Operation SignSight" which attacked the Vietnamese government and compromised their software, and "Operation StealthyTrident" which attacked desktop users, the banking sector, and government agencies. However, Operation Nightscout is slightly different, and more dangerous, as it attacked the gaming community to gain intelligence. It is rare to collect information through espionage attacks on the gaming community, which makes operation Nightscout a bigger threat.  

"We spotted similarities in loaders we have been monitoring in the past with some of the ones used in this operation, such as instances we discovered in a Myanmar presidential office website supply-chain compromise on 2018, and in early 2020 in an intrusion into a Hong Kong university. Three different malware families were spotted being distributed from tailored malicious updates to selected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities," says ESET.

Japanese Games Publisher Koei Tecmo Suffers Cyber Attack, 65,000 Users Account Compromised

The Japanese games' publisher Koei Tecmo was targeted by hackers who compromised the company's English language website and stole confidential data belonging to over 65,000 users. Following the attack, Koei Tecmo announced that they have temporarily shut down their US and European website as a precautionary measure. 

The hackers targeted the company’s website to obtain confidential information about the user accounts like names, encrypted passwords, and email addresses, however, the hackers were not successful in their attempt to acquire the data related to 'user payment details'.  

The Japanese publisher announced in the press release that “Within the website operated by KTE, the ‘Forum’ page and the registered user information (approximately 65,000 entries) has been determined to the data that may have been breached. The user data that may have been leaked through hacking is perceived to be the (optional) account names and related password (encrypted) and/or registered email address.” 

In the press release, the publisher further stated that users do not need to worry about personal financial information because they do not store this confidential information about the users.  

Referencing the reports of Bleeping Computer, the hacker has leaked critical information about users' accounts for free on a hacker forum like IP addresses, email addresses, and passwords.  

Founded in 2009, following the merger of 'Koie' and 'Teo', Koei Tecmo is a Japanese video game and anime holding organization that is responsible for many popular PC and console games like Hyrule Warriors; Age Of Calamity, Dead or Alive, Nioh 2, Atelier Ryza, to name a few. 

The attackers assert that they have used a spear-phishing campaign to hack the website on December 18th. The operators behind the attack also claimed that they were deliberating to sell a forum database for 0.05 bitcoins or about 1,300 dollars on a hacking marketplace.  

As per the reports by Bleeping Computer, stating their malevolent motives, the hackers told that they have “leaked the data to punish the Koei Tecmo publisher because they were not following the General Data Protection Regulation (GDPR) guidelines and they were refusing to spend the money on encrypting the users' information and were using a fragile salted MD5 hashing algorithm from 1992 and further warned them if they do not use the strong encryption techniques, we will continue to attack them”. 

Fake Among Us apps floating over the internet can deploy malware and adware in your device

There is an imposter among us, quite literally - the popular gaming app has attracted many flukes and malware carrying apps made to look like the legit gaming application or mod. These malicious apps can range from harmlessly annoying to quite dangerous.

Players looking for Among Us should be cautious as to use only trustworthy sources to install the app from and look into mods and their legitimacy before using them.

These "fake" apps range from mock among us intending to swindle off from the game's success to mods, which attracts young players in the lure of hacks but actually drops malware in the system or steal data from the device.
A report from TechRadar says that currently there are 60 fake imposter apps of Among Us including apps that can i) install adware or bloatware or ii) apps that deploy malware and iii) steal financial data. 

Why Among Us? 

Among Us, a multiplayer PC and mobile game suddenly became popular in 2020. Though it was released in 2018, did not gain much attention until gaming streamers started broadcasting the game. Developed by InnerSloth, a small studio in Redmond, Washington, Among Us has stayed top five on Apple’s U.S. App Store since Sept. 1, with more than 158 million installs worldwide across the App Store and Google Play. 

Word to mouth marketing and pandemic imposed lockdown made the game quickly catch up with young players which these miscreants exploited. A young player looking for hacks and mods would be easy to dupe and install a fake app that installs adwares or one that's more damaging. 

Precautions to avoid Among Us imposter apps:

It's smart to avoid any website that claims to offer hacks, resources, packs, and mods as people without much background in gaming and the cyber world won't be able to detect malicious content. 

Always install the app from a trusted source and after reading comments as they would tell you if anything is wrong with the app. 

As to find out the legitimacy of mods it's best to use the community. In themselves mods are harmless but as told before some of these fake ones could add codes into your device. Use legitimate mod websites and if going for a private website then do read comments as someone would probably write any suspicious behavior on the discourse. Also, mods developed by semi-public figures or among us content creators will usually be safe.

Gamer Alert: More than 10 Billion Attacks On Gaming Industry In 2 Years

According to cybersecurity firm Akamai's recent report titled "State of the Internet/Security," the gaming sector has suffered a big hit in the previous two years. Experts have reported around 10 Billion cyberattacks on the gaming industry between June 2018 and June 2020.

Akamai recorded 100 Billion credential stuffing attacks during this period, out of which 10 Billion amount to attacks on the gaming sector. Besides credential stuffing, Akamai also recorded web application attacks. Hackers targeted around 150 Million web application attacks on the gaming sector.

"This report was planned and mostly written during the COVID-19 lockdown, and if there is one thing that's kept our team san; it is constant social interaction and the knowledge that we're not alone in our anxieties and concerns," says the report. Web application attacks mostly deployed SQL injections and LFI ( Local File Inclusion ) attacks as per the latest published report. It is because hackers can sensitive information of users on the game server using SQL and LFI.

The data can include usernames, account info, passwords, etc. Besides this, experts say that the gaming sector is also a primary target for DDoS (distributed denial-of-service) attacks. Between July 2019 and July 2020, Akamai identified 5,600 DDoS attacks, out of which hackers targeted 3000 attacks on the gaming sector. The increase in the attacks can be because most gamers don't pay much attention to cybersecurity.

According to data, 55% of gamers experienced suspicious activity in their accounts. However, just 20% of these gamers expressed concern about the compromise. Around 50% of hacked players feel that security is a mutual responsibility between gamers and gaming companies. 

Akamai emphasized their concern over the gaming sector becoming an easy target for the hackers. According to Akamai's report, "Web attacks are constant. Credential stuffing attacks can turn data breaches from the days of old (meaning last week) into new incidents that impact thousands (sometimes millions) of people and organizations of all sizes. DDoS attacks disrupt the world of instant communication and connection. These are problems that gamers, consumers, and business leaders face daily. This year, these issues have only gotten worse, and the stress caused by them was compounded by an invisible, deadly threat known as COVID-19."

Nintendo Confirms Around 160,000 User Accounts Affected in Recent Hacks

On Friday, the Japanese gaming giant, Nintendo confirms that around 160,000 user accounts of Nintendo Switch users have been affected in the recent hacking attempts.

Nintendo's Switch game console is immensely popular among avid gamers and its demand has risen dramatically amid the lockdown forced by COVID-19 pandemic, making it out of stock almost everywhere. As the number of people turning to Nintendo is rapidly increasing, the number of hackers targeting digital accounts has also increased as a result.

In the wake of the breach, Nintendo has disabled the option of logging into a Nintendo account via Nintendo Network ID (NNID)– login IDs and passwords of the users have been acquired in an unauthentic way by some means other than Nintendo's service, the company confirmed. Notably, these attempts to access accounts illegally have been made since the beginning of April. The information compromised during the breach includes usernames, DOB, email addresses, and country.

The company has notified all the affected users of the breach through an email, alerting them to reset their passwords.
Meanwhile, the company also warned the users in case they have used a common password for their NNID and Nintendo account, and said, “your balance and registered credit card / PayPal may be illegally used at My Nintendo Store or Nintendo eShop.”

The company further recommended the users to enable two-factor authentication as some accounts are already being used to make fraudulent purchases. Affected users are advised to contact Nintendo so that the company can examine their purchase history and cancel fraudulent purchases.

"We will soon contact users about resetting passwords for Nintendo Network IDs and Nintendo Accounts that we have reason to believe were accessed without authorization," the company said.

While apologizing to the customers, Nintendo said, "We sincerely apologize for any inconvenience caused and concern to our customers and related parties,"

"In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur." the company added.

1.1 Million Customers Records of SCUF Gaming Exposed Online

The database of more than 1 million customers was exposed online by 'SCUF Gaming', a subsidiary of Corsair that develops high-end gamepads for Xbox, PS4, and PC. The incident led to the exposure of clients' names, payment info, contact info, repair tickets, order histories, and other sensitive information. Other data belonging to the company's staff and internal API keys were also compromised as a result.

The data was left unprotected for two days before being discovered by the security researcher, Bob Diachenko who reported the same to Scuf Gaming. The team led by the researcher found the data on the web without any password protection or authentication.

The database was taken down by the company in less than two hours of being notified. Meanwhile, bot crawlers got enough time to locate the exposed database and a ransom note was found demanding 0.3 BTC from the company. The note says that the data had been downloaded by the cybercriminals, however, no such action is being detected by the systems. "Your Database is downloaded and backed up on our secured servers. To recover your lost data, Send 0.3 BTC to our BitCoin Address and Contact us by eMail.” The note read.

Experts are of the belief that the involved criminals did not get enough time to delete or encrypt the data present in the database, hence, it's unlikely that they would have been able to download it either. However, SCUF clients and staff could face a risk of phishing attacks, identity theft, and fraud by the cybercriminals who might have downloaded some pieces of
the leaked database.

In a conversation with Comparitech, a spokesperson for Corsair, parent company to SCUF gaming told, “…Once notified, we identified the root cause of this exposure and secured the database within two hours. While investigating Mr. Diachenko’s warning, we also discovered that a bot had connected to the database’s server and placed a ransom note there. We have no evidence that either the bot or any other actor was able to misappropriate customer data.

This issue was specific to one system, being operated off-site due to work-from-home precautions resulting from the current COVID-19 pandemic.”

To stay on a safer side, SCUF Gaming customers are advised to keep an eye for any suspicious activity in regard to their bank accounts as scammers who were to able gather whatever bits of information they could, are likely to attempt targeted phishing attacks.

DDoS Attacks on the Gaming Giant Blizzard Causing Worldwide Service Disruption

In order to ruin the users' stay at home during their work from home period brought about by COVID-19, the hackers have hit gaming giant "Blizzard" with a colossal DDoS attack causing worldwide service disruption.

The attack, as per reports was carried out on March 18th around 2:20 AM (GMT) when Blizzard users took the issue to Twitter and the Customer Support handle for Blizzard on Twitter additionally affirmed enduring the DDoS attacks.

The company further clarified that it is “currently investigating an issue affecting our authentication servers, which may result in failed or slow login attempts.”

As indicated by DownDetector's live map, Blizzard is as yet enduring the result of the attack particularly in the US, Israel, Bahrain, Iraq, China, Singapore, Malaysia, and Denmark and a few other countries.
Image credit: Down Detector’s live map

Furthermore, it is very unclear whether the DDoS attack has halted as there has been no update tweet from the company. It is, however, worth noting that Blizzard is home to probably the most mainstream games including World of Warcraft, Overwatch, Heroes of the Storm and Diablo Immortal, and so on.

The gaming monster has a strong customer base with in excess of 32 million active users across the global. Aside from these EA Sport, a division of Electronic Arts is likewise enduring a worldwide service blackout.

It is indistinct on the off chance that it is an aftereffect of a DDoS attack or the company is confronting technical challenges within however there have been various tweets from EA Sports customers complaining about lagging and connectivity issues.

As indicated by DownDectector's live map, EA Sports is as yet enduring lagging issues in the US, United Kingdom, France, Spain, Denmark, Japan, and Israel, and so forth.

Image credit: Down Detector’s live map

By and by, it is most likely not a smart decision to DDoS Blizzard but rather users are encouraged to remain tuned for any further news with respect to the attack.

Counter-Strike: Global Offensive (CS:GO) — Money Laundering Prompts Valve to Shut Down In-Game Key Sales

Counter-Strike: Global Offensive (CS: GO) was being targeted by criminals for money laundering, according to the US video game developer, Valve. In a statement, the makers told that the aim of the attackers is to "liquidate their gains".

Developed by Valve and Hidden Path Entertainment, CS: GO is a popular multiplayer, first-person shooter game in which two teams go against each other strategically completing given objectives such as diffusing bombs and rescuing hostages.

The game allows players to earn cosmetic upgrades for their guns and avatars in loot containers, normally these boxes can only be opened via a key that players have to buy from Valve. However, the makers observed that "worldwide fraud networks have recently shifted to using CS: GO keys to liquidate their gains. At this point, nearly all key purchases that end up being traded or sold on the marketplace are believed to be fraud-sourced." The fraudsters exploited the loot gathering systems in the game to trade keys which further allowed them to unlock rewards for real money.

As a security measure, the company has updated the game in a manner that shuts down the ability to transfer new loot box container keys among users in the game.

"CS: GO container keys purchased in-game can no longer leave the purchasing account. That is, they cannot be sold on the Steam Community Market or traded. Pre-existing CS: GO container keys are unaffected–those keys can still be sold on the Steam Community Market and traded," the blog read.

In the blog post, the company also expressed concern for the effect this would have on legitimate players but also emphasized the need to combat fraud which they have on priority.

While the total amount of money laundered through the Steam marketplace remains ambiguous, hundreds of thousands of loot containers along with keys have been traded by the criminals via the online marketplace. Notably, the boxes and keys were traded for a few dollars each.

In the past seven years of its existence, CS: GO amid gaining massive popularity has unfortunately also attracted a number of disputable scenarios including illegal gambling and hidden business interests for social media influencers.

The Rise of the DDoS Attacks and the Abuse of the WS-Discovery Protocol

A new type of attack that feeds on vulnerabilities in the usage of the Web Services Dynamic Discovery protocol has been discovered recently by analysts from Akamai's DDoS mitigation service Prolexic.

The attackers here are said to have had used a moderately new strategy—one that can possibly yield more than 15,000 per cent rate of return for the junk data it heaves at a victim.

Since WS-Disclosure provides devices on a similar network a chance to communicate, and guides them all to ping one area or address with insights concerning themselves, attackers can control WS-Discovery by sending uniquely crafted pernicious protocol requests to vulnerable devices like CCTV cameras and DVRs, which is extremely simple for them to do as WS-Discovery is intended to be utilized internally on local access networks and Akamai gauges that approximately 800,000 gadgets exposed on the web can receive WS-Discovery commands.

“There's a huge pool of vulnerable devices sitting out there waiting to be abused” says Chad Sailor, senior specialist on Akamai's security insight reaction group.

"DDoS attacks abusing the WS-Discovery protocol have increased," says security researcher Troy Mursch.
 "The notable thing here is the amount of vulnerable hosts that can be abused and the large amplification factor that enables crippling attacks."

Video game platforms are the most well-known targets for DDoS attacks, during the beginning of September, for instance, Blizzard's hugely famous World of Warcraft Classic went down sporadically for a considerable length of time as a result of a DDoS attack.

"With gaming, they are one of our most frequently attacked industries," Akamai's Seaman says. "We have a handful of different gaming customers that we protect and we basically see the full gamut of all the different attack vectors and exploratory attacks through them. So it’s not surprising to see them being the first ones being targeted with a new vector."

In any case the dread about WS-Discovery DDoS attacks, however, is that the gaming industry won't be the last target as the researchers caution once more that the industries should be prepared for greater versions in the future.

EA Origin Security Flaw Exposed over 300 Million Gamers to Account Takeovers

In the wake of the discovery of an EA based vulnerability, EA origin has been forced to re-examine its module for security and safety as the flaw could have potentially exposed millions of gamers to account takeovers.

As per the findings and research of specialists at Check Point and CyberInt, the vulnerability affected over 300 million gaming enthusiasts playing online games namely FIFA, Madden NFL, NBA Live and Battlefield.

The vulnerability relied on an alternate authentication method known as, Access Tokens which are like passwords; by stealing a Single Sign-On authorization token, the security flaw would have given complete authority into the hands of the hackers, who further would have been able to hijack player's accounts without needing the login or password.

Stealing 'Access Tokens' can be a bit more complex than stealing passwords, however, it still is possible. It's because users have been enlightened against providing passwords on dubious websites, hackers now resort to accessing access tokens rather than the passwords. Moreover, it can be carried out behind the scenes without needing any active participation from the user.

On Wednesday, commenting on the matter, Oded Vanunu, head of products vulnerability research for Check Point, told, "EA's Origin platform is hugely popular, and if left unpatched, these flaws would have enabled hackers to hijack and exploit millions of users' accounts,"

Referencing from the statements given by Alexander Peleg in an email in the regard, "We had the vulnerabilities under control so no other party could have exploited them during the period it took EA to fix," 

Hacker Group make Nintendo Switch a Linux machine

As reported earlier this month, Hacker Group fail0verflow had tweeted a picture showing that they had managed to run Linux on Nintendo Switch. That was February 6; now, 12 days later, they have released a video on their account, providing proof of the same.

The video shows a Switch console running a Linux-based desktop environment KDE Plasma, with full touchscreen support and a web browser, something which the gaming console did not originally have.

While usually people hack into gaming consoles to play cracked versions of games, some people just enjoy running whatever kind of software they want on them. This seems to be one of those cases.

Fail0verflow is a hacking group that focuses its hacking efforts on gaming consoles and has recently taken up Nintendo Switch, as have many others.

While the hacking group has still not made public their exact method and code, it reportedly involves exploiting a flaw in the boot ROM of the Switch’s Nvidia Tegra X1 chip. As they revealed last time, the video maintains that the flaw can’t be patched up by Nintendo on current devices but allegedly can be discussed in future production.

Hackers run Linux on Nintendo Switch

Last week, hacker group fail0verflow shared a photo on Twitter, showing that they had managed to run Linux on the Nintendo Switch.

This tweet followed after a previous one in January where they explained that their Switch coldboot exploit is a boot ROM bug, which as suggested in the name, is a piece of code containing instructions about the booting process stored in a read-only memory.

They also revealed that it is not possible to fix the flaw using patches in the current Switches.

Earlier, they had also tweeted a scroller for the Switch.

While they have teased the exploit to the public, it may be a while before fail0verflow publicly release the details and code for their hack, as evidenced by the PS4 exploit that they demonstrated in 2016 and only revealed the details of over a year later.

Meanwhile, the Switch hacking community continues to make progress. After the 34C3 conference which left the console’s security wide open, it seems that it’s going to be easier for hackers to create homebrew software for the Switch and even pirate games, which could mean serious financial repercussions for Nintendo.

For those with technical knowledge who prefer the white hat route, however, Nintendo is still offering bounties on reports of vulnerabilities.

Is AI allegedly hacking users’ account?

Recently the leak of a few documents online seems to reveal insight into the computer gaming industry's use of Artificial Intelligence (AI) to increase advertising revenue and gaming deals. The classified documents showed up on Imgur two days back, and have been doing the rounds on Twitter. The leaked documents, if genuine, uncover the startling lengths that the computer game industry will go to with a specific end goal to snoop on gamers using AI.

The archives state that reconnaissance data is accumulated to order detailed profiles about users. As indicated by the reports AI focused on the users' smartphones and utilized inactive listening innovation/technology to connect with the smartphone's microphone, phones are checked to see whether they (users) stay in a similar area for eight hours or more. On the off chance that this is observed to be genuine the subject is set apart as "at home". 

The unsubstantiated documents at that point go ahead to clarify the detailed observing or monitoring that happens inside a user’s home:
 “When in home, monitor area of common walking space. Pair with information about number of staircases gathered from footfall audio patterns. Guess square footage of house.”

A part of the document marked "Example Highlight" at that point goes ahead to clarify how it was chosen that "high bonus gaming sessions during relaxing times are paradoxically not the time to encourage premium engagement."

Around then, users are focused with free rewards, bonuses and "non-revenue-generating gameplay ads." As per the leak, at these circumstances "the AI severely discourages premium ads.”
As though this wasn't sufficient, the AI additionally listens in, for catchphrases as well as for "non word sounds." Examples include microwave sounds and notwithstanding biting and chewing noises, which are utilized to figure whether packaged meals have been consumed.

A section marked "Calendar K" clarifies how psychological manipulation is utilized to coerce users into making purchases. AI may sit tight for players to be tired after long gaming sessions. Can turn around the shade of free and paid game titles (generally blue and red), with a specific end goal to "trick a player into making a buy unintentionally."

Unbelievably though,it gets worse. As indicated by the leaked documents the gaming business industry likewise utilizes hacked data dumps to gather additional information about users. Also a segment marked "Schedule O" even clarifies how the AI gathers side channel data.
For the present however, it remains to be seen whether this information or data dump will end up being genuine or not.

As is dependably the case, we encourage smart phone users to be careful about the applications they install. Continuously check for obtrusive authorizations before consenting to install any application or game. On the off chance that a game requests authorization to utilize the microphone, please remember that this sort of reconnaissance might happen.

As per these leaked documents, AI software may likewise be utilizing previously hacked information and data to pick up passage to outsider or third-party administrations and services. If it happens, at that point the gaming companies might break into auxiliary services to put users under surveillance and develop a detailed profile about them.

For now, these serious allegations still can't seem to be demonstrated valid. Be that as it may, the users are reminded to dependably utilize solid one of a kind passwords for the greater part of their diverse online accounts – to make it substantially harder for organizations and companies to use such practices.

Nvidia prepares GTX 1050 And GTX 1050 Ti Max-Q variants to Tackle Intel’s Kaby Lake G series

NVIDIA has apparently let known the presence or more likely the existence of the GTX 1050 and 1050 Ti Max-Q design in their most recent Linux changelog. This simply implies that the company is as of now getting ready to reveal the line-up soon and will set it against the Kaby Lake G line up's RX Vega M GL. Since Max-Q is tied in with augmenting the thermal and power envelops and furthermore even the name of the game is power efficiency, it is expected that the level of rivalry as well as competition has genuinely risen.

This change was noticed in the Linux display driver that was released recently and records not just the MX 130 and MX 110 yet in addition the 1050 Ti with Max-Q designs. A reminder for those of us who overlooked, Max-W is NVIDIA's design theory or in other words a philosophy which involves constrained TDP settings. This innovation has already been utilized as a part of an ultraportable gaming notebook so as to reduce a large portion of the GPU power consumption.

It finds the most productive trade off of execution, performance and power for the GPU. The software to be sure adjusts the work done on the CPU and GPU, at the same time upgrading the game settings and utilizing advanced system design techniques for thermal management and power regulation. It likewise presents another idea, WhisperMode. This ultra-productive mode makes the users ‘plugged-in laptop runs much quieter while gaming.
Works by intelligently pacing the game's frame rate while simultaneously arranging the graphical settings for optimal power efficiency.

The clock speed of the Maximum Q is most likely going to be somewhere around 1417 MHz to 1450 MHz, which means a hypothetical graphics execution of 2.18 TFLOPs. This puts it within spitting distance of the newly initiated Kaby Lake G series of graphics which house the Vega M. Remembering be that as it may, that while the Vega GL has a higher hypothetical (theoretical) power, AMD and NVIDIA models are not directly equivalent and as has been the situation this age, NVIDIA more often fares better even with lower theoretical FP32 execution.
Aside from this the AMD Radeon RX Vega M GL graphics chip is set to be featured on a range of 8th Generation Core i7 and Core i5 processors. These feature 20 CUs which are equivalent to roughly 1280 stream processors, 80 texture units and 32 ROPs. The Vega 20 die is clocked at a base frequency of 931 MHz and boost frequency of 1011 MHz These chips convey an evaluated single precision output of 2.6 TFLOPs which is marginally up from a Radeon RX 560 reference design that has 2.4 TFLOPs of FP32 performance. The Radeon RX Vega 20 GPU is accompanied by 4 GB of HBM2 memory and this works at 1.4 Gbps close by a 1024-bit bus interface, directing out 179.2 GB/s of data transmission. For a solitary HBM package, this is loads of accessible data transmission devoted for the GPU alone.

In any case, the Max-Q design has previously been seen in the Zephyr notebooks which include the extended keyboards and frills which apparently aren't for everybody and it remains to be seen whether this GPU will require a similar style of aesthetic and cooling. On the off chance that that is the situation, at that point it could restrain the total available market of the product since a brought down keyboard and the odd cooling style isn’t favoured by everybody.