Search This Blog

Showing posts with label Online Gaming. Show all posts

Teen Hacking Suspect Arrested by London Police for GTA 6 and Uber Breach

A 17-year-old Oxfordshire kid was detained on suspicion of hacking, according to information released by the City of London Police on Friday.

According to experts, the recent security breaches at Uber and Rockstar Games may have something to do with the arrest.

On September 18, a cyber threat actor identified as the 'teapotuberhacker' claimed to have hacked Rockstar Games, the company behind the well-known and contentious Grand Theft Auto (GTA) franchise, in a post on GTAForums.com. Teapotuberhacker claimed to have taken 90 movies of alpha material and the source code for Grand Theft Auto VI and its predecessor GTA V from Rockstar in that post, which has since been removed.

Notably, a 17-year-old Oxford boy was among the seven minors who were detained. The Oxford teenager was detained after other hackers posted his name and address online. The boy had two internet aliases: 'Breachbase' and 'White'. According to the reports, the boy had earned about $14 million via data theft. 

Further information concerning the inquiry was kept under wraps by the UK authorities. 

Seven adolescents were detained and later freed by City of London police in connection with a probe into the Lapsus$ hacking organization this spring.

Uber released more information regarding the latest security breach earlier this week. According to the firm, the threat actor responsible for the intrusion is connected to the LAPSUS$ hacker organization.

Flashpoint, a security company, presented a report of the Grand Theft Auto VI data breach this week and disclosed that the name of the hacker responsible for the two attacks had been made public on a dark web forum.

The forum administrator claimed that teapotuberhacker was the same guy who had allegedly hacked Microsoft and owned Doxbin in the debate, which was titled 'The Person Who Hacked GTA 6 and Uber is Arion,' according to the story that was published by FlashPoint.

If these claims are true, which is not entirely apparent, it will assist in explaining the most recent incident that law police conducted.

Amazon's Twitch Blames Server Error for Massive Data Leak

 

Twitch disclosed a massive data breach on Wednesday, attributing it to an "error in a Twitch server configuration change" that exposed certain data to the internet. 

The purportedly stolen material includes the source code for Amazon's streaming platform, reports on creator payments, and information regarding an unannounced Steam competitor from Amazon Game Studios. Twitch acknowledged the incident in a tweet on Wednesday. The firm will provide further information in a blog post later, stating that it is still trying to determine the entire scope of the event. 

The company wrote, "We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party." 

"Our teams are working with urgency to investigate the incident." 

Twitch said there's no indication that login credentials were exposed. The streaming platform also said, "full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed." 

Twitch's brief statement demonstrates that the company is in full crisis mode. IT professionals and security specialists are still attempting to determine the severity of the data breach. The attack was caused by a "server configuration" issue, according to the explanation. In other words, someone misconfigured the computers that contain Twitch's sensitive data, allowing hackers to discover and download it. 

The organization has not yet stated when this error occurred. Some of the stolen data dates back three years, so the computers might have been a victim for a while - or the error could have just left the door open for a few days or weeks. Attackers are always searching and analyzing the internet for open databases, and someone may likely have informed hackers about the internal IT mistake. 

Making these types of blunders, however, is costly, especially when the target is as large as Twitch. Numerous streamers informed BBC News that the payment data was correct for their own earnings and this poses issues for the firm. Candid Wuest from cyber-security company Acronis stated, "A lot more damage is now in store for Twitch. The breach is already harming Twitch on all the fronts that count." 

The leaked data "could contain nearly the full digital footprint of Twitch, making it one of the most severe data breaches of late." "Releasing payout reports for streaming clients will not make the influencers happy either," Mr. Wuest added. 

The download released online is also labeled "part one," implying that there may be more data to be published on the internet.

Hackers Attack Gaming Community Using Supply Chain Attacks

 

Researchers at ESET found that NoxPlayer's latest updated mechanism, which is an android emulator for macOS and Windows, was attacked by hackers. The attacker used the hack to corrupt gamer systems with malware. BigNox, a Hongkong based company, makes these emulators. Gamers across 150 countries around the world use NoxPlayer, says BigNox. However, research by ESET indicates that the supply chain attack only focused on Asian gamers. The attacker used three different malware strains. The threat actor behind the attack is currently named "Nightscout." 

To plant corrupt payloads in their victims' systems, Nightscout attacked BigNox's "res06.bignox.com storage infrastructure" to store the trojan and "api.bignox.com API infrastructure" to run the payloads.  ESET report says, "in January 2021, we discovered a new supply-chain attack compromising the update mechanism of NoxPlayer, an Android emulator for PCs and Macs, and part of BigNox’s product range with over 150 million users worldwide. This software is generally used by gamers in order to play mobile games from their PCs, making this incident somewhat unusual." 

Experts at ESET are positive about BigNox's infrastructure compromise used to host malware, along with the compromise of their API infrastructure. In few cases, attacked used BigNox updater to download additional payloads using hacker-controlled servers. ESET discovered few other supply chain attacks in 2020 like "Operation SignSight" which attacked the Vietnamese government and compromised their software, and "Operation StealthyTrident" which attacked desktop users, the banking sector, and government agencies. However, Operation Nightscout is slightly different, and more dangerous, as it attacked the gaming community to gain intelligence. It is rare to collect information through espionage attacks on the gaming community, which makes operation Nightscout a bigger threat.  

"We spotted similarities in loaders we have been monitoring in the past with some of the ones used in this operation, such as instances we discovered in a Myanmar presidential office website supply-chain compromise on 2018, and in early 2020 in an intrusion into a Hong Kong university. Three different malware families were spotted being distributed from tailored malicious updates to selected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities," says ESET.