Motherboard this week announced that hackers stole FIFA 21’s source code from EA Sports. The report was based on an account on a criminal forum from 6 June, where the user claimed that he had a 780GB dump of EA Sports’ source code. EA Sports confirmed that a data breach was discoveredhowever they denied that any customer information was stolen.
-
Cybercriminals are likely to discover more information than was discovered in the EA hack on sports. This blog will look at the reason why the gaming industry has caught the attention of cybercriminals and the top security threats that security professionals must be aware of.
Why ONLINE GAME and WHY now?
This isn’t a brand new development in online gaming. Five gambling companies were targeted by APT 27 in January 2017. They are believed to have targeted them because they wanted to market gambling products to Chinese citizens. APT 41 targeted hundreds more gambling establishments on the internet in September of this year. According to reports. To repurpose and sell online, the attackers took source code, software signing certificates, as well as sensitive customer information.
Gaming companies that operate online must be aware of the theft of intellectual properties.
Online gaming companies are concerned about intellectual property theftlike in the EA Sports case. These companies are frequently involved in the creation and maintaining software.
-
It is reasonable since many factors go into the development of an application or game. One of the most challenging things about developing games is that they require many teams and work. A few developers will need to spend 3-5 years working in order to develop big games that gamers will love. This can be attractive to corporations that are espionage threat actors. Cybercriminals are also attracted gambling online, since they can make a profit via online fraud and stolen accounts.
Here are the most significant threats we have observed for the industry of online gaming.
DATE BREACHES
Cybercriminals frequently sell data from gaming websites that has been compromised. Already in 2021 , we’ve seen English-speaking as well as Mandarin threat actors try to sell data from different gaming platforms.
-
Photon identified online gaming data being offered to be purchased in 2021.
The data from an online gaming platform is for sale on a dark-web market that speaks Chinese
These data breaches could include diverse types of data. This case illustrates that the breach was related to forum, payment and game database.
INITIAL ACCESS BOKERS & RANSOMWARE
In the previous sectionwe discussed an instance where a cybercriminal was able to sell access to gaming databases online. Since the beginning of this year, these “access brokers” are becoming more popular. They allow access to a variety of databases, too. They are also known as “Initial Access Brokers” andmay give credentials to users with high valuesuch as Domain Administrators.
These access listings give ransomware operators access to RDP instances, which offers an array of opportunities. Photon discovered 90 RDP access listingsand each listing costs an average of $9,000 This alarming discovery is worrying considering that RDP access accounts are still responsible for 70-80% of initial foothold ransomware operator’s use, according to the FBI.
Phishing and STOLEN ACCOUNTS
Phishing is not the last. Phishing is an increasing threat. The 2021 Verizon DBIR found that 36percent of breaches were due to Phishing. It is also common to attack gamers online.
These emails are phishing and target gaming platforms’ clients and attempt to steal data from their payment cards or other credentials for sale to cybercriminals. In some cases, these campaign may also be used to distribute malware.
Customers aren’t the only ones affectedhowever, employees too. The news broke earlier this year that over half a million credentials belonging to top game publishers were available online.
The recent security breach of EA Sports hackers used stolen cookie data to gain entry to the Slack channel. The kind of information that cookies provide is available to rent through fingerprinting stores like Genesis Market.