Gotham Knights game temporarily removed Anti-Piracy Protection

Recently, Gotham Knights, an action RPG game by WB games released a new patch for their online multiplayer attempting to fix some bugs. However, in doing so, they mistakenly removed their Anti-Piracy protection Denuvo DRM in the process. 

This left the game free to pirate for 14 hours which was patched right after but the damage was already done. Although the people who pirated the game won’t be able to have access to its online multiplayer and future content patches and bug fixes, they still have access to its single player campaign. 

Read more @https://kotaku.com/gotham-knights-denuvo-hack-piracy-pc-framerate-patch-1849712660

Final Fantasy 14′s rising of unauthorized access attempts

For this week, we cover Square Enix’s popular online game: Final Fantasy 14. Recently, Square Enix has been experiencing an attack by a third party attempting to get into its account management system. The third party seems to be using a “combination of email addresses and passwords that appear to have been obtained from other online services of other companies”. 

Whether the combinations were acquired through brute force, or social engineering, it seems that this party acquired these credentials from multiple popular sites like Twitter, or Yahoo and testing them on multiple platforms and Square Enix just so happens to be on their list. I’m thinking this has to have some relation to the recent attacks to other gaming companies like Ubisoft and Rockstar as well. 

Either way, Square Enix’s solution was to change your credentials ASAP, even opting to send out emails to potentially high-risk users and restricting access to potentially compromised accounts from unauthorized users. 

Read more @https://kotaku.com/final-fantasy-14-online-password-hack-square-enix-1849632764

Hacker from the UK arrested for hosting a dark web marketplace

For this week, I found a post talking about a 34 year old by the name of Daniel Kaye being arrested for hosting a dark web marketplace called The Real Deal. Daniel went by many aliases including Popopret, Bestbuy, UserL0seer, and Spdrman and was charged with 5 counts of access device fraud and one count of money laundering conspiracy. 

The Real Deal was an illegal website that created hacking tools and login credentials available for purchase, even selling accounts and credentials from U.S. government agencies, including U.S. government computers, bank accounts, U.S. Postal Service, National Oceanic and Atmospheric Administration, Centers for Disease Control and Prevention, NASA, and the U.S. Navy. The site also credentials for social media platforms such as Twitter and LinkedIn.

Read more @https://thehackernews.com/2022/10/british-hacker-charged-for-operating.html

Week 8: Rockstar games Grand Theft Auto VI stolen footage

Not so long ago, Rockstar games confirmed they were a victim of network intrusion that allowed a party to illegally download early footage of Grand Theft Auto VI by having access to “confidential information” for their systems. The footage stolen and leaked contains 90 videos of clips from the game leaked on GTAForums by a user named teapotuberhacker which could hint and link to the same person responsible for the recent Uber attack: Tea Pot. 

The method used was most likely the same technique multi-factor authentication bombing used to get past extra account security layers. The data is being ransomed and the hacker delivered a message wanting to negotiate a deal, threatening Rockstar of more leaks if they don’t get payment according to a post on a popular, degenerate site called 4chan 

https://thehackernews.com/2022/09/rockstar-games-confirms-hacker-stole.html

Malicious Files Reported in 2022 update - how the attacks are carried out

Got another article building upon the week 5 blog I posted on the topic of rising cybersecurity phishing, malware attacks on popular online games. Players are utilizing hacks/mod tables and programs to cheat their way through in a video game but might also stumble upon a malicious attack instead. This article talks about one of the few examples of how that attack is carried out by creating a self-spreading malware when the player downloads the self-extracting RAR archive, which will proceed to run an executable coin miner and enable it’s self-propagation aspect of the program. The open source C# password stealer will proceed to steal cookies from browsers and gain access to the player’s Youtube account after stealing their vital information to upload a video with a link to the malicious archive, essentially creating a self-replicating malware attack. 

https://thehackernews.com/2022/09/researchers-warn-of-self-spreading.html

Cybersecurity company ESET partners with Hue Invitational to create a smooth e-sports tournament

On September 22, 2022, global leader digital security ESET announced a partnership with Hue Invitational, an e-sports tournament hosted by Harrisburg University of Science and Technology on various different video games including Overwatch, Rocket League, and League of Legends. ESET’s measure to secure tournament machine’s this year to prevent the growing cybersecurity threats to video games. ESET provided a superior detection of anti-cheat software while also maintaining low system impact for uninterrupted gameplay. E-Sports is a growing topic in the modern age. Multiple teams of several players gather to compete against each other in a video game while thousands upon thousands of people watch live at home or in-person. These tournaments usually contain a prize pool of up to millions of dollars so having the upmost security measure is highly important. 

https://www.prnewswire.com/news-releases/eset-delivers-gaming-optimized-cybersecurity-solutions-for-hue-invitational-championship-301631603.html

Malicious Files Reported in 2022

A Kaspersky report was released around mid of this year, reporting a total of 384,224 user attacks with 91,984 files being distributed across 28 popular games containing malicious files. The problem with online games is that thousands of players compete to become the best, and sometimes a small percentage of these players will end up taking a shortcut to get there. Games like GTA V, for example, have a community of modders that promise and create cheat table mods containing several commands to modify the game to get what the player needs which goes heavily against the ToS and could result in a ban of the account. Despite this though, players will seeks out these modders but unfortunately might stumble upon a malicious modder that creates the program the player needs but injected with phishing aspects to steal vital information from the player. 

 https://www.infosecurity-magazine.com/news/cyber-threats-gaming-industry/

Nvidia’s RTX 30-series mining limiter

Here’s an article expanding on my last post of the Lapsus$ ransomware group, talking about Nvidia’s new Lite Hash Rate Limiter on their 30-series gpu’s earlier this year. 

Essentially, cryptocurrency mining has become a major problem in the gaming community, specifically on GPU parts on the market. I myself was one of the many individuals of late 2020 going into 2021 trying to build myself a new gaming PC and finding an RTX 3090 was a difficult time due to the power the 30-series boasted and Cryptocurrency miners and scalpers have dominated the market. 

Nvidia attempted to control the situation with their new LHR feature by lowering its hashing capabilities by almost half when a mining workload was detected. However, there were already “reports” of a tool boasting to unlock the full potential of your graphics card for mining by completely removing this limit, more on how it’s done in the article. Though, it’s VERY important to note that there was an update to this tool stating that it was actually malware and was since taken down on Github. 

 https://www.pcgamer.com/nvidias-rtx-30-series-ethereum-mining-limiter-mightve-just-gone-up-in-smoke/

Hackers’ Attempt to Blackmail Nvidia into Open Source GPU’s

Here’s an article earlier this year about a hacker group calling themselves Lapsus$ attempting a ransomware on Nvidia, specifically targetting their gpu’s. Nvidia has spoken about this group and their “odd” requests to make their GPU’s open source instead of a straight cash ransom. They are a part of the mining and gaming community and I think they’re trying to get Nvidia to remove their latest Hash Rate Limiter for mining. This feature limits the rate of mining on Nvidia’s new RTX 30-series gpu’s. More on Nvidia’s Hash Rate Limiter on my next post and essentially what it does. 

https://portswigger.net/daily-swig/nvidia-hackers-allegedly-attempting-to-blackmail-company-into-open-sourcing-gpu-drivers

The Seven Domains of a Typical IT Infrastructure

Here’s a blog about the seven domains of a typical IT infrastructure. I was doing the lab recently and stumbled upon it. The Article talks about how each domain can be compromised to cyber attacks and discusses what are some of the ways typical organizations would approach to securing them such as using segmentation practices to networks to separate networks accesses between employees and visitors to prevent infection to the network with malware. 

https://www.linkedin.com/pulse/what-seven-domains-typical-infrastructure-alshehri-cpp-pci-psp-/?trk=public_profile_article_view

Increased cyber attacks in the past year in the gaming industry

Here's a blog talking about increased cyber attacks since last year in the gaming industry with DDos attacks being the most popular method for cybersecurity attacks. Even big gaming companies like blizzard have been targeted let alone small indie game companies. LFI and SQLI are other methods being used by hackers to inject malicious SQL statements into the database servers. Read more on: