Skip to main content
close search
site logo
Dive Brief

Fast-growing gaming industry faces rising threat of account compromise

Published Jan. 5, 2021
David Jones's headshot
Reporter
Florian Olivo / Unsplash

Dive Brief:​

  • Researchers have found almost one million compromised accounts from 25 leading gaming companies on the Dark Web, including employee and client-facing resources, according to a report from threat intelligence firm KELA. Almost half were listed for sale last year. 
  • The researchers found more than 500,000 leaked credentials were from employees at the gaming companies. The credentials include email addresses of senior-level employees and have been available for free in underground markets.
  • Researchers have observed four ransomware attacks involving gaming companies over the past three months, with three of them publicly reported. Credentials to VPN, website management portals, admin, Jira and other internal resources from gaming companies that were recently attacked have been put up for sale on the underground markets. 

Dive Insight:

The gaming industry is a fast growing and potentially vulnerable target market for bad actors, according to the report. Industry revenue is expected to reach $196 billion by 2022 and millions of consumers embracing online gaming amid widespread COVID-19-related lockdowns.

The report, by KELA's Almog Zoosman, pre-sales engineer, and Victoria Kivilevich, threat intelligence analyst, indicates several instances of threat actors looking to access gaming company networks.

In one example, a Russian-speaking actor said he was interested in developer's networks of Xbox, Nintendo, Qualcomm and Apple. Another December incident shows a threat actor looking to sell data — including FTP credentials — of a leading Japanese video game developer. In a third case a member of a Russian-speaking forum sought access to servers or repositories of major gaming companies. 

The report authors told Cybersecurity Dive that gaming companies need to invest in continuous monitoring of their assets and also conduct regular cyber awareness and readiness training for employees. 

"Organizations are commonly operating their day-to-day operations without knowing they have an open port or operating with a vulnerable technology, which may provide attackers with an initial foothold into their networks," they said via email. "By monitoring the darknet communities that hackers are active in, organizations can gain an external viewpoint of their organizations to see how they look from the eyes of attackers."

The research follows a number of high profile attacks on the gaming industry. As previously reported, the Egregor ransomware gang targeted gaming companies Ubisoft and Crytek. A September report by Akamai showed the video game industry faced nearly 10 billion credential stuffing and 152 million web application attacks between 2018 and 2020.

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Vulnerability
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell