Posted Fri, Apr 12, 2013 by Martuk
Cyber security is a constant struggle for online gaming publishers. The most notable instances of giant breaches in database security can be traced back to what I like to call “the year of the hacker” in which a massive number of gaming companies suffered database breaches that resulted in millions of compromised account details, most notably the breaches of Sony's PlayStation Network and Sony Online Entertainment services. But Sony was certainly not in that boat alone. Several other developers such as Frogster (now Gameforge), Trion Worlds, Cryptic, BioWare, gamigo, Nexon, Square Enix, and a number of others also suffered breaches.
This week some of those publishers found themselves back in the crosshairs with an attack that started back in 2009 when a Chinese hacker group known as Winnti managed to slip a trojan horse program into the computers of more than 30 different organizations that include online gaming publishers such as Trion Worlds, Nexon, Neowiz, and several other companies over multiple countries according to a Polygon report.
The malicious code was discovered back in 2011 during research into an intrusion but the code been placed their as early as 2009 according to Kurt Baumgartner, a senior security researcher for Kaspersky Lab. It’s believed that the group used the program to falsify digital certifications to spy on activists, steal aerospace secrets, and to steal valuable source code and other online gaming intellectual property.
“According to our estimations, this group has been active for several years and specializes in cyberattacks against the online video game industry,” read a Securelist report. “The group’s main objective is to steal source codes for online game projects as well as the digital certificates of legitimate software vendors. In addition, they are very interested in how network infrastructure (including the production of gaming servers) is set up, and new developments such as conceptual ideas, design and more.”
While Baumgartner doesn’t believe individual users were targeted, he does hope that by making the research paper on the topic available to the public that it will help security experts and administrators better learn the tactics of groups such as Winnti.
If you're into security and long reading, you can check out the full 95-page report here.