Shulou(Shulou.com)11/24 Report--

This article comes from the official account of Wechat: ID:chuappgame, author: Zhu Siqi

"you can only be a thief for a thousand days, but you can't guard against thieves for a thousand days."

As the saying goes, "only a thousand days to be a thief, there is no thousand days to guard against thieves." It means that even if a person is very vigilant, it is inevitable that there will be omissions when he is remembered by the thief at any time.

Unfortunately, for game makers, this sentence always seems to come true.

On January 21, Riot Games issued a statement saying that the company's internal information had been stolen by hackers, and then received blackmail from the hackers involved. Of course, the fist rejected the other party's request to recover the loss with ransom. At the same time, the fist promised: "it is certain that no user's information or personal information has been affected by this incident."

According to a third-party data security agency, the stolen fist involves the source code of the game "League of Legends" and "Yunding Chess", as well as the source code of an anti-cheating platform used in the "fearless contract". Hackers demanded a "hush fee" of as much as $10 million. Because the fist has no intention to negotiate, the hacker who failed to extort money put the source code file on a forum for auction and made the file directory into a PDF file for reference. The starting price for the source code is $1 million.

The fact that the fist confirmed in subsequent announcements that the source code had been leaked did not even spread widely, perhaps because similar experiences among manufacturers are no longer in the news. Hacker attacks on large factories have emerged one after another in recent years, and the process is similar.

The most common and common means used by hackers may be DDoS attacks. To put it simply, this kind of attack is equivalent to generating a lot of data packets, which makes the data processing capacity of the online game server surge in a short period of time and overwhelmed. During this period, normal players are almost unable to go online, which seriously affects the game experience and can lead to the closure of the game. According to the Global DDoS threat report for the first half of 2021, released in September 2021, 39 per cent of the victims of such attacks worldwide are game companies. It is worth mentioning that the attackers are not only organized professional hackers, but also likely to come from malicious cheating gamers. Due to the existence of the online underground industry, even ordinary people have access to the tools to launch such attacks.

The game industry has been plagued by DDoS attacks. Some larger and more serious data security crises are also frequently coming into the eyes of players. Hackers in such attacks tend to be more professional, and the stolen data is more confidential to game companies. Their initial goal is often to extort money with data. If the game company refuses to pay the ransom, some hackers will try to sell the data to others, as in this fist incident, and some will choose to share the data publicly.

Judging from the fact that these hackers do not make public data, in addition to intimidating them to get money, they may enjoy the sense of attention that this behavior brings to them. they are also happy to see the embarrassment brought to game companies by the disclosure of all kinds of confidential information. Coupled with players' natural curiosity and close attention to the new trends of manufacturers, the more famous and larger the game company is, the more and more the whole thing deviates from the nature of information crime, like a bizarre carnival.

From the previous cases of the game companies that have suffered from it, almost all the front-line game companies that can be named have suffered from large-scale hackers. Even if you only look at recent years, many events are familiar to players.

In 2020, 300000 user information was stolen in a hacker attack by Nintendo. Hackers manipulated stolen accounts for various intra-game transactions, and many players suffered financial losses. It was also in this year that the naughty dog's server was hacked, resulting in a serious leak of the plot of "Last Survivor: part II". At the end of the same year, Ubisoft's intranet was attacked and the source code of "watchdog: Legion" was leaked. Hackers released the code online for free and could be downloaded publicly.

In February 2021, CD Projekt Red's intranet was hacked, and hackers stole the source code of "Cyberpunk 2077" and "Wizard 3: hunting". The data was auctioned for $7 million after CDPR refused to pay the extortion money. In June, EA had more than 780GB data stolen, including source code for many of its games, and even code for the Frost engine and some development tools. EA also refused to negotiate with the hackers, and the data were later made public illegally.

The actual impact of code leaks on games is often unknown to the public, and the hacker attack on Capcom in November 2020 is probably the most frequently talked about by the player community, not only because the data breach was very serious. it is also because of a series of very dramatic actions by hackers after blackmail failed. On November 2, the intranet of Capcom's headquarters was hacked, and hackers stole confidential information about 1TB, including all kinds of sales information, usually trade secrets, personal information of some employees and members, and plans to release Capcom's series of games.

Using these extremely sensitive data as a threat, hackers publicly sent e-mails to Capcom, ordering Capcom to respond within a limited time and pay huge rewards. But like other peers, Capcom did not negotiate with the hackers, whether in terms of the dignity of the big companies or the law, but issued risk tips to players and customers whose information had been leaked.

The hackers seemed a little annoyed. For nearly a week after that, the author released a little bit of "good news" online every day, including a lot of news about the new work. For a while, there was a carnival craze of "Uncle Party" among the players, which was more lively than watching the trailer released by TGA. The news of Capcom's new IP spread all over the Internet, and many people jokingly called the leak as a hacker holding a "text version press conference" for Capcom in advance.

A lot of the important content leaked at that time proved to be true, or very close to the truth. For example, biochemical Hazard: the Village was released in May 2021, only a month after the leak; Monster Hunter: rise, which was once exclusive to NS, was transplanted to PC and other platforms, as hackers say; and the multi-platform transplant of the reversal referee: the Chronicle arrived as expected.

Some other news is different from the actual situation. For example, leaked data show that "Street Fighter 6" and "reverse referee 7" will go on sale in the third quarter of 2021. At present, it seems that "Street bully 6" is still in the publicity stage and has not yet officially met with the players; the new "reverse referee 7" and the transplant collection "reverse referee 456" do not even have a shadow. Plans for the release of some undisclosed projects have not been confirmed. Of course, it is uncertain when the game under development will be released, and Capcom himself will not be able to stick to the plan 100%.

After Capcom had a large number of IP and a large amount of information was leaked, the discussion in the community was particularly lively. Some players joked that the hacker's behavior was a "reverse explosion" of Capcom, meaning that the final effect of such a farce was like a free advertisement for game companies, but it was also difficult for outsiders to judge whether those changed plans were the consequence of this leak, the leaked personal information. It may also have caused a lot of undisclosed losses.

Another major leak came from Rockstar Games. In September 2022, 90 pieces of real-world images of "three Men and one Dog 6" were illegally published on the Internet. Players have been looking forward to this sequel for many years, but there has been a lack of official news. Of course, the leaked video spread rapidly on social networks and caused a great storm of public opinion. Some players comment on the images in development, criticize the picture quality and play design, and think that the sequel is not in line with expectations. The official announcement of R Star said that it is a pity that the new work will be met with players in this way, and they are making every effort to ensure that the progress of development will not be affected.

After the incident fermented to a certain extent, the practitioners of large factories outside R Star could no longer sit still and stood up one after another to support their peers. They say the situation facing R Star-- public opinion taken out of context about pieces of development-- is one of the biggest consequences of data leaks and one of the reasons why many developers are reluctant to release news of their new works too early. In a sense, the leak uncovered the contradictory side of the relationship between developers and the player community. Although most developers are willing to actively communicate with players and maintain good relationships, even if there are a very small number of "network trolls" and harassers in the context of the average player's lack of professional knowledge, sometimes it will have a negative impact on the progress of development and the physical and mental health of developers.

Most of these things about the plight of small and medium-sized manufacturers occur in large-scale game manufacturers. Hackers are happy to target big companies, perhaps not only because they are so rich and powerful that they can afford to pay tens of millions of ransoms, but also because they are well-known and have a large number of players. Once there are problems with data or servers and have a wide range of influence, it is easy to make explosive news. The initiators who hide in the dark can also earn both fame and fortune.

On the other hand, big companies tend to refuse extortion. Their chassis is solid, and their own development and operation will not be directly affected by it. Among the official announcements issued by manufacturers after many incidents, "there is no disclosure of user information" and "development is still steadily in progress" are the two most common statements.

Some small factories are not so lucky. On the one hand, the influence of small factories is not so great, and hackers visit just for money. If there is no money in the picture, and there is no additional exposure value, manufacturers are easy to be "torn up", seriously or even affect the survival of their games.

Toule has reported on such unprovoked manufacturers, most of which face server anomalies caused by DDoS attacks. A PvP mobile game "sword playing" has been online for only one day, but the service was suspended because the war server was paralyzed by an attack. The development cost of this kind of small and medium-sized manufacturers is limited, it is very difficult to purchase advanced defense services in advance, and the start-up service is the most critical time in the game life cycle. Players excitedly download the game, only to find that they can't log in, can't play, and are so angry that they turn around and leave, and may never come back.

Fortunately, the problem of "playing the sword" has finally been solved. The game is reopened and normal operation does not pay, and every day of dealing with paralyzed servers means losses. If you give money, you may not be able to raise your head in front of your peers. Developers can't swallow this either. Ironically, the protagonist of the above report received a hacker blackmail asking for 20, 000 yuan, while the cost of buying advanced defense services was 50, 000. Among the choices faced by small developers, "spending money to eliminate disasters" is obviously a more rational, but also more humiliating option. Of course, being "hacked" is a natural disaster, and this strange choice should not have appeared.

A depressing fact is that in reviewing the news, the experiences of large and small and medium-sized manufacturers show a helpless common ground-all the incidents almost came to nothing in the end. Capcom issued a final investigation report in April 2021, saying it would update equipment and strengthen safety training for relevant personnel, while most other news found no follow-up. Cyber attack is a worldwide problem, not only the transnational crackdown is fraught with difficulties, but also the Internet itself has too many places outside the law. Even if the small and medium-sized manufacturers report to the police and put on record, they are unlikely to prevent such things from happening, and it is even more difficult to recover their losses. Domestic developers can only hope that more reliable publishers and upgrading technology will help them plan ahead.

It is unknown how the fist incident will ferment in the future. It's a little too hard to expect not to be missed by thieves, and perhaps our more realistic expectation is that such leaks will no longer turn into Uncle Party revelry and weird player carnivals. Just leave the leaked data quietly in the dark.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.