These hackers have found new targets, the billion-dollar video games industry to profit with their malicious activities.
Online games today involve a lot of coins, tokens and digital currency, which makes it an attractive avenue for these hackers to profit through cyber attacks.
The group of Chinese hackers, known as APT 41, exploits their way in using brute force attacks, spear-phishing and supply chain attacks.
Brute force attack works by software to automate the login attempts on a system, using a stored list of passwords. That is why it is always recommended to use hard-to-guess passwords.
Supply chain attacks, on the other hand, can occur when hackers compromise software used by major companies and gain access through malicious backdoors.
These attacks have not only affected video game companies, but reached plenty other corporations around the globe.
Their modus operandi works by modifying video games companies databases to generate certain items, or virtual currency for themselves. They will then sell these items through a marketplace called SEA Gamer Mall, a company based in Malaysia.
The hacking campaign had run for 6 years and affected video game companies based in the US, South Korea, Japan and Singapore.
Their long-time operation has been successful, all due to the hackers’ initiative to be a step ahead. They monitored their protection to avoid fraud detection.
According to a US-based video game company, it was also reported that the hackers compromised their system through an email, pretending to be a former employee with a malware-laced resume attached.
Condition Zebra, Malaysian based IT security company, would like to remind organizations to carry out penetration testing regularly to identify any break-ins and to always plan a step ahead in combating intruders.
Source: CNet