Hackers are targeting the ‘treasure’ of game publishers

Gamers who are familiar with the situation of hackers hacking accounts and installing malicious code in games that have been cracked (game crack). But now it is the turn of publishers and game developers to taste the same.

On June 10, Electronic Arts was the latest victim of hackers when they targeted game source code and data. Earlier in February, famous Finnish developer CD Projekt was attacked for ransom with the same trick as the attack on Capcom in November 2020.

The attacker stole important data and warned Capcom by spreading its game release schedule.

Hackers sell the source code of Electronic Arts on the underground forum of hackers.

In two recent attacks, hackers claimed to have obtained the source code for the FIFA and Cyberpunk 2077 series, along with a library of source code and digital assets, known as the game engine used to create the game. Instead of asking for a ransom, the hackers said they would auction these source codes.

In response to the attack, CD Projekt said it rebuilt its core infrastructure, upgraded its firewall, expanded its internal cybersecurity team, and encouraged third parties to help ensure security. network.

EA said it lost the source code and related tools in the attack, but believes that the user’s data is not at risk. EA has since ramped up its internal penetration testing team based on the methods outlined in the cybersecurity-enhancing executive order President Biden signed on May 12.

As for Capcom, in a report on April 13, the Japanese game company said it had upgraded its technology and established a Cybersecurity Monitoring Committee. Related issues are also covered by Capcom in this report.

Studios regularly face the huge challenges of the gaming industry. They have to constantly move data in and out of online game servers, which means they need security tools that are customized for different game servers.

In addition, the highly dismissive nature of the game industry means that the entire development team can be replaced once the project is completed. This means more people will have access to sensitive data, creating a security challenge.

Hackers, once they have the source code, can sell them or use them to attack the game itself in unexpected ways. For example, by breaking into the core functionality of a game, hackers can create a tool that can help them impersonate the publisher and send phishing emails to all players.

Previously, CD Projekt was also questioned by hackers.

In addition, cloned versions of the game can be created with malicious code attached to distribute. Whether the Play Store or the App Store has strict protections, such clones can be distributed on the secondary market in the form of attractive offers such as a hack, a free version (of a game that requires payment). fee), language localization (the game is only available in English)…

Hacking tools not only spread malicious code, but also reduce game revenue, especially fighting games like eSports.

In March, market research firm Newzoo estimated that the eSports market revenue is estimated to reach $1 billion in 2021 with 474 million global viewers. For the gaming industry as a whole, revenue in 2020 is already equal to the US movie and sports industries combined, according to International Data Corp estimates.

In the future, business models like selling in-game items could be compromised by hackers as they analyze the source code and figure out how to attack.

EA’s online services revenue now accounts for 71% of net sales, reaching $4.01 billion in fiscal year 2021. About $1.62 billion of this comes from FIFA’s Ultimate Team online game mode.

EA hopes that the recent attacks will not affect the company’s business or the value of shares on the stock exchange.

According to WSJ