Categories
Game

2K confirms its support desk was hacked to send malware to gamers

Video game publisher 2K is warning the public not to open any emails from its support account after confirming it had been hacked. “Earlier today, we became aware that an unauthorized third party illegally accessed the credentials of one of our vendors to the help desk platform that 2K uses to provide support to our customers,” the official 2K Support Twitter account posted on Tuesday.

News of the security breach broke yesterday after  shared screenshots of phishing emails sent to 2K customers. The emails took the form of unsolicited support tickets. Those who opened the message were subsequently sent a second email prompting them to download “the new 2K games launcher.” Putting the 107MB executable through and , Bleeping Computer found it contained designed to steal any passwords its target may have stored on their browser.

For anyone who may have clicked on a link in the emails, 2K recommends immediately changing any passwords stored in your browser, enabling two-factor authentication where possible, installing anti-virus software and checking that the forwarding settings on your email accounts haven’t been changed.

2K shares the same parent company as Rockstar Games. Over the weekend, the studio suffered an unprecedented security breach that saw early gameplay footage of shared widely online. While there’s no evidence to suggest the two incidents are linked, the Rockstar Games hacker claimed they were also responsible for the recent . On Monday, the company said it was working with the FBI to investigate the incident.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.



Repost: Original Source and Author Link

Categories
Game

‘Destiny 2’ cheat maker AimJunkies claims Bungie hacked them

Destiny 2 developer Bungie has been on a legal spree recently: It sued one user over cheating and threats against its employees, as well as a YouTuber who issued nearly 100 false DMCA claims against other creators. But after suing the cheat developer AimJunkies last year, Bungie is now facing a countersuit. AimJunkies claims the developer illegally hacked an associate’s computer, reports TorrentFreak (via Kotaku). Additionally, they allege Bungie also violated the DMCA by breaking through that machine’s security.  

Bungie’s current Limited Software License Agreement (LSLA) gives the company’s BattleEye software permission to scan computers for anti-cheat tools, but that wasn’t true back in 2019, when the alleged hack began. According to AimJunkie’s counter-suit, Bungie accessed a computer owned by its associate James May several times throughout 2019 and 2021. It goes on to allege that Bungie used information from those hacks to gather information about other potential suspects. 

Phoenix Digital, the company behind AimJunkies, didn’t stop there. It also claims the Bungie violated its Terms of Service by buying AimJunkies’ software and reverse-engineering its source code. If this all sounds a bit ironic, that’s because Bungie accused the company of similar tactics in its original suit. James May and Phoenix Digital are demanding damages, as well as an end to any future hacks and DMCA breaches. When asked for comment, a Bungie spokesperson said it doesn’t comment on ongoing litigation.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.

Repost: Original Source and Author Link

Categories
Security

2K Support warns users that it has been hacked

Borderlands and BioShock publisher 2K Games has been hacked. The company announced the breach on Wednesday, and it is warning customers to change their passwords and not open any emails from its support page.

The 2K Support Twitter account, which was not affected by the hack, posted the following message, saying that the hacker was sending seemingly legitimate emails to certain players containing malicious links, and strongly advised customers not to click on those emails if they happen to receive them. As a result, the company’s support page has gone offline while it resolves the issue.

Hey folks, please read an important message from our Customer Support team. Thank you. pic.twitter.com/yKI18eL7mY

— 2K Support (@2KSupport) September 20, 2022

If customers have clicked on the links already, 2K strongly urged them to immediately reset any passwords stored in their browser, enable multifactor authentication wherever possible, run a reputable anti-virus program, and check their account settings to see that no forwarding settings have been changed. The company then reiterated that it would never ask anyone for their password or other personal information, and apologized for any inconvenience the hack may have caused them.

The breach of 2K’s support is the latest in a series of cyber attacks committed in the last four days. On Saturday night, a hacker compromised Rockstar Games and leaked 90 video clips of development footage for Grand Theft Auto 6 on GTA Forums, causing a storm of controversy. The leaker, who is allegedly part of Lapsus$, is being investigated by the FBI after Uber also came forward confirming that it, too, suffered a cyberattack by the same person. It’s currently unknown who is behind this 2K hack.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Game

US authorities recover $30 million of hacked ‘Axie Infinity’ crypto funds

US authorities, with help from blockchain analyst Chainalysis, have recovered $30 million worth of cryptocurrency stolen from Axie Infinity in March. It’s but a fraction of the $625 million the play-to-earn game lost to the North Korean-linked hacking unit known as the Lazarus Group, but it’s a significant achievement for law enforcement and the crypto community. Chainalysis says this is the first time that cryptocurrency stolen by a North Korean hacking group has been seized.

As the analyst explains, North Korea-linked groups typically use Tornado Cash to mix Ether, but the sanctions the US imposed on the mixer forced them to employ alternative techniques. They now use blockchain bridges to switch between different kinds of digital coins in an effort to obscure the source of their funds, and the analyst had the tools necessary to trace those cross-chain movements.

Apparently, most of the funds stolen from Axie Infinity remain in the blockchain, showing that the bad actors are having a tough time moving stolen assets around and converting them into fiat currency. Chainalysis seems confident that this won’t be the last time stolen funds would be recovered from these hacking groups.

According to Bleeping Computer, news about the fund retrieval was announced at the ongoing AxieCon event. The game’s publishers have revealed that the money authorities recovered will be gradually moved into Axie Infinity’s treasury and then back to its player community. However, it won’t be a quick process, and it could take several years to accomplish.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.

Repost: Original Source and Author Link

Categories
Security

TikTok denies reports that it’s been hacked

TikTok is denying reports that it was breached after a hacking group posted images of what they claim is a TikTok database that contains the platform’s source code and user information (via Bleeping Computer). In response to these allegations, TikTok said its team “found no evidence of a security breach.”

According to Bleeping Computer, hackers shared the images of the alleged database to a hacking forum, saying they obtained the data on a server used by TikTok. It claims the server stores over 2 billion records and 790GB worth of user data, platform statistics, code, and more.

“We have confirmed that the data samples in question are all publicly accessible and are not due to any compromise of TikTok systems, networks, or databases,” TikTok spokesperson Maureen Shanahan said in a statement to The Verge. “We do not believe users need to take any proactive actions, and we remain committed to the safety and security of our global community.”

Most of the “stolen” data appears to have been public-facing information scraped from the platform. Troy Hunt, a regional director at Microsoft and the creator of the Have I Been Pwned tool, called the hackers’ data “inconclusive,” but surmised “it could be non-production or test data” that likely wasn’t taken through a breach.

The hacking group, who call themselves “AgainstTheWest,” claim they also obtained data from the Chinese messaging app WeChat. However, Hunt was unable to confirm whether the hackers’ database contained stolen information, and WeChat didn’t immediately respond to The Verge’s request for comment.

Both TikTok and WeChat have come under scrutiny over their ties to China (ByteDance, TikTok’s parent company, is based in China). TikTok has taken several steps, such as housing American data on Oracle’s US-based servers, in an attempt to reverse recent reports about TikTok employees in China accessing US users’ information.



Repost: Original Source and Author Link

Categories
Game

Bandai Namco says it was hacked and customer data may have been accessed

said it was the victim of a cyberattack and that hackers accessed confidential information. The company told it is investigating the matter, though it noted there’s a chance that “customer information related to the Toys and Hobby Business in Asian regions (excluding Japan)” was present on servers and PCs the hackers infiltrated.

Earlier this week, a ransomware group it carried out an attack on the Elden Ring publisher. Bandai Namco has now confirmed that someone breached its systems. “On 3rd July, 2022, Bandai Namco Holdings Inc. confirmed that it experienced an unauthorized access by third party to the internal systems of several Group companies in Asian regions (excluding Japan),” the company said.

It’s not clear when Bandai Namco discovered the breach or when it resolved the issue. The publisher said it took “measures such as blocking access to the servers to prevent the damage from spreading.” It’s working with third-party partners to shore up security.

Bandai Namco is assessing the “existence of leakage, scope of the damage and investigating the cause.” The company says it will disclose findings of the investigation “as appropriate.” It also apologized “for any complications or concerns caused by this incident.”

Hackers have targeted a number of gaming companies in the last few years.  studio CD Projekt Red was the early last year, but it refused to pay up. The developer that data stolen in the attack was circulating online. Hackers have also infiltrated and Capcom systems in the last couple of years.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
Security

Elden Ring publisher Bandai Namco confirms reports it was hacked

Bandai Namco, the game publisher behind popular titles like Elden Ring, Dark Souls, and Tekken, confirmed that it was the victim of a hack. According to a report from Eurogamer, the publisher says it experienced “unauthorised access” to its “internal systems” when the breach took place on July 3rd.

Reports that Bandai Namco suffered an attack surfaced earlier this week. On Monday, vx-underground, a group that tracks malware source code across the web, posted a screenshot on Twitter showing that the group behind the ALPHV ransomware, also known as BlackCat, added Bandai Namco to its list of victims with the words “data soon.”

While Bandai Namco’s statement confirms that a hack took place, it still doesn’t indicate who was behind the attack or what kind of data the hackers managed to steal (if any). In a statement obtained by Eurogamer, Bandai Namco says hackers targeted internal systems of its companies in “Asian regions (excluding Japan)” and that it has “taken measures such as blocking access to the servers to prevent the damage from spreading.” The company adds that “there is a possibility” customer information associated with its toys and collectibles business may have been compromised as well.

According to BleepingComputer, the BlackCat ransomware group first emerged in November 2021 and has since breached over 60 companies across the world. The hackers behind BlackCat may be related to the bad actors who carried out last year’s major Colonial Pipeline breach. They recently targeted a government agency in Austria, a Swiss aviation service, and the luxury fashion brand Moncler. The BlackCat gang also started letting users search through stolen information on its site as a way to get its victims to pay up.

“We are currently identifying the status about [the] existence of [the] leakage, scope of the damage, and investigating the cause,” Bandai Namco explains. “We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.” The Verge reached out to Bandai Namco with a request for comment but didn’t immediately hear back.



Repost: Original Source and Author Link

Categories
Security

British Army’s YouTube and Twitter accounts were hacked to promote crypto scams

Both the British Army’s Facebook and Twitter accounts were hacked and used to promote cryptocurrency scams, the UK Ministry of Defence confirmed on Sunday. It’s unclear when exactly hackers took over the two accounts, but they both appear to be back to normal now.

“We are aware of a breach of the Army’s Twitter and YouTube accounts and an investigation is underway,” the Ministry of Defence Press Office said on Twitter. “The Army takes information security extremely seriously and is resolving the issue.”

Hackers hijacked the British Army’s Twitter page, swapping out the organization’s profile picture, bio, and cover photo to make it seem like it was associated with The Possessed NFT collection. The account sent out various retweets for NFT giveaways, and its pinned tweet linked users to a fake NFT minting website.

The videos on the British Army’s YouTube channel were replaced with old livestreams featuring Elon Musk and Jack Dorsey.

Bad actors also stripped the British Army’s YouTube channel, deleting all its videos, as well as changing its name and profile picture to resemble the legit investment firm Ark Invest. Hackers replaced the British Army’s videos with a series of old livestreams featuring former Twitter CEO Jack Dorsey and Tesla CEO Elon Musk. These livestreams were previously aired as part of The B Word conference held by Ark Invest last June, but hackers added an overlay that encouraged users to participate in a crypto scam. The channel aired four livestreams at once, with some of them racking up thousands of viewers.

As Web3 Is Going Just Great blogger Molly White points out, the scammers who took over the British Army’s accounts carried out their scheme with some of the same tactics used in the recent past. In March, hackers took over the Twitter account belonging to MKLeo, one of the world’s top Super Smash Bros. Ultimate players, and used it to peddle phony NFTs made to look like they were associated with The Possessed. Just two months after that incident, scammers managed to steal $1.3 million using the same Ark Invest livestreams that were repurposed for this hack.

Twitter spokesperson Rocio Vives told The Verge that the British Army’s account Twitter “has since been locked and secured,” and that “account holders have now regained access and the account is back up and running.” Google didn’t immediately respond to The Verge’s request for comment.



Repost: Original Source and Author Link

Categories
Security

Lil Nas X, Kanye West, and Taylor Swift were among the Vevo YouTube channels hacked Tuesday

On Tuesday morning, YouTube channels for some of the world’s biggest stars showered fans with strange music videos. Vevo channels for artists like Lil Nas X, Eminem, Drake, Taylor Swift, Ariana Grande, Harry Styles, The Weeknd, Michael Jackson, Kanye West, and many others were affected. The channels in question have subscriber counts that add up to hundreds of millions. Before the videos disappeared, viewers saw bizarre clips of Paco Sanz, a Spanish conman sentenced to two years in jail after being convicted of fraud for lying about having terminal cancer, and rapper Lil Tjay.

YouTube did not respond to requests for comment from The Verge; however, Vevo — which bills itself as “the world’s leading music video network” — did acknowledge the incident. A spokesperson responded to contact via Vevo’s public press information and requested not to be named, citing the “nature” of the incident. They said in a statement that “Some videos were directly uploaded to a small number of Vevo artist channels earlier today by an unauthorized source.”

Besides noting that the videos are gone, they also claimed, “No pre-existing content was accessible to the source. While the artist channels have been secured and the incident has been resolved, as a best practice Vevo will be conducting a review of our security systems.”

Another Vevo-related breach in 2018 saw popular music videos defaced, while the then-most-viewed YouTube video of all time, “Despacito” (it is now second, behind “Baby Shark”), was vandalized and briefly removed.

Google and YouTube have recently focused on trying to secure popular channels. Last year a report highlighted a phishing campaign targeting creators, YouTube required millions of popular channels to enable two-step verification, and Google says it gave away hardware authentication keys to over 10,000 high-risk users.

Despite those precautions, an apparent compromise somewhere along Vevo’s pipeline allowed the attacker, who pointed to their Twitter handle @lospelaosbro in the posts, to continue uploading across high-profile channels for several hours.

The artists or the people who operate their pages were likely unable to do anything about the issue. Vevo’s artist information page explains that it works by creating a separate verified Artist Channel to upload videos, and YouTube merges that content with videos on the artist’s own YouTube page. A support page states that “Vevo does not provide access directly to artists.” Instead, independent content providers or the artist’s music label will upload the content to Vevo, which sends it to YouTube and other channels.



Repost: Original Source and Author Link

Categories
AI

Algorithms that detect cancer can be fooled by hacked images

Artificial intelligence programs that check medical images for evidence of cancer can be duped by hacks and cyberattacks, according to a new study. Researchers demonstrated that a computer program could add or remove evidence of cancer from mammograms, and those changes fooled both an AI tool and human radiologists.

That could lead to an incorrect diagnosis. An AI program helping to screen mammograms might say a scan is healthy when there are actually signs of cancer or incorrectly say that a patient does have cancer when they’re actually cancer free. Such hacks are not known to have happened in the real world yet, but the new study adds to a growing body of research suggesting healthcare organizations need to be prepared for them.

Hackers are increasingly targeting hospitals and healthcare institutions with cyberattacks. Most of the time, those attacks siphon off patient data (which is valuable on the black market) or lock up an organization’s computer systems until that organizations pays a ransom. Both of those types of attacks can harm patients by gumming up the operations at a hospital and making it harder for healthcare workers to deliver good care.

But experts are also growing more worried about the potential for more direct attacks on people’s health. Security researchers have shown that hackers can remotely break into internet-connected insulin pumps and deliver dangerous doses of the medication, for example.

Hacks that can change medical images and impact a diagnosis also fall into that category. In the new study on mammograms, published in Nature Communications, a research team from the University of Pittsburgh designed a computer program that would make the X-ray scans of breasts that originally appeared to have no signs of cancer look like they were cancerous, and that would make mammograms that look cancerous appear to have no signs of cancer. They then fed the tampered images to an artificial intelligence program trained to spot signs of breast cancer and asked five human radiologists to decide if the images were real or fake.

Around 70 percent of the manipulated images fooled that program — that is, the AI wrongly said that images manipulated to look cancer-free were cancer-free, and that the images manipulated to look like they had cancer did have evidence of cancer. As for the radiologists, some were better at spotting manipulated images than others. Their accuracy at picking out the fake images ranged widely, from 29 percent to 71 percent.

Other studies have also demonstrated the possibility that a cyberattack on medical images could lead to incorrect diagnoses. In 2019, a team of cybersecurity researchers showed that hackers could add or remove evidence of lung cancer from CT scans. Those changes also fooled both human radiologists and artificial intelligence programs.

There haven’t been public or high-profile cases where a hack like this has happened. But there are a few reasons a hacker might want to manipulate things like mammograms or lung cancer scans. A hacker might be interested in targeting a specific patient, like a political figure, or they might want to alter their own scans to get money from their insurance company or sign up for disability payments. Hackers might also manipulate images randomly and refuse to stop tampering with them until a hospital pays a ransom.

Whatever the reason, demonstrations like this one show that healthcare organizations and people designing AI models should be aware that hacks that alter medical scans are a possibility. Models should be shown manipulated images during their training to teach them to spot fake ones, study author Shandong Wu, associate professor of radiology, biomedical informatics, and bioengineering at the University of Pittsburgh, said in a statement. Radiologists might also need to be trained to identify fake images.

“We hope that this research gets people thinking about medical AI model safety and what we can do to defend against potential attacks,” Wu said.

Repost: Original Source and Author Link