Another hack has hit a gaming community.
Cyberattackers were able to get details for 1.6 million accounts from the official forums for the mobile strategy game Clash of Kings, according to data on breach-tracking site LeakedSource (via ZDNet). The assault happened on July 14, and it was able to get email addresses, usernames, IP addresses, and Facebook data. Clash of Kings is a popular app in the $36.9 billion mobile gaming market, but these kinds of security failures could scare off that community.
We’ve reached out to developer Elex for a comment, and we’ll update this story with a comment from the company.
“Exposing vulnerable applications to the internet is like walking through the hall with a kick-me sign stuck on your back,” Tripwire senior security researcher Travis Smith said in a comment provided to GamesBeat. “Attackers can quickly search the Internet for any system with a known vulnerability, then use readily available tools to exploit and take over the system.”
Most data stored in servers for something like a game forum probably isn’t attractive to most cybercriminals. People typically do not store their credit card information on a message board. But that doesn’t mean hackers won’t find something valuable — like proprietary development code.
Smith explains that developers and others need to stay vigilant to stay ahead.
“With the steady release of patches across a multitude of operating systems and applications, it’s incredibly difficult to stay ahead of the patching game,” he said. “Actively scanning for known vulnerabilities against Internet accessible systems is an efficient way to be aware of what your vulnerable attack surface looks like. With this information the business can focus on installing patches and updates to address what is most important for the business.”