Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Gaming. Show all posts
Social Engineering
Bots Gaming GitHub malware Redox Stealer Social Engineering

GitHub Scam: Fake Game Mods Steal User Credentials and Data


An advanced malware campaign exploiting GitHub repositories masked as game mods (and cracked software) has been found, revealing a risky blend of automated credential harvesting and social engineering tactics. 

While going through articles on social engineering, cybersecurity expert Tim found “a relatively new scam scheme” that shocked him. “People create thousands of GitHub repositories with all sorts of things - from Roblox and Fortnite mods to "cracked" FL Studio and Photoshop,” says Tim. 

About Redox stealer

Experts have found more than 1,100 dangerous repositories spreading versions of Redox stealer, a python-based malware built to extract important data, browser cookies, gaming platform credentials, and cryptocurrency wallet keys.

When we download and run this software, the data collected from our systems is sent to some Discord server, according to Tim, where “hundreds of people crawl through the data searching for crypto wallet private keys, bank accounts and social media credentials, and even Steam and Riot Games accounts.” 

Redox Stealer Details

Redox runs via a multi-stage data harvesting process that starts with system surveillance. Talking about the technical architecture of the redox stealer, cybersecurity news portal GB Hackers says, “Initial execution triggers a globalInfo() function that collects the victim’s IP address, geolocation via the geolocation-db.com API, and Windows username using os.getenv(‘USERNAME’).”

Issues with Mitigation and GitHub’s Response

Even with GitHub’s malware detection systems, repositories stay functional because:

  1. Activities look real: Accounts with star counts and realistic commit histories escape heuristic analysis. 
  2. Encrypted Payloads: RAR passwords like “cheats4u” stop static code analysis. 
  3. Slow Takedowns: Threat actors rebuild banned repositories via automated topic permutations. 

According to GB Hackers, “The researcher’s spreadsheet of confirmed malicious repos has not yet triggered bulk takedowns, highlighting gaps in proactive monitoring.” 

Conclusion

The GitHub campaign has exposed a significant rise in exploitation of open-source forums for large-scale social engineering. “It's been a long journey and it's barely over - but I think it's more than enough to summarise and discuss the problem,” says Tim. He finds it shocking how easily the information can be accessed online for free “without Tor, without invite, without anyone's approval.”

The information is cleverly disguised as something such as “telegram bot” that sends us offers (scams) or other lucrative baits. 

Read more »
Technology
Artificial Intelligence Gaming PlayStation Technology

PlayStation Boss : AI can Transform Gaming but Won't Replace Human Creativity

 


According to the management at PlayStation, though artificial intelligence (AI) may potentially change the world of gaming, it can never supplant the human creativity behind game development. Hermen Hulst, co-CEO of PlayStation, stated that AI will complement but not substitute the "human touch" that makes games unique.

AI and Human Creativity

Hulst shared this view on the 30th anniversary of the classic PlayStation at Sony. Referring to the growing role of AI, Hulst admitted that AI has the ability to handle repetitive tasks in game development. However, he reassured fans and creators that human-crafted experiences will always have a place in the market alongside AI-driven innovations. “Striking the right balance between leveraging AI and preserving the human touch is key, indeed,” he said.

Challenges and Successes in 2023

Sony’s year has been marked by both highs and lows. While the PlayStation 5 continues to perform well, the company faced numerous setbacks, including massive job cuts within the gaming industry and the failed launch of the highly anticipated game, Concord. The game resulted in players receiving refunds, and the studio behind it was shut down.

On the hardware side, Sony’s new model, the PlayStation 5 Pro, was heavily criticized for its steep £699.99 price point. However, the company had a major success with the surprise hit Astro Bot, which has received numerous Game of the Year nominations.

New Developments and Expanding Frontiers

Sony is also adapting to changes in how people play games. Its handheld device, the PlayStation Portal, is a controller/screen combination that lets users stream games from their PS5. Recently, Sony launched a beta program that enables cloud streaming directly onto the Portal, marking a shift toward more flexibility in gaming.

In addition to gaming, Sony aims to expand its influence in the entertainment industry by adapting games into films and series. Successful examples include The Last of Us and Uncharted, both based on PlayStation games. Hulst hopes to further elevate PlayStation’s intellectual properties through future projects like God of War, which is being developed as an Amazon Prime series.

Reflecting on 30 Years of PlayStation

Launched in December 1994, the PlayStation console has become a cultural phenomenon, with each of its four main predecessors ranking among the best-selling gaming systems in history. Hulst and his co-CEO Hideaki Nishino, who grew up gaming in different ways, both credit their early experiences with shaping their passion for the industry.

As PlayStation looks toward the future, it aims to maintain a delicate balance between innovation and tradition, ensuring that gaming endures as a creative, immersive medium.

Read more »
Technology
AI AI Ecosystem Blockchain Gambling Gaming Technology

Blockchain Meets AI: The Impact of the Artificial Superintelligence Alliance


The Artificial Superintelligence Alliance (ASA), comprising leading AI and blockchain projects such as SingularityNET, Fetch.ai, and Ocean Protocol, has taken a significant step forward by launching a unified token. This move aims to create a more cohesive and efficient decentralized AI ecosystem, with far-reaching implications for various sectors, including the burgeoning field of gambling.

The Vision Behind the Alliance

The ASA’s primary objective is to foster collaboration and integration among decentralized AI systems. By merging their respective tokens—AGIX (SingularityNET), OCEAN (Ocean Protocol), and FET (Fetch.ai)—into a single token called ASI, the alliance seeks to streamline operations and enhance interoperability. This unified token is designed to facilitate seamless interactions between different AI platforms, thereby accelerating the development and deployment of advanced AI solutions.

Decentralized AI: The Future of Technology

Decentralized AI represents a paradigm shift from traditional, centralized AI models. In a decentralized framework, AI systems are distributed across a network of nodes, ensuring greater transparency, security, and resilience. This approach mitigates the risks associated with central points of failure and enhances the robustness of AI applications.

The ASA’s initiative aligns with the broader trend towards decentralization in the tech industry. By leveraging blockchain technology, the alliance aims to create a trustless environment where AI agents can interact and collaborate without the need for intermediaries. This not only reduces operational costs but also fosters innovation by enabling a more open and inclusive ecosystem.

The Role of the ASI Token

The introduction of the ASI token is a pivotal aspect of the ASA’s strategy. This unified token serves as the backbone of the alliance’s decentralized AI ecosystem, facilitating transactions and interactions between different AI platforms. The ASI token is designed to be highly versatile, supporting a wide range of use cases, from data sharing and AI model training to decentralized finance (DeFi) applications.

One of the most intriguing applications of the ASI token is in the gambling industry. The integration of AI and blockchain technology has the potential to revolutionize online gambling by enhancing transparency, fairness, and security. AI algorithms can be used to analyze vast amounts of data, providing insights that can improve the user experience and optimize betting strategies. Meanwhile, blockchain technology ensures that all transactions are immutable and verifiable, reducing the risk of fraud and manipulation.

What it means for the Gambling Industry?

The gambling industry stands to benefit significantly from the advancements brought about by the ASA. By leveraging AI and blockchain technology, online gambling platforms can offer a more secure and transparent environment for users. AI-driven analytics can provide personalized recommendations and insights, enhancing the overall user experience. Additionally, the use of blockchain technology ensures that all transactions are recorded on a public ledger, providing an added layer of security and trust.

The ASI token can also facilitate seamless transactions within the gambling ecosystem. Users can utilize the token to place bets, participate in games, and access various services offered by online gambling platforms. The interoperability of the ASI token across different AI platforms further enhances its utility, making it a valuable asset for users and developers alike.

Read more »
Phishing Attacks
Discord Discord Scam Gaming malware Phishing Attacks

Navigating the Danger Zone: Discord’s Battle Against Malware

Navigating the Danger Zone: Discord’s Battle Against Malware

In a recent six-month investigation, cybersecurity firm Bitdefender discovered a disturbing trend: fraudsters are using Discord, a popular communication platform, to distribute malware and carry out phishing attacks.

The Rise of Malicious Links

The research, in which Bitdefender shows over 50,000 harmful links discovered on Discord, demonstrates the platform's rising vulnerability to cyber threats.

Types of Malicious Links

Malware Distribution: Cybercriminals use Discord to distribute malicious software (malware) to unsuspecting victims. These malware strains can range from spyware and ransomware to keyloggers and remote access Trojans. By enticing users to click on seemingly harmless links, attackers gain unauthorized access to their systems.

Phishing Attacks: Discord is also a playground for phishing campaigns. Scammers create fake login pages or impersonate legitimate services, tricking users into revealing sensitive information such as login credentials, credit card details, or personal data. Phishing links often masquerade as enticing offers or urgent notifications.

Geographical Impact

The study found that users in the United States are particularly targeted, accounting for 16.2% of the threats. However, other countries—such as France, Romania, the United Kingdom, and Germany—are also affected. Cybercriminals cast a wide net, exploiting language barriers and cultural differences to maximize their reach.

Common Scams

One prevalent scam involves promises of free Discord Nitro—a premium subscription service. Users receive messages claiming they’ve won a free upgrade to Discord Nitro, enticing them to click on a link. Unfortunately, these links lead to phishing sites or initiate malware downloads. Users must exercise caution and verify the legitimacy of such offers.

Protecting Yourself

As a Discord user, here are essential steps to safeguard against these threats:
  • Be Skeptical: Treat unsolicited messages with suspicion, especially if they promise freebies or urgent alerts. Verify the sender’s identity before clicking any links.
  • Hover Before You Click: Hover your mouse pointer over a link to preview the URL. If it looks suspicious or doesn’t match the expected destination, avoid clicking.
  • Enable Two-Factor Authentication (2FA): Strengthen your account security by enabling 2FA. This adds an extra layer of protection against unauthorized access.
  • Stay Informed: Keep an eye on security news and updates related to Discord. Awareness is your best defense.
Read more »
Scammer
Cyber Attacks Cyber Hacker Cyber hacks Epic Games Game Hacking Gaming Scammer

Classic Scam the Scammers? Epic Games Hackers Faked the Hack

epic gaming scam

Hackers stage Epic hack

A group announced earlier this week that they had successfully breached Epic Games and taken 189GB of data, including user information. They are now retracting their statements, claiming that they staged the whole event to deceive real hackers.

The group, which goes by the online handle Mogilevich, claims to have accomplished this by promising to sell potential hackers the technology needed to get access to Epic Games. Naturally, the technology and data they sent on—assuming they sent any—would be worthless if the attack had never occurred. According to Mogilevich, it sold this information to eight customers without demonstrating its ability to breach an organization such as Epic.

Epic gaming scam developments

Only a few days have passed since the "hack" was originally made public. After allegedly stealing "emails, passwords, full names, payment information, source code" from its assault on Epic, Mogilevich appeared to be attempting to ransom the data back to the business.

However, Mogilevich has since altered the narrative entirely. Since it's possible that the gang pulled off a hack and this was all misdirection, we cannot confirm whether or not their account of events is accurate. It does, however, correspond with Epic's statement that there was "zero evidence" of any hacking at all.

A Mogilevich member is said to have said, "You may be wondering why all this, and now I'm going to explain everything you need," on a page that it had previously promised would contain information from the Epic breach. "In reality, we are not a ransomware-as-a-service, but professional fraudsters."

Gang aimed to get new contacts

In explaining its methodology, Mogilevich claims that it staged the operation to make fresh connections for fraud. As per the gang, everything went as planned in this aspect, with aspiring hackers reportedly sending over tens of thousands of dollars.

"We don't think of ourselves as hackers but rather as criminal geniuses, if you can call us that", the message continues. They acknowledge that their goal was to acquire access to new "victims to scam," but ideally, users and employees of Epic Games are not among these victims.

Epic still needs to respond to this revelation.


Read more »
Spyware
Gaming Gaming PC Minecraft Online Gaming Privacy Spyware

Gaming PCs as Silent Storytellers: Why Privacy Is Crucial

 


Online games and video games are incredibly popular as a way to connect with people and interact with them. They are a great way to connect with others and interact with them. Many people enjoy playing games online, either on gaming consoles, computers, or mobile devices. However, online gaming also poses some risks, such as viruses, identity theft, and phishing attempts. 

For a game to track its players, a game must track at least some of their interactions during the game to be able to see when they have earned X or Y. Privacy threats are nothing new, but they're often overlooked when it comes to PC gaming. Achievements are one such example.  

As it becomes clear that such in-game tracking is ubiquitous and often taken for granted, it just might be worth taking a closer look at whether PC gaming might be a threat to privacy and how it might be overlooked as such. The information on these devices may be accessible and stolen by identity thieves and other fraudsters if they are not protected.

Spammers can use an unprotected computer as a "zombie drone" to send spam which appears to have been sent from the computer system itself. These computers may be infected with malicious viruses or spyware, causing their computers to be slow and unresponsive. 

There are several ways to secure the privacy of users by taking good care of their devices and protecting them with safety measures and good practices. For important software such as an internet browser, users need to make sure that they download the recommended updates from their device's manufacturer or operating system provider, particularly if it is an important update. 

A variety of tools can be used to prevent the use of malicious software on your device, including antivirus software, antispyware software, and firewalls. It is generally true that PC games are permitted to collect a limited amount of personal information from users so long as users allow them to do so within reasonable limits. Additionally, this data may be used or shared and stored in a wide variety of ways depending on the game device or platform being used. 

Antivirus software


In essence, antivirus software protects users against viruses that can damage their data, slow down or crash their hardware, or even allow spammers to send emails to them through the user's account as a result of their antivirus software. A user's files and incoming emails will be scanned for viruses by antivirus protection, and anything that can cause harm will be removed from the files and emails.

To protect themselves from the latest "bugs" that circulate on the internet, users must keep their antivirus software updated regularly. There is usually a feature in most antivirus software that automatically downloads updates when users are online. An effective firewall works by preventing cyber criminals from entering and using your computer by either using a software program or a physical device. Using Internet search engines, hackers do a similar thing to how some telemarketers use random phone numbers to contact clients. 

Concerns In Online Gaming 

Spyware Threats in Gaming


In the gaming world, players may find themselves at risk of spyware, particularly when engaging with untrustworthy online gaming platforms. Spyware, a clandestine monitoring tool, operates silently, observing a user's online activities without their awareness. The gathered information may be exploited by unscrupulous entities, leading to severe privacy breaches. 

Guarding Against Cyberbullying in Gaming


A typical instance of cyberbullying within the gaming community can be a very distressing experience for those involved. Besides humiliating their targets, the perpetrators also use tactics that attempt to coerce victims into revealing personal information through the use of intimidation and coercion. When obtained, a user's information can be used against them, emphasizing that in a gaming environment, vigilance and protective measures are essential to safeguarding the player's interests. 
Read more »
Web Servers
Authetication Data Breach Game Developer Gaming Gaming Community Private Data Social Media threats Video Games Web Servers

Insomniac Games Cybersecurity Breach

A cyberattack has compromised the prestigious game company Insomniac Games, exposing private data without authorization. Concerns over data security in the gaming business have been raised by this hack, which has spread throughout the community.

Targeting Insomniac Games, the company behind the well-known Spider-Man series, the cyberattack was purportedly executed by a gang going by the name Rhysida. Fans and the gaming industry were left in a state of anticipation and fear as the hackers obtained access to a treasure mine of data, including secret footage of new projects like Wolverine.

The leaked information not only included sneak peeks into future game developments but also internal data that could compromise the studio's operations. The gravity of the situation prompted a rallying of support for Insomniac Games from both the gaming community and industry professionals.

Amid the chaos, cybersecurity experts have been quick to emphasize the importance of robust security measures in an era where digital attacks are becoming increasingly sophisticated. This incident serves as a stark reminder that even major players in the gaming industry are vulnerable to cyber threats.

Insomniac Games responded promptly to the breach, acknowledging the incident and assuring fans that they are taking necessary steps to address the issue. The studio urged users to remain vigilant and promptly report any suspicious activities related to their accounts.

The gaming community, known for its passionate fanbase, has shown solidarity with Insomniac Games in the wake of the cyberattack. Messages of support have flooded social media platforms, emphasizing the need for collective efforts to combat cyber threats and protect the integrity of the gaming industry.

As the situation unfolds, industry leaders and policymakers are likely to scrutinize the incident to enhance cybersecurity protocols across the gaming landscape. The hack serves as a wake-up call for developers and publishers to invest in cutting-edge security measures to safeguard intellectual property and user data.

Leaders in the industry and legislators will probably be closely examining the incident as it develops to improve cybersecurity practices in the gaming sector. Developers and publishers should take note of this hack and invest in state-of-the-art security solutions to protect user data and intellectual property.

The recent hack on Insomniac Games serves as a reminder that even the biggest names in the gaming business are susceptible to online attacks. The aftermath of this disaster calls for the gaming community as a whole to prioritize cybersecurity in addition to data security. One thing is certain as the gaming industry struggles with the fallout from this breach: protecting digital assets is critical to the business's long-term viability and public confidence.
Read more »
Study Finds
Gamers data Gaming Online Gaming Privacy Privacy Policy Study Finds

Study Finds: Online Games are Collecting Gamers’ Data Using Dark Designs


A recent study conducted by researchers, at Aalto University Department of Science, has revealed a dark design pattern in online games in the privacy policies and regulations which could be used in a dubious data collection tactic of online gamers. In order to enhance privacy in online games, the study also provides design guidelines for game producers and risk mitigation techniques for users.

There are about three billion gamers worldwide, and the gaming industry is worth $193 billion, almost twice as much as the combined value of the music and film industries.

Janne Lindqvist, associate professor of computer science at alto noted, “We had two supporting lines of inquiry in this study: what players think about games, and what games are really up to with respect to privacy.’

The study's authors were astonished by how complex the concerns of gamers were. 

“For example, participants said that, to protect their privacy, they would avoid using voice chat in games unless it was absolutely necessary. Our game analysis revealed that some games try to nudge people to reveal their online identities by offering things like virtual rewards,” said Lindqvist in a report published in the journal Proceedings of the ACM on Human-Computer Interaction.

The authors found examples of games that used "dark design," or interface decisions that coerce users into taking actions they otherwise would not. These might make it easier to gather player data, motivate users to connect their social media profiles, or permit the exchange of player information with outside parties. 

“When social media accounts are linked to games, players generally can’t know what access the games have to these accounts or what information they receive,” said Amel Bourdoucen, doctoral researcher in usable security at Aalto.

For instance, in some of the prevalent games, gamers can log in with their social media accounts. However, these games may not disclose the information they have gathered in the interaction. “Data handling practices of games are often hidden behind legal jargon in privacy policies,” said Bourdoucen.

It has thus been suggested to gaming authorities to specify the data they are collecting from the users, making sure that the gamers acknowledge and consent to their data being collected.

“This can increase the player’s awareness and sense of control in games. Gaming companies should also protect players’ privacy and keep them safe while playing online,” the authors wrote.

The study reveals that the gamers often had no idea that their chat-based conversations could be revealed to outside parties. Additionally, throughout a game, players were not informed about data sharing.

The study further notes that the players are aware of the risks and in fact take certain mitigation methods.

Lindqvist says that, “Games really should be fun and safe for everybody, and they should support the player’s autonomy. One way of supporting autonomy would be able to let players opt out from invasive data collection.”  

Read more »
Subscribe to: Posts (Atom)