Chinese Hackers Suspected Of Mass Cyber Espionage On Games Industry
A group of hackers believed to be based in Chinahave been hacking computer games companies, stealing plenty of vital data, including games’ source code, as part of a big cyber espionage campaign.
the affected businesses, of which there are at least 30, are mostly based in South East Asia but with some in the US and elsewhere. Most are massively multiplayer online games developers, but the affected companies have opted to stay anonymous.
At the heart of the attacks lie digital certificates, supposed to prevent attacks by proving the legitimacy of code and its provenance. The Winnti hacking group has pilfered over 1000 digital certificates from developers in order to spread their malware over the last year and a half.
Cyber espionage on gaming businesses
Kaspersky started tracking the attackers in 2011 when their malware was accidentally sent out by a games company as an update, having been signed with a genuine certificate. Users are likely to download malware masquerading as updates if they are signed with what appears to be a legitimate certificate.
Vitaly Kamluk, researcher from Kaspersky Lab, said acquiring such certificates was as useful for hackers as uncovering zero-day vulnerabilities, flaws that the software makers are unaware of and have not patched.
Certificates were also being sold on the underground market, as the Winnti group sought to make as much money as possible from their campaign. It’s likely they were selling for tens of thousands of dollars.