Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

IntSights comment on Activision account hack

September 2020 by Etay Maor, CSO at IntSights

The comment by Etay Maor, CSO at IntSights on 500,000 Activision accounts reportedly being hacked, mostly belonging to players of the popular game, Call of Duty:

“Online gaming has been a target of attackers for a several years now, with World of Warcraft, Zynga and Nintendo being just some of the big names that have been previously targeted. While in some games the accounts themselves can be monetized after the compromise, (for example when WoW was targeted, high ranking characters and special weapons could be sold to the highest bidder) in many cases the breaches are a result of credential stuffing attacks and the creation of a service specific username/password database.

These types of attacks use known email/password databases to check if users have reused their passwords on the gaming platform. If they have – the attackers can easily create a database of compromised accounts.

Users need to make sure they do not reuse passwords as even a strong password, once reused, becomes a security risk. In addition, users should always opt for additional security checks offered by the game such as two factor authentication. The gaming platform should provide these security features as well as use technologies such as CAPTCHA (to stop automated credential stuffing) and basic security checks such as device ID.”




See previous articles

    

See next articles