5 January 2023

Cyrex Hacking Roundup: December 2022

Welcome to our first hacking roundup of 2023! We hope you had a wonderful holiday season and are excited to start the new year. This month's roundup looks at a report claiming that 66% of Americans have been hacked while playing video games, the recent UberLeaks attacks and how 'Operation Power Off' is targeting DDoS providers.

66% of Americans Got Hacked While Playing Video Games | Beyond Identity

It should come as no surprise that all of us at Cyrex are avid gamers who enjoy nothing more than kicking back and escaping reality with the latest titles in our spare time. However, we are acutely aware of the risks and challenges that players are now facing as a result of the rise of online hacks and scams. So, we were very interested in the feedback from a recent study by Beyond Identity, which interviewed over 1,000 American gamers about their cybersecurity experiences.   Two-thirds of respondents reported having at least one experience with being hacked while playing video games, indicating how frequent the occurrence is. However, PC players had the greatest chance of flying under the radar from these attacks. Nearly 50% of them have never been the victim of a hack or scam. Conversely, Xbox users were the most likely to be targeted, with close to 25% of users falling victim to hacks or scams six times or more.   The email addresses of players who were victims of cyber hacks were the most commonly compromised (53%). Furthermore, the user's phone number was the second most vulnerable item targeted by malicious agents (48%), and perhaps most concerning, 45% of users polled had reported incidents in which their payment data and financial accounts had been at risk.  

Over 77,000 Uber employee details were exposed in a data breach.

Uber suffered a data breach after Teqtivity, a software company that provides asset management and tracking services for Uber, was targeted in a cyberattack. Under the alias 'UberLeaks,' the malicious party responsible posted confidential company information they claimed to have stolen in the breach to the hacking community on BreachForums   According to the cybersecurity news site BleepingComputer, the leaked information includes "source code, IT asset management reports, data destruction reports, Windows domain login names and email addresses, and other corporate information," as well as "email addresses and Windows Active Directory information for over 77,000 Uber employees". It should be noted however that during the breach, no user data was accessed or shared.   The Uber data was leaked by a threat actor using the moniker "UberLeaks" in the online hacking community. These messages, according to Bleeping Computer, mentioned the “Lapsus$” cybercriminal group. This cybercrime gang has claimed responsibility for a number of high-profile hacks, including the Nvidia cyberattack and the February Samsung data leak. As a result of a "cybersecurity issue" in September, several of Uber's internal tools, communications, and engineering systems had to be taken down. When the hack took place, the ride-hailing firm said that the perpetrator was a member of Lapsus$.   After reviewing the data that was leaked on BreachForums in this most recent attack, an Uber representative stated that the code is "not owned by Uber," but that the company is continuing to look into this matter. Teqtivity corroborated this, saying the data was "compromised due to unauthorised access to [its] systems by a malicious third party," who "was able to gain access to [the] Teqtivity AWS backup server that housed Teqtivity code and data files related to Teqtivity customers," including Uber.  

Operation Power Off targets DDoS providers

As part of a global campaign against DDoS service providers, 50 of the biggest booter sites in the world that let users launch devastating distributed denial-of-service (DDoS) attacks against critical internet infrastructure have been shut down. In order to counteract cyber-attacks that could disable online services, law enforcement agencies from the United States, the United Kingdom, the Netherlands, Poland, and Germany collaborated on Operation Power Off.   The services seized were by far the most well-known DDoS booter services, appearing first in search results. One of these services, which was shut down, was used to carry out over 30 million attacks alone. Seven administrators have already been detained in the United States and the United Kingdom as part of this investigation, and more actions against users of these illegal services are expected.  

Conclusion

To discover more about Cyrex, check out our blog and portfolio page. We also offer comprehensive manual penetration testing for games and non-gaming applications. For any other questions, please get in touch.