Modular backdoor sneaked into video game developers' servers

Modular backdoor sneaked into video game developers' servers

A suspected Chinese APT group used a newly discovered modular backdoor to infect at least one video game developer’s build orchestration server and at least one other company’s game servers, researchers have reported.


Although these attacks appear to have taken place prior to March, such incidents are now more important than ever to detect and defend against, as anecdotal evidence suggests video games are thriving as a popular form of entertainment among consumers who are now stuck at home due to COVID-19 concerns.


The compromised build system could have potentially resulted in a supply chain attack allowing for the trojanization of otherwise legitimate game executables, while the hacked game servers could have been exploited to steal users’ in-game currencies for profit, ESET explains in a company blog post released today.


ESET has attributed the attacks to the Winnti Group, a suspected Chinese APT group with a history of conducting software supply chain attacks and victimizing the video game industry in particular. Its unnamed targets were described as gaming companies in South Korea and Taiwan that s ..

Support the originator by clicking the read the rest link below.