Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 7 June, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

1,800 Minecraft user credentials posted online

by The Gurus
January 20, 2015
in Editor's News
Share on FacebookShare on Twitter

The email addresses and passwords of 1,800 Minecraft users have been posted online.
 
According toHeise, the details were published online in plain-text format, although it remains unclear how they were obtained, reported the Guardian.
 
The report states that the details would allow strangers to log in to each of those user’s accounts on Minecraft to play online, and download the game to their own computers.
 
However, the more serious implication would be for any players who had used the same email address and password combination for other online services, from shopping and banking to email and social networking.
 
The game has 100 million registered accounts for its PC version alone, and was acquired by Microsoft in 2014 for $2.5 billion.
 
TK Keanini, CTO of Lancope, told IT Security Guru that “software is software and everything can be hacked”.
 
He claimed that there was a time when console game developers had a false sense of security because they were on a console but quickly learned they were wrong, and once a single person learns the hack, it spreads like wildfire on social networks to thousands forcing the vendor to urgently release an update.
 
“Attackers target gamers for two very attractive reasons: 1) they are accustomed to signing up to online systems and disclosing personal information and 2) they are accustom to downloading and installing software from unknown sources or without understanding the manifest,” he said. “Anytime you have to download something from an unknown source, well over 50 per cent of the time it is going to have something nasty bundled in there.
 
“There has been both in-game and out of game notable attacks where the entire community of gamers were affected. This includes attacks on the Playstation Network, EVE Online, and Steam. These
are highly visible and visibility is not what attackers like. They are more interested in attacking these users on a more individual basis with more attainable objectives like just getting malware installed on the PC or mobile device, or grabbing the credentials to the gaming network and monetizing the credit card information.”

 
Keanini claimed that in-game commerce is standard these days, and that is what makes these worlds attractive to cyber criminals, as designers of these online games with massive numbers of players have done well with their countermeasures, because they understand that the security investment is just a part of doing business. “It is the game of security and they are not playing to win, they are playing ‘not to lose’,” he said.
 
“While platforms and online systems change, at a high level the same weaknesses are being exploited by attackers. Anywhere a user can be fooled to disclose sensitive information or download untrusted software there will be a problem.
 
“The biggest change overall is the tempo of the threat as they create new forms of exploitation and attack. Online gaming in all forms change the distribution model for both the community of gamers and equally for community of criminals.”
 
Clinton Karr, senior security strategist at Bromium, said: “Users should be sure to also change the password on any other web sites where they might have used the same password, and should avoid such practice in future. Watch out for phishing emails appearing to come from Microsoft Xbox Live — log into the Xbox Live site directly rather than clicking on a link in an email.”
 
Jon French, security analyst at AppRiver, said: “As with any login out there, people should be using unique passwords and cases like this just re-enforce that. If someone uses the same password everywhere, all it takes is one leak to possibly compromise a lot of things.
 
“Specifically with gaming this can bring up another point. Many users, I’d say a large majority, use the same usernames online as well. With gaming as popular as it is online, you can usually google someone’s username in a game and get an idea of other games they play as well from statistic trackers and forums. So in the case of someone reusing usernames and passwords, this can be a huge impact on them by just one game getting compromised.”20

FacebookTweetLinkedIn
Tags: attackCredentialsGamepassword
ShareTweet
Previous Post

Insurance company breached, but did not inform customers

Next Post

Verizon fix flaw in Android app

Recent News

large open office, bright.

Employees Feel 10 Times Calmer in an Environmentally Friendly Office Space

June 7, 2023
Blue Logo OUTPOST24

Outpost24 Acquires EASM Provider Sweepatic

June 7, 2023
Standard post, logos of brands, headshot.

J Brand: The Challenges of Putting Mental Health First in an Unfamiliar Industry

June 6, 2023
iPad with Anxiety written on it in capitals.

Half of UK Employees Suffer From “Sunday Scaries”

June 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information