Clash of Kings forum hack leaks 1.6 million gamers' account details -TEISS® : Cracking Cyber Security

IoT / Clash of Kings forum hack leaks 1.6 million gamers’ account details

Clash of Kings forum hack leaks 1.6 million gamers’ account details

Nearly 1.6 million gamers' details have been stolen after a forum for a popular mobile game was hacked, it has been reported.

According to ZDNet, the cyber criminal was able to steal data from the official Clash of Kings forum because it was running outdated - and vulnerable - software.

The information includes usernames, email addresses, IP addresses, device identifiers and Facebook data and access tokens, the site reported.

However, passwords belonging to accounts in the database were hashed and salted.

According to reports, the official Clash of Kings forum was running an old version of the vBulletin software, meaning the hacker could use tools available online to exploit known vulnerabilities that have since been secured by its developer in subsequent versions.

Breach notification site was sent a copy of the database, which contains 1,597,717 records with varying amounts of information.

Meanwhile, the forum itself has been taken down for “maintenance”.

Clash of Kings has had between 50 million and 100 million installs on the Google Play Store and has 3.7 million Facebook fans.

It is currently celebrating the second anniversary of its release.

The reported hack is the latest in a long line of incidents that have targeted gamers and gaming communities – and the personal information they hold.

Earlier this month, PlayStation Network gamers were warned about scam websites that claimed to offer free games in return for their account credentials.

Last month, gamers were warned about fake torrents for popular games including The Witcher 3 and Assassin’s Creed Syndicate that actually installed adware on their systems.

Earlier in the year, security researchers discovered malware that steals gamers’ Steam login details to be sold for as little as $15 (£12) on the Dark Web.

And in another hack, cyber criminals launched an attack on a DayZ forum and made off with gamers’ personal details including usernames and email addresses.

For more on the forum hack, see ZDNet‘s report.



Most Popular