SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
23 Aug 2016

Epic's forums hacked again, with thousands of logins stolen

A hacker has stolen hundreds of thousands of forum accounts associated with Unreal Engine and its maker, Epic Games.

More than 808,000 accounts were stolen in the attack -- with more than half a million from Unreal Engine's forums alone. Breach notification site LeakedSource.com, which obtained a copy of the database, said the attack was carried out August 11.

The hacker, whose name isn't known, exploited a known SQL injection vulnerability found in an older vBulletin forum software, which allowed the hacker to get access to the full database. The hacker acquired usernames, scrambled passwords, email addresses, IP addresses, birthdates, join dates, their full history of posts and comments including private messages, and other user activity data from both sets of forums. Facebook access tokens were stolen for those who signed in with their social account.

But most of the passwords were scrambled in a way that were not readily or easily crackable, suggesting that Epic Games used a different kind of password scrambling algorithm than seen in other breaches, like Dota 2, and more recently, DLH.net. A member of the LeakedSource group told me that it's "hard to tell without more effort or examining source code".

When we last checked at the time of publication, the Epic Games' forum appeared to be down, but the company's Unreal Engine forums were still active. This latest hack marks yet another attack on sites operating out-of-date and unpatched forums. Despite similarities, it's not thought that that the hack is related to similar breaches around the same time -- in part because the vulnerabilities are widely known among underground hacker groups.

But it's not the first time that Epic Games has suffered at the hands of hackers. Last year, the gaming giant owned up to a hack that saw a hacker steal thousands of accounts. LeakedSource added the breached data into its database, including the password hashes, even if they aren't readable in plain text, to allow possible victims to search their data. A spokesperson for Epic Games confirmed the breach in an email, and pointed to a statement it posted on its website. "We're still investigating," the spokesperson said.

Tags:
information leaks hackers
Source:
ZDNet
1823
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015