Clash of Kings is the latest game to be hacked. An anonymous hacker recently targeted the popular game’s official forum and managed to steal data from 1.6 million accounts.
The hacker attacked on July 14th and has not identified himself this far. The app has since provided a copy of the leaked data to data breach notification site leakedsource.com. The site allows you to search if your username, email, phone number and IP address is in a database of stolen and hacked data.
According to ZDNet, the data breached by the hacker contains usernames, email addresses, device identifiers, Facebook data and IP addresses among other data. IP addresses are very critical as they can be used to track someone’s location. The passwords in the forum’s database are hashed and salted, meaning they would not be helpful to the hacker even if he breached them. The exact number of accounts added to LeakedSource is 1,597,717.
Clash of Kings is a highly popular strategy game. It has over 100milion downloads in Google Play Store alone. The game is also available in Apple’s App Store. The game’s developer, Elex, a Chinese tech company based in Beijing, has not responded to any requests to comment on the hack. The forum is currently undergoing maintenance.
Security analysts claim that the hack was not difficult to pull. The forum seemed not to care much about users’ security. They failed to use the HTTPS website encryption, which is popular in websites where users provide login information. Additionally, the forum was running on the vBulletin software. The old versions of the vBulletin software are known to have vulnerabilities. Elex has not updated the software since 2013. The flaws in the software can be exploited via tools available online.
All the hacker had to carry out a search for sites running outdated and vulnerable software. Attackers use a technique called ‘Google Dorking’ to flash out these sites. The search engine will find sites running on vulnerable software. The hacker then downloads hacking tools available online and attack whatever site they want. Clash of Kings Forum is one of the largest forums that show up in these results.
Clash of Kings, a real-time strategy game, allows users battle against enemies and build empires. It has an online multiplayer platform to compete against friends. Users utilise the online platform to share experiences and learn more about the game.
According to LeakeSource, vBulletin 4 software runs on over 100,000 sites. All these sites are vulnerable to hacks if they do not update the software. As such, add another layer of protection to yourself and get a good VPN, along with practicing good password management.