Two Popular Games Warframe And Clash of Kings Suffer Data Breaches

Two popular games, Warframe and Clash Of Kings has been attacked and suffered data breaches by some unknown hackers. The hackers have managed to steal about 1,597,717 user accounts from Clash Of Kings and 775,749 user accounts from Warframe.

About The Security Breach In Warframe Website

The first one to make an announcement was Digital Extremes – the gaming company behind a very popular Warframe XBox One, Playstation 4 and PC online free-to-play cooperative third-person shooter video game.

The breach occurred via its main website and the hacker had used the Drupalgeddon SQL injection exploit (CVE-2014-3704) to hack into the website, according to Digital Extremes.

However the hacker managed to steal some personal details but not “account passwords, variations of passwords, hashed passwords, game account data or personal player information such as full names, addresses or other billing and payment information”. After this data breach the company had added 2FA support for its forum and urged users to change their passwords immediately.

About The Security Breach In Clash Of Kings Forum

An anonymous hacker told Zdnet that the assault was carried out by exploiting a known weakness in the forum’s software – an older 2013 version of vBulletin that includes multiple security flaws that can easily be abused to gain access to and swipe forum data using tools that readily available online.

According to the App Annie Store Stats, Clash of Kings is now becoming increasingly popular (PRNewsFoto/Elex-tech)

However the hacker managed to steal the user data includes usernames, emails, passwords (salted and hashed), IP addresses, device IDs, Facebook details, and Facebook access tokens. “Clash of Kings” stands as one of the most popular mobile games today, with upwards of 100 million installs on Android alone.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA