Operation ShadowHammer: Hackers planted malware code in video games

Last month the world was reminded once again of the danger of supply chain attacks, as it was revealed that hackers had compromised the network of Taiwanese technology giant ASUS to push out a malicious software update to as many as one million laptops.

The attack, dubbed “Operation ShadowHammer” by security researchers, saw hackers successfully sign their malware with two of ASUS’s own digital certificates, increasing the chances that customers would not suspect anything awry.

Now the same security experts have uncovered evidence that the same attackers also targeted Asian video game software houses by poisoning developer tools, that left game players with trojanised code running on their computers.

The way in which the three video game developers came to have their systems compromised by the hackers are rather bizarre, and underline the difficulties that businesses can face in ensuring that they have an entirely secure supply chain.

Back in 2012, a company called Hammerpoint Interactive developed an open world zombie-shooting game called “The War Z, published by OP Productions on Steam.

The game’s debut was marred by controversy, with disappointed players ultimately offered refunds as the game failed to live up to its marketing claims. Things were so bad that the game has even made it onto Wikipedia’s list of the worst games of all time.

Eventually, perhaps attempting to hide away from the bad publicity, the game was renamed “Infestation: Survivor Stories”, but not before it was announced on April 4, 2013, that hackers had compromised the game’s servers after exploiting security vulnerabilities.

At the time it was reported that whoever hacked the video game’s servers had stolen the email addresses, character names, IP addresses and hashed passwords of forum members and players. But in addition, it appears that the game’s source code was also stolen, and (Read more...)