Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Dr dos and d dos attacks involving online multi-player video games


Published on

Online multi-player video game networks provide fertile ground for malicious hackers and criminals. Gaming networks and servers are used to target other gamers, networks and even non-gaming businesses with DDoS attacks. Learn more in this summary of our DDoS attack protection white paper.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Dr dos and d dos attacks involving online multi-player video games

  1. 1. 1 An Analysis of DrDoS and DDoS Attacks Involving the Multiplayer Video Gaming Community: Part IV of the DrDoS White Paper Series Selected excerpts The technology infrastructure that supports hundreds of millions of online gamers is also used by malicious actors to launch distributed denial of service (DDoS) attacks against fellow players, rival systems and non-gaming businesses, including the financial industry. Malicious behavior involving online video games harkens back to at least the 1990s. Video game infrastructures are attractive to criminals due to the industry’s large number of servers and broadband capabilities. Gaming servers with poorly implemented security controls and server configurations are vulnerable. Why do they do it? Criminals and players engage in different types of denial of service activities and for different reasons. Some criminals use misconfigured and vulnerable gaming servers to boost the power of their attacks against non-gaming businesses. Others seek to take over and sell high-value player accounts in a black market economy that values access to in-game currency, powerful character profiles and downloadable software. Disgruntled gamers, on the other hand, may only seek to temporarily knock fellow competitors off a server to gain in-game advantage. With so many competitive players with a desire to get ahead, some may rationalize this kind of cheating. Other gamers may target other gaming systems to damage the playing experience on rival platforms. A tradition of DrDoS attacks in gaming Some attack methodologies, including Distributed Reflection Denial of Service (DrDoS) attacks date have been around for decades. Early DrDoS attacks took advantage of misconfigurations within the servers that hosted Counter-Strike, Quake and Half Life – and they still do. The most common method for engaging in denial of service attacks in the gaming community is called packeting, which refers to a denial of service attack where excessive data packets are sent to a target IP address in an effort to slow or stop Internet service. A packeting attack can be directed at any IP address, which may belong to other gamers, the game server itself, or a target outside of the gaming network. A resolver may be used in conjunction with packeting to first reveal the IP addresses of fellow players or servers to attack. DrDoS attack tools for gaming servers Gaming-server aggregators, provide a legitimate service for players looking for a gaming server. They also provide a good source of server IP addresses for criminals to use in DrDoS attacks. By
  2. 2. 2 abusing multiple game servers at once, attackers can increase the volume of malicious traffic directed to the intended target. One popular Perl-based attack toolkit described in the white paper lets attackers target several types of game servers and allows for varied attack payloads. Other attacks against gaming communities (non-reflection) Both amateur and sophisticated methods of attack are used frequently to target gaming servers – and players. Simpler attacks target individual players or a gaming server, such as Counter-Strike or Minecraft. The attacker’s goal is to damage the gaming experience for one or more players. These attacks do not involve reflection or amplification; instead, they simply flood a default game server port on a target IP address. More sophisticated attacks use crimeware kits and phishing techniques. Sophisticated stresser suites and booter scripts are sold by enterprising developers as a service to take gaming systems offline. In addition, some malicious actors seek to take over Xbox Live and Steam accounts to make use of a gaming network without paying for a subscription or to sell compromised account credentials on underground forums. Account checker tools allow criminals to retry previously harvested username:password logins from third-party breaches to see if the logins have also been used to an account on a gaming platform. Get the full white paper for more details, a financial services case study and more Download the white paper for extensive details about DDoS and DrDoS attacks and attack tools that involve the gaming industry. The white paper also includes: • A case study of a Prolexic customer in the financial industry who was the target of a DrDoS attack that used gaming servers to reflect and amplify traffic to the firm • Prevention measures that gaming network administrators can take to reduce the likelihood that their servers will participate in – or be the target of – a denial of service attack About Prolexic Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services. Learn more at