Security researchers have found more than 500,000 leaked credentials tied to leading gaming companies for sale on the dark web, the corner of the internet known for illicit activity.

Detailed today by researchers at Kela Research and Strategy Ltd., the leak of the credentials related to employees at leading games companies along with nearly 1 million accounts of both internal gaming clients and employees. The compromised accounts provide access to internal resources such as admin panels, virtual private networks, Jira instances, FTPs, single-sign-ons and development-related environments.

The researchers didn’t provide details of the companies affected, but the stolen credentials were found from nearly all of the top 25 gaming companies. They also note that in the past three months, they have observed four ransomware incidents affecting gaming companies, three of which were publicly reported.

“Credentials to internal resources of recently attacked companies – such as VPN, website management portals, admin, Jira and more – were put up for sale and hence were available for any potential attacker prior to the cyberattacks that occurred,” the researchers said. “We also detected an infected computer (bot) which had credential logs to plenty of sensitive accounts that could be accessed by attackers upon purchase: SSO, Kibana, Jira, adminconnect, service-now, Slack, VPN, password-manager and poweradmin of the company – all on a single bot – which strongly suggests that it’s used by an employee of the company with administrator rights.”

Some companies known to have been attacked in recent times include Japanese video game developer Capcom Co. Ltd. which was hit in a Ragnar Locker ransomware attack in November. Ubisoft Entertainment SA and Crytek GmbH were also hacked last year, with stolen data appearing on the dark web in October. And in December Koei Tecmo Holdings Co. Ltd. disclosed that it had suffered a data breach.

The researchers concluded that “organizations in the gaming sector have to act fast as they are the new target that cybercriminals are interested in” and that they should “invest in different measures in order to ensure that they are protecting all of their different assets.”

Discussing the targeting of game companies in November, Mark Kedgley, chief technology officer at information technology security and compliance software company New Net Technologies Ltd., told SiliconANGLE that cybersecurity needs discipline and strategy, as well as vulnerability management, system hardening and change control. “Mastering all of these is essential to counteract the ‘End of Level Bosses’ of the hacker world, including today’s ever-present ransomware threat,” he said.

Photo: Pxhere