A vpnMentor investigation found that a 134 GB server owned by EskyFun is exposed and user data was leaked for game titles such as Metamorph M, The Three Kingdoms Legend, Adventure Story, Rainbow Story, and Fantasy MMORPG.
Data disclosed includes IP and IMEI numbers, mobile device event logs, device information, phone numbers, EskyFun network passwords, current operating system, rooted or otherwise rooted phones, player acquisition and transaction reports, mailing, and support requests. Various data points were also used to identify profile individuals as well as two vulnerable groups, such as teenagers and accounts with large amounts of money, the researchers said.
The aforementioned games were downloaded 1.6 million times, whereas the leaked information had more than 365 million records. An intriguing aspect is that developers increased the amount of analytics, monitoring and authorization options available for the games, some needing more permissions even before they were installed.
Poor cyber security implementation is highly likely to result in data leaks
It goes without saying that there are numerous consequences to leaking such details on the web. For starters, thousands of users are at risk of receiving phishing emails claiming to be from the EskyFun helpline using the stolen email address. At the same time, the payment system is completely compromised as threat actors can send fake gateways to steal credit card information.
What’s sad is that the incident could have been avoided if EskyFun implemented some basic security measures, such as configuring access rules, enhancing authentication and securing the servers, for instance..
Moreover, hackers can determine users to click various URLs and gain complete control of the targeted device or infect it with viruses, ransomware, spyware or tracking software.Given the sheer amount of data stolen, it’s relatively easy for a good threat actor to appear legitimate and gain trust among EskyFun users.
#Daa Leak#Android Gamers#Data#Chinese#Hacking
Kaspersky: Kanye’s Upcoming Album is a Scam Magnet: Scammers take advantage of fan anticipation by placing malicious fake files on the Internet to infect their targets
Microsoft Says Unsupported PCs Are Plagued by BSODs on Windows 11: And this is why some devices aren’t getting the new OS
Windows 10 Version 21H2 Will Recommend Windows 11 (If Supported): Microsoft will recommend Windows 11 on eligible devices
Microsoft Announces a New Widget for Windows 11: A Microsoft 365 widget is now available for testing
Work from Home Increased Worldwide Phishing Attacks: Palo Alto Network’s Unit 42 cybersecurity team reveal alarming findings about the new work-from-home environment
Top Linux Vulnerabilities Exploited by Hackers: The newly discovered vulnerabilities were used to by cybercriminals to breach Linux systems millions of times
New SideWalk Backdoor Targeting U.S. Computer Retailers: Recent cyberattacks revealed a new improved backdoor comparable to SparklingGoblin’s Crosswalk malware
Click to load comments
Acer’s Spin 1 Has High-Res Screen and Premium Look For Low Price
FluBot Malware Strikes AgainFluBot is back affecting a greater geographical area
FluBot Malware Strikes Again
WhatsApp New Modified Version Installs Triada TrojanMalware is increasingly being disguised in fake Android apps
WhatsApp New Modified Version Installs Triada Trojan
Google Patches Critical Android VulnerabilitiesThe August 2021 Android Security Bulletin contains fixes for another wave of security vulnerabilities
Google Patches Critical Android Vulnerabilities APT Gang Distributed Android Trojan via Syrian e-Government PlatformAndroid malware capable of spying on phones has been found
APT Gang Distributed Android Trojan via Syrian e-Government Platform
Malware Grabbed 5.8M Facebook PasswordsThe malware spread through legitimate applications
Malware Grabbed 5.8M Facebook Passwords
King’s Bounty II Review (PS4)Not quite the sequel that we’ve been waiting
Google, Microsoft To Invest $30B in CybersecurityThe IT industry’s powerhouses will commit enormous money and effort to enhancing cyberdefense measures
Google, Microsoft To Invest $30B in Cybersecurity
Microsoft Warns of Widespread Open Redirects Phishing AttacksMicrosoft’s cybersecurity experts discovered an ingenious phishing technique involving fake CAPTCHA checking
Microsoft Warns of Widespread Open Redirects Phishing Attacks
Legal Consequences Possible by Cybersecurity Standards Non-ComplianceIn addition to losing business, companies now risk being fined for failing to comply with cybersecurity rules
Legal Consequences Possible by Cybersecurity Standards Non-Compliance
Critical Cosmos Database Flaw Affecting Microsoft Azure CustomersUnprecedented critical vulnerability in the Azure cloud platform has been spotted by Wiz cybersecurity researchers
Critical Cosmos Database Flaw Affecting Microsoft Azure Customers
Chinese Developers Reveal Android Gamers’ DataThe information was made public due to an unsecured server
Chinese Developers Reveal Android Gamers’ Data
Kaspersky: Kanye’s Upcoming Album is a Scam MagnetScammers take advantage of fan anticipation by placing malicious fake files on the Internet to infect their targets
Kaspersky: Kanye’s Upcoming Album is a Scam Magnet
Microsoft Surface Duo 2 Looks Ravishing in High-Quality RendersRenders based on previous leaks envision the Surface Duo 2
Microsoft Surface Duo 2 Looks Ravishing in High-Quality Renders
Users Blast Microsoft for the New Windows 11 System RequirementsOlder PCs run Windows 11 just fine, they say
Users Blast Microsoft for the New Windows 11 System Requirements
– Android Gamer Data Revealed by Chinese Developers
– Check all news and articles from the latest [Security news] updates.