Steam Platform Encounters DDoS Attack, Speculations Triggered by the Popularity of "Black Myth: Wukong"

On the evening of August 24th, Steam, the world's largest gaming platform, encountered severe technical problems, causing domestic and foreign players to be unable to log in normally. This incident quickly became a hot topic on social media. Although some players speculated that this failure was caused by the excessive number of online players of the recently popular game "Black Myth: Wukong", according to the official statement of the PWA (Perfect World Arena) platform, in fact, Steam suffered a Distributed Denial of Service (DDoS) attack.

Since its release on August 20th, "Black Myth: Wukong" has quickly become a phenomenal game. Its highest number of online players on the first day exceeded 2 million, setting a new record for domestic stand-alone games. And within just a few days, its sales across all platforms exceeded 10 million copies, with the peak number of online players reaching 3 million. However, just as the popularity of this game was continuously rising, the Steam platform suffered a DDoS attack.

Li Weichen, the vice president of technology at Knownsec, pointed out in an interview that DDoS attacks are very common in the gaming industry, especially when a blockbuster game is launched. Hackers disrupt game services through such attacks, forcing game developers or platforms to miss the best profit-making opportunities and using this as leverage to obtain illegal gains. The attacker's profit models are diverse, including direct extortion, influencing stock prices, and demanding compensation from competitors.

Li Weichen emphasized that although DDoS attacks have a long history, they are still very effective attack methods, and there are mature SaaS services available for people to use. Such services are inexpensive, and only a small amount of cost is needed to paralyze the target system, causing huge economic losses.

It is extremely difficult to completely defend against DDoS attacks because this often requires both sides to invest a large amount of bandwidth resources. Most Internet enterprises do not prepare excessive redundant resources in advance to deal with potential attacks, so they are often helpless when encountering attacks. Currently, the most effective defense measure is to rely on the anti-D services provided by cloud defense service providers. Cloud defense platforms can mobilize the resources of the entire network to resist hacker attacks, and their available bandwidth ranges from several Tbps to hundreds of Tbps, far exceeding the general attack scale.

Game developers usually cooperate with cloud defense service providers to ensure that their business is not affected by super-large-scale DDoS attacks, and take preventive measures such as backup domain names and servers. In addition, cloud native technology and container technology also improve the elastic expansion ability of the business, which helps to quickly allocate resources to deal with traffic peaks.

According to the Gcore report, DDoS attacks increased by 46% in the first half of 2024. Among them, the gaming and gambling industries were the most affected, accounting for 49% of the total number of attacks. Given the fierce competition and high economic benefits in this industry, these fields are particularly vulnerable to attacks. With the continuous development of the gaming industry, strengthening network security protection is crucial for ensuring user experience and maintaining market order.

https://bit.ly/3SqoKU8 - 🔒 'Elektra-Leak' campaign targets public GitHub repositories, harvesting AWS cloud keys for crypto-mining. Attackers create Amazon EC2 instances, bypassing Amazon's quarantine controls. #CyberSecurity #ElektraLeak #CloudSecurity 🔎 Researchers from Palo Alto Networks report over 474 EC2 instances created for crypto-mining between Aug. 30 and Oct. 6. Full attacks launched within 5 minutes of IAM credential exposure. #CyberThreats #IAMSecurity 🚨 Despite Amazon's quick quarantine response, attackers persist, exploiting loopholes. Palo Alto's honey trap reveals real-time public GitHub repo scanning, and EC2 instance creation using exposed keys. #CloudProtection #AWSsecurity 👓 Investigation shows automated tools cloning public repos, scanning for AWS keys, and using VPNs for anonymity. Attackers deploy Monero cryptomining payloads, complicating tracking efforts. #CyberInvestigation #MoneroMining 🛡️ Amazon's efforts to quarantine exposed keys aren't foolproof, as attackers find unquarantined keys. Palo Alto suggests immediate revocation of exposed IAM credentials and generation of new ones. #AWSIAM #CloudDefense 🗣️ Experts urge fundamental security practices; advocate for authentication systems aiding developers in secure practices. Palo Alto recommends short-lived credentials in production environments.

No caption needed ➖➖➖➖➖➖➖➖➖➖➖➖➖ #everydaycivilian #edc #everydaycarry #bcm #bravocompany #streamlight #gearheadworks #clouddefensive #tidwellknifeandtool #buster #busterknife #gsltechnology https://www.instagram.com/p/Ck-0Pp5Lsgf/?igshid=NGJjMDIxMWI=

Just in the 🚪: @clouddefensive Chicro Admin Light! #shootersfaync #braggblvd #clouddefensive #chicro #admin #light #edc #fay #fayettevillenc #ftbragg #fortbragg #shoplocal #shoplocal (at Bragg Blvd) https://www.instagram.com/p/CnpGEhOL-QU/?igshid=NGJjMDIxMWI=

@clouddefensive goes live with the REIN 3.0 https://www.instagram.com/p/CmaS73CLXOk/?igshid=NGJjMDIxMWI=

The @clouddefensive REIN. It’s almost here. It’s legit. It’s tough. It performs. Switch is done right. Full size button as a backup if switch got broken somehow. Dudes at @clouddefensive have put the time and effort in to make sure it’s done right when brought to the market. When it drops, code PRACTAC saves 10%. #practicallytactical #clouddefense #ar15 #gund #gun #igguns #lights #blindamotherfucker #notalegolight (at Alliance Police Training) https://www.instagram.com/p/CFH7sClHkqj/?igshid=1gw55a73gwsw3

So the greens and browns definitely have a blue and purple tinge to them, but we tiger stripe now

It was fun doing something different than my usual seasonal quick and dirty stripe job. Might do it again when I get some better colors.

Our writer @bso13_fmf just posted up an article on the @clouddefensive @streamlightinc tape switch mount. Link in profile or just head on over to www.blacksheepwarrior.com #blacksheepwarrior #clouddefense #streamlight #gearreview

warriorassaultsystems LPC-V2. Affordable, lightweight, rigid and comfortable make this carrier hard to beat♠️⁠ ⁠Www.blackbeargear.ca #blueforcegear#greyghostgear#tnvc#warriorassaultsystems#hesco#veteran#spade7tactical#spade7#platecarrier#trijicon#eotech#geissele#clouddefensive#AR15#nightvision#whitephosphor#pvs14#dtnvs#dtnvg#gpnvg#mk18#recce#2a#multicam#rangergreen#bodyarmor#ballistic#hescoarmor#surefire ( #📷 @spade_7_tactical ) Reposted from @warriorassaultsystems https://www.instagram.com/p/CUxRN5sLFty/?utm_medium=tumblr

Full-Website HTTPS Free Protection: Escort Your Business to Advance without Worries!

Full-Website HTTPS Free Protection: Escort Your Business to Advance without Worries!

Security without Boundaries, Free Enjoyment.

With the increasing complexity of the network environment, the HTTPS protocol has become a standard configuration for ensuring the security of data transmission and enhancing user trust. Nowadays, many manufacturers' cloud WAF products have free trial versions, but only support customers to access the HTTP protocol. If one wants to achieve security protection for business under the HTTPS protocol, they need to upgrade to a paid package, which requires an additional expense of several hundred or even over a thousand yuan per month. This makes personal websites and start-up teams hesitant...

Today, with full sincerity and determination, the Knownsec Cloud Defense Platform announces a revolutionary measure - the Qihang Edition of the Chuangyu Shield fully opens the HTTPS protocol for free, enabling every user to easily enjoy the protection of the cloud WAF and put on an indestructible security armor for the website!

Comprehensive Functions, Upgraded Experience.

A free lunch often means compromise in functions. But this time, we break the routine and free users from hesitation. The Qihang Edition of the Chuangyu Shield supports users to add SSL certificates and provides comprehensive HTTPS functions. Whether it is a personal website or a small and micro enterprise, they can all use the Qihang Edition of the Chuangyu Shield for free and access the business under the HTTPS protocol, making every data transmission safe without worries.

üSupports HTTP2.0: As the latest HTTP protocol, HTTP2.0 greatly improves Web performance and reduces network latency; accelerates the loading speed of your website, enhances the user experience, and makes the content reach the users faster.

üHSTS setting: The node adds an HSTS configuration with a period of one day in the HTTPS response header. Browsers supporting this feature will use HTTPS to access within this period, thereby enhancing the security of data transmission.

üHTTPS forced redirection: Automatically redirects HTTP access to HTTPS to avoid users being exposed to an insecure connection due to negligence and provides all-round protection for user data security.

üTLS policy configuration: Not limited to basic encryption, we also provide advanced TLS configuration options to help you adjust the encryption strength and compatibility according to actual needs to ensure the security and efficiency of data transmission.

Through this free support of SSL certificates and the opening of HTTPS functions by the Qihang Edition of the Chuangyu Shield, we hope to provide strong security guarantees for more websites and help enterprises move forward steadily in the digital wave. We guard your security with heart; we witness your success together!

Details of the Qihang Edition of the Chuangyu Shield Activity.

Activity Targets:

●Cloud defense new users whose domain names are compliant and filed in mainland China.

●Small and micro enterprises, public welfare organizations, personal website owners and other non-governmental and non-educational websites.

●Covers various application scenarios such as Web business systems, portal websites, Web APIs, mobile APPs, mini-programs, and AI large language models (LLM).

Participation Methods:

●Register as a member of the Knownsec Cloud Defense (https://defense.yunaq.com/) from now on and complete real-name authentication.

●After new users register, complete domain name access before December 31, 2024, and they can receive the defense service of the Qihang Edition of the Chuangyu Shield for free.

●The free usage right is defaulted to be valid for one year. After expiration, it can be reapplied through the community. Come and join the community to obtain more information.

* The final interpretation right belongs to the Knownsec Cloud Defense.

If you have any questions, you can consult in the [Chuangyu Shield User Service Community]. Add the assistant's WeChat to pull you into the group:

Service Contents of the Qihang Edition of the Chuangyu Shield.

Web Attack Protection - Preventing Intrusion, Tampering, and Data Leakage.

The Knownsec Cloud Defense has a large number of hacker attack sample libraries. By using the Knownsec Cyberspace Search Engine ZoomEye, the Seebug Vulnerability Community, the data of millions of business systems under real-time defense 24/7, and the highly accurate threat intelligence analyzed by the Chuangyu Anzhuan Zhineng Brain large model, it helps enterprises establish an all-round defense system covering various application scenarios such as Web business systems, portal websites, Web APIs, mobile APPs, mini-programs, and AI large language models (LLM). It can defend against various attack methods such as SQL injection, command injection, XSS cross-site attacks, and 0-day vulnerability attacks, providing continuous and highly reliable attack protection capabilities.

DDoS Traffic Cleaning - Cleaning of CC and DDoS large attack traffic.

Provides large-scale CC and DDoS attack traffic defense services for online business systems to resist business risks in real time. Through the independently developed Anti-CC algorithm engine to model and analyze massive attack data, it achieves perfect defense against multiple types of CC attacks, ensuring the continuous and stable operation of the business system without accidents!

Page Acceleration - Effectively improving cache efficiency and page access speed.

Provides low-cost and highly available secure content distribution services. By caching the site content to global acceleration nodes, users can obtain resources nearby, greatly improving the website access speed and solving the access bottlenecks caused by regions, bandwidth, and server performance. At the same time, it provides security detection and traffic cleaning services, truly achieving safe acceleration.

Personalized Services - Visualized Reports, SSL Certificates, Community Services.

Supports real-time viewing of the website security status on the cloud defense platform, including the number of various attacks, attack IPs, sources, security ratings of the website, historical attack numbers, detailed information of Web attacks and CC and DDoS attacks, and provides a custom report export function. At the same time, it supports uploading and managing SSL certificates on the cloud defense platform and provides comprehensive HTTPS functions.

Now register as a cloud defense member and you can receive the rights and interests of the Qihang Edition of the Chuangyu Shield for free.

The number of places is limited. Come and unlock your exclusive defense service: Knownsec Cloud Defense (https://defense.yunaq.com/).

If you have any questions, you can also consult in the [Chuangyu Shield User Service Community]. Add the assistant's WeChat to pull you into the group:

The @stagarms 10.5” Pistol in FDE in our 36” Tactical Rifle Case. •• #tacticalgear #stagarms #sigromeo #deadair #clouddefensive https://www.instagram.com/p/CZp8xS6vRU1/?utm_medium=tumblr

💥MK18 Monday to kick off the week💥 . . . . Via • @the_bearjew__ . . . . . #mk18 #mk18monday #mk18pistol #arpistol #arpistolshooters #ar15 #sbtactical #surefire #clouddefensive #vortexhuey #vortex #danieldefense #danieldefensemk18 #fuckyeahguns #guns #gunsofinstagram #weaponsdaily #america #2a #usa #556 #223 #magpul #sbtacticalpistolbrace #edgarshermandesign https://www.instagram.com/p/CCUdapMlUsG/?igshid=vnzrfzk16757

@gearheadworks makes everything better. 😍. @czusafirearms Scorpion EVO with Tailhook Mod 1C, @krebs_custom PD-18 pistol with the original Tailhook, and @bravocompanyusa build with Tailhook Mod 2. All pistols, and these set-ups are all thanks to Gear Head Works Tailhooks ➖➖➖➖➖➖➖➖➖➖➖➖➖ #everydaycivilian #edc #everydaycarry #czusa #gearheadworks #scorpionevo #czscorpion #krebscustom #ak47 #customak47 #bcm #bravocompany #bravocompanyusa #clouddefensive #gsltechnology #bakelite #762x39 #9mm #556 #223 https://www.instagram.com/p/CbOindXLZh3/?utm_medium=tumblr

PEQs for days. Various laser/light setups on different rifles. Long rails. Short rails. Dual pads. Single pads. And a variety of iron sight types. - #scar17 #cqbr #peq15 #atpialc #atpial #surefire #mk18 #bcm #risii #eotech #clouddefense #kac #rifles #carbines #dmr #carbine #trexarms #trexarmskydex

And while I'm on about cleaning, don't forget your gadgets and accessories, they'll need an occasional cleaning as well, light lenses gather soot and carbon from muzzle blasts and optics get fingerprints and dust build up, you get the jist 😉 #251WpnWrx #Services #Cleaning #ProTip #Gadgets #Optics #Switches #Controls #CloudDefense #Streamlight #Aimpoint (at Foley, Alabama) https://www.instagram.com/p/BufDyEzH6Z9/?utm_source=ig_tumblr_share&igshid=1w3rkapofkzkj