this post was submitted on 12 Oct 2023
114 points (96.7% liked)

Technology

59219 readers
3235 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
114
Shadow PC got hacked, and had user data leak (jlai.lu)
submitted 1 year ago* (last edited 1 year ago) by Tibert@jlai.lu to c/technology@lemmy.world
27 comments fedilink hide all child comments
 

"We would like to inform you of a recent incident affecting the security of certain data hosted by one of our service providers.

What happened?

At the end of September, we were the victim of a social engineering attack targeting one of our employees. This highly sophisticated attack began on the Discord platform with the downloading of malware under cover of a game on the Steam platform, proposed by an acquaintance of our employee, himself a victim of the same attack.

Our security team took immediate action. Despite our actions, the attacker was able to exploit one of the stolen cookies to connect to the management interface of one of our SaaS providers. Thanks to this cookie, now deactivated, the attacker was able to extract, via our SaaS provider's API, certain private information about you.

The information concerned is your first and last name, e-mail address, date of birth, billing address and credit card expiry date. It is important to note that no passwords or sensitive banking data have been compromised.

What actions have we taken?

As soon as this incident was discovered, we took immediate steps to secure our systems and took all necessary precautions to avoid future incidents. We have also reinforced the security protocols we apply with all our SaaS providers. Finally, we will be upgrading our internal systems to render compromised workstations harmless.

What can you do?

In the wake of this incident, please be very vigilant about the emails you receive, as they could be phishing attempts. In general, for all your accounts, we advise you to protect yourself by setting up multi- factor authentication ("MFA").

To set up MFA on your Shadow account, please refer to the following

guide: https://shdw.me/HC-B2C-2FA

We are here for you

We sincerely apologize for the inconvenience and assure you that we are doing everything possible to ensure the security of your data.

If you have any questions or concerns, please do not hesitate to contact our customer service department at https://shdw.me/HC- B2C-Support Form

Thank you for your understanding and trust.

Best regards,

Eric Sèle, CEO, Shadow"

top 27 comments
sorted by: hot top controversial new old
[–] ChaoticNeutralCzech@feddit.de 51 points 1 year ago (2 children)

highly sophisticated attack

...

[–] Solarius@lemmy.sdf.org 16 points 1 year ago (2 children)

I've literally had these "hacks" before. They get into one of your friend's accounts and message you asking to alpha test a game they made. It's so blatantly fake though it's embarrassing anyone can get caught by it.

[–] cybersandwich@lemmy.world 12 points 1 year ago

Sometimes it's super obviously fake, but if you actually sent alpha test games to your friends semi regularly or it was something not unusual like Gary from accounting "can you sign off on this invoice?" It's a lot more understandable.

All it takes is a day when Gary hasn't had a great night of sleep, had an argument with his wife that morning, and he's stressed trying to get an annual report to his boss by COB, and BOOM, Gary clicks the 'obvious' link trying to know out some low hanging fruit and it's game over.

[–] ChaoticEntropy@feddit.uk 5 points 1 year ago

Naturally, you then download it on to your work PC where you hold/have access to all of your company's most critical information. :)

[–] skozzii@lemmy.ca 13 points 1 year ago* (last edited 1 year ago)

Literally the least sophisticated attack.

Human error, let's call it what it is.

It's like calling these "phishing scammers' hackers.

They are not hackers, they are just liars and conmen who got your info.

[–] jmd_akbar@aussie.zone 23 points 1 year ago (1 children)

first and last name, e-mail address, date of birth, billing address and credit card expiry date...

Sure... Totally things that someone can change on the fly....

[–] kn33@lemmy.world 21 points 1 year ago

Yeah, but also things that were probably out there anyway. They essentially got a customer list.

[–] infeeeee@lemm.ee 19 points 1 year ago (4 children)

What is (was?) shadow PC? This is the first time I read about this

[–] ByGourou@sh.itjust.works 8 points 1 year ago

A cool french company that sell you access to a full pc in the cloud. It was bought by the same guy who own ovh last year.
Sad to see this leak, I have a few friends that use it, it's probably the best cloud gaming plateform.

[–] willya@lemmyf.uk 6 points 1 year ago

I had it when they first came around and it’s a really good cloud pc. Zero lag gaming. Was even able to do PC VR with my Quest 2.

[–] Deletecat@lemmy.world 4 points 1 year ago

Service where you can rent a cloud gaming PC

[–] atetulo@lemm.ee 1 points 1 year ago

Hardware subscription service.

Waste of money, but some people got fleeced.

[–] programmer_belch@lemmy.dbzer0.com 15 points 1 year ago

Waiting for the next hacker film where they get Gary from accounting to give them their password by sending them to a porn website login page

[–] StorageAware@lemmings.world 15 points 1 year ago (2 children)

Sure your DOB & address were leaked, but don't worry your password is safe.

[–] 0xD@infosec.pub 23 points 1 year ago

These things are often saved in entirely different places, so no, that is not a stretch.

[–] TimeSquirrel@kbin.social 8 points 1 year ago (1 children)

Even if they got a password, you'd have to be incredibly stupid to store it in clear text on your database in 2023.

[–] themakara@lemmy.world 12 points 1 year ago

Honestly, props to them for disclosing this so early. Other companies have waited months to tell their customers about these things, sometimes only because it leaked.

[–] HubertManne@kbin.social 11 points 1 year ago (1 children)

they are downloading a game on a work laptop???

[–] BenGFHC@kbin.social 3 points 1 year ago

Could be a work game night?

[–] kn33@lemmy.world 10 points 1 year ago (2 children)

What I want to know is how malware got on Steam. If it really played out like they say, some of the blame should be on Valve.

[–] Chozo@kbin.social 19 points 1 year ago

It sounds like it was a fake Steam link. At least, that's what I assume is meant by "under cover of a game on the Steam platform".

[–] Tibert@jlai.lu 3 points 1 year ago (1 children)
[–] JohnDClay@sh.itjust.works 1 points 1 year ago

Valve adds new security check after attackers compromise Steam accounts of multiple game devs and update their games with malware

If anyone is having trouble opening the link