Learn about the recent DDoS attack on the worldwide phenomenon that is Pokémon Go.
During the weekend of 16th and 17th July, the worldwide phenomenon game that is Pokémon Go was brought down by a DDoS attack. The attack aimed at the US and European servers, leaving users with limited (if any) access to the game. While those who could access the game had problems with it freezing.
Currently there are two hacker groups that are claiming to have launched the attack- Poodle Corp and OurMine, however neither have been officially verified as the source of the attack.
The “elite hacker group” OurMine state that they are white hat hackers known for hacking major companies’ systems to highlight weaknesses- in order to secure all vulnerabilities. For those that don’t know white hat hackers are considered to be the good hackers. They are either dedicated security researchers or hackers who attempt to gain access to a system- but then give all of the security vulnerability information they found to the company that they hacked. In comparison to black hats- who are the total opposite to white hats and they are classed as criminals. They hack to find sensitive information or gain access to a network to cause harm. Typically, information such as:
- Credit card information
- Bank account details
- Emails and passwords
will be stolen by the black hats- in order to sell the information and make a financial gain.
On the 17th July OurMine wrote a blog post on their website stating that they will attack the Pokémon Go authentication servers unless Pokémon Go staff contact them on their website. They claim that the reason behind the attack is that they want to teach Pokémon Go to protect the game and its servers.
The hacker group Poodle Corp made an announcement to twitter- “PokémonGo #Offline #PoodleCorp”. This led the public to believe that they were behind the attack. This was followed by a cryptic tweet “August 1st #PoodleCorp #PokémonGo”. It is reported that the leader of Poodle Corp also sent out a tweet claiming that the attack in July was a test, with a larger attack to follow- which coincides with the date August 1st. The leaders’ account has since been taken down. As we are now on August 2nd and Pokémon Go wasn’t offline at all yesterday, I think we can establish that it was an idle threat from PoodleCorp and the likely hacker group was in fact OurMine.
In case you were not aware a DDoS (distributed denial of service) attack is comprised of a number of hosts attacking a target. Typically, an attacker would use a range of hosts that they have infected with malware, allowing them to remotely control the device. The attacker would then use all of the devices to send thousands of message requests to the victim system that it would overload the system- causing network downtime.
So what can we learn from the DDoS attacks on Pokémon Go, I think the key is that these types of attacks are not limited to targeting well-known companies, they can cause huge damage to smaller businesses to. It is vital to employ a high level of network security for your business- regardless of the size. If this is something that you are concerned about as a business, then please do not hesitate to get in touch to discuss with our Cyber Security Experts.