Epic Games prepared a bounty of over 100 million yen and claimed that 'account hack is a hoax', was it really a hoax?
Epic Games Ignored Epic Subdomain Takeover on their Authentication Domain, Promoted $ 1 Million Bounty to Address User Complaints
Around the end of March 2020, rumors spread that on Twitter, 'When I downloaded the Houseparty app, my Spotify, PayPal, bank account, etc. were hacked.' Houseparty denies the rumor that 'there is no evidence.' As 'some kind of organization has invested funds to spread the rumors of this kind,' claim to, it was announced to give 100 million dollars reward to the person who provided the information about the organization to lead this rumor.
We are investigating indications that the recent hacking rumors were spread by a paid commercial smear campaign to harm Houseparty.We are offering a $ 1,000,000 bounty for the first individual to provide proof of such a campaign to [email protected]— Houseparty (@houseparty) March 31, 2020
According to Edwards, the sub-domain of TheHousePartyApp.com has been hijacked by numerous phishing sites. The following is an example of a phishing site that uses a subdomain of TheHousePartyApp.com, which is a service that claims 'free e-book service'.
Some phishing sites have the exact same input form.
These phishing sites acquired fonts from 'webfonts.ru' and are suspected of involvement by Russian criminal organizations.
The majority of these phishing sites are trying to trick users into 'free' food, like 'free e-books' and 'free movie streaming.' Edwards claims that these phishing sites are hacking his accounts.
When Edwards contacted Epic Games about the existence of a phishing site using the above TheHousePartyApp.com subdomains, he said, `` The DNS records associated with the IP in question have not been deleted and HouseParty previously owned IP. Third party has obtained new content. The content of the subdomain in question is not our content. ”The malicious phishing site did not intentionally acquire the subdomain. Claimed to have just been inherited by a third party who provided e-book services.
In conclusion, after investigating, Epic Games said, 'Illegal content may be hosted by a third party. However, except that it was hosted, there is little potential for further exploitation. Denies the theory that 'Houseparty account hacking is occurring due to subdomain phishing sites.'
Edwards pointed out that it was the 'Pickaflick.com crew' who made the series of attacks. The Pickaflick.com crew is a group that has been operating phishing sites with various methods for over 10 years, starting from the phishing site 'Pickaflick.com'. Edwards provided Epic Games with more information about the Pickaflick.com crew's tricks, but said they were 'mostly ignored.'
`` It's true that organized hacker and phishing networks have used Epic Games subdomains to attack users, '' Edwards said. , Malicious organizations are just spreading. '
On the English-speaking social bookmarking site Reddit, it has been pointed out that 'it may be true that a phishing site was deployed on a subdomain of Houseparty, but it is weak to link it to account hacking.'
in Security, Posted by log1k_iy