Hackers eyeing "Black Wukong"?

Text | Sina Technology, Luo Ning

Many netizens speculated that the server crashed due to the excessive number of people online in the game "Black Myth: Wukong", and some players received a system pop-up message on the Perfect World competitive platform, saying, "Steam is currently receiving a ddos attack, and players may have the problem of exiting the game caused by Steam disconnection during the game. You can restart Steam to reconnect."

After the incident, Sina Technology asked Perfect World to verify the matter. Some insiders said that "Steam's question should be asked by V Agency". But in terms of data, the DDoS attack still affected the release of "Black Myth: Wukong" this week. Because "Black Myth: Wukong" has been released since then, the peak online number of Steam platform has been rising, and it has just broken through 2.40 million on August 22. On Saturday night, when the number of players should be concentrated, the number of online people is only 350,000, and the decline is more obvious.

It is understood that DDoS, also known as Distributed Denial-of-service, multiplies the power of Distributed Denial-of-service by combining multiple computers as an attack platform to launch attacks on one or more targets. The types of DDoS attacks facing the game industry are complex and diverse, including empty connections, traffic-based attacks, CC attacks, etc., and new tricks emerge in an endless stream. Hackers control a large number of "broilers" through the network to send data packets that have no practical effect on the target host, resulting in users who normally visit the page unable to open the page or even the host crashing.

Regarding the intensity of DDoS attacks, Zhou Hongyi, founder of 360 Group, once commented: "Every day, companies and institutions will be hacked, and information will be leaked every day. No one in the country, enterprises, websites, or individuals will be spared."

The reason why DDoS attacks are so vicious is that the attacks from hackers are very stealthy. In order to evade detection, malicious websites usually change their addresses constantly, and different malicious websites sometimes share the same Internet Protocol Address. A malicious website has used dozens of IP addresses in different countries such as Russia, Mexico, Chile, and the United States. It is difficult to quickly identify and intercept them by rapidly changing addresses and regions.

Previously, there have been game companies closed down due to DDoS attacks. According to industry insiders, a game platform in Northeast China suffered a large-scale DDoS attack, with an attack volume of 600Gbps for several consecutive days, which could not be opened normally. It was persuaded by a well-known domestic friend to quit, with an average daily loss of nearly 3 million yuan. There is also a game platform in Southwest China that suffered a DDoS attack for half a month when it was just launched. The website was forced to stop serving, and investors changed their attitude towards the platform. The new round of financing failed.

The data shows a significant increase in the number of DDoS attacks in the first half of 2024. According to a report released by cyber security firm Gcore, the number of attacks reached 445,000, an increase of 46% year-on-year and 34% month-on-month. The gaming and gaming industries were the main targets of DDoS attacks, accounting for 49% of the total incidents in the first half of 2024. The number of attacks in the technology industry also increased significantly, accounting for 15% of the total. Andrey Slastenov, head of security at Gcore, warned that even a small increase in the size of the attack can have a serious impact at high bandwidth levels.

Regarding the governance of DDoS attacks, Zhou Hongyi once pointed out that the ability to form secure big data needs to be formed: "All network behaviors will form traces, and if there are traces, there will be data. Secure big data is the basis for forming visibility; with data, there must be data connection capabilities, data analytics and mining capabilities, combined with security experience, to form visibility."

Zhang Shule, a game industry analyst, told Sina Technology, "Some hackers often like to show their existence and technical ability by attacking online hotspots. This kind of attack is temporary for the platform. The crowd brought by'Black Myth: Wukong 'itself is indeed too much than the industry expected. Steam is also underprepared, and the pressure is off the charts. This also gives hackers an opportunity to use DDoS, which is actually not a clever method, to hack'hotspots.' But as long as the platform reacts, it is not difficult to solve the technical adjustment. The economic losses caused by it are not large, but the negative effects of affecting the player experience are very large."