With video streaming site Twitch paying lucrative wages to celebrity gamers, it was inevitable—botnet-for-hire services that use hacked computers to fraudulently inflate viewership.
According to a report published Friday by security firm Symantec, underground markets and, in some cases, sites on the open Web host several services promising to generate large viewing audiences on Twitch and other streaming sites. One such service claims that each infected computer can be commandeered to open five separate streams carried on a selected broadcaster's Twitch channels. (To keep owners of the compromised computers in the dark, the streams are hidden and muted.) Premium services also offer automated "chatters" that interject users' comments live during the streaming.
"While many broadcasters stream their gameplay online as a hobby, some have managed to turn it into a well-paid full time job," Symantec researcher Lionel Payet wrote. "Over the past few years, this business model has grown sharply, so it's unsurprising that scammers are piggybacking on the industry in a parallel underground economy."
Twitch, the Amazon-owned game video streaming service, has reset passwords for all its users after warning of a security breach that may have allowed hackers to access user names, passwords, and other personal information.
According to a blog post Twitch published Monday evening, current passwords have been expired and users will be required to create a new one the next time they log in. Accounts have also been disconnected from Twitter and YouTube. As is standard practice, anyone who used the same password for multiple services should assume it's compromised and create a new and unique passcode for each property. Credit card data was not affected, the company said.
Monday's advisory provided few details. E-mails sent to users said hackers may have gained unauthorized access to Twitch usernames and associated e-mail addresses, encrypted passwords, the last IP address users logged in from, and—for users who provided such information—first and last names, phone numbers, addresses, and dates of birth. According to a report from Venturebeat, a separate e-mail sent only to select users provided an intriguing additional detail. "While we store passwords in a cryptographically protected form, we believe it's possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd," it said.