Threat Watch

Massive Twitch Breach

Twitch source code and streamers’ and users’ sensitive information were allegedly leaked online by an anonymous user on the 4chan imageboard. The leaker shared a torrent link leading to a 125GB archive containing data allegedly stolen from roughly 6,000 internal Twitch Git repositories. “Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them, and in part one, are releasing the source code from almost 6,000 internal Git repositories,” the post reads. According to the anonymous 4chan user, the leaked Twitch data contains: The entirety of twitch.tv, with commit history going back to its early beginnings, mobile, desktop, and video game console Twitch clients, various proprietary SDKs and internal AWS services used by Twitch, every other property that Twitch owns, including IGDB and CurseForge, an unreleased Steam competitor from Amazon Game Studios, Twitch SOC internal red teaming tools, and creator payout reports from 2019 until now. The anonymous poster named his thread “twitch leaks part one,” which hints at further stolen Twitch data likely being leaked in the future. Researchers downloaded a portion of the leaked data and confirmed that it looks authentic and matches what was disclosed by the attacker. The leak was likely a direct reply to Twitch’s lack of response and effective tools to fend off hate raids targeting streamers in August, given that the anonymous leaker also used the #DoBetterTwitch hashtag. This hashtag was used on Twitter by streamers who shared how their Twitch stream chats were being flooded with harassment bots. Twitch eventually acknowledged the issue and said it will launch account verification and channel-level ban evasion detection tools later this year. “Thank you to everyone who shared these difficult experiences. We were able to identify a vulnerability in our proactive filters and have rolled out an update to close this gap and better detect hate speech in chat.,” the company said. A Twitch spokesperson has confirmed that “a breach has taken place.”

ANALYST NOTES

With the extent of the breach, all users of the Twitch platform are highly recommended to change their login credentials in case the breach did contain user credentials. With payout reports being leaked, content creators should monitor their financial accounts closely for any fraudulent activity.

https://www.bleepingcomputer.com/news/security/massive-twitch-hack-source-code-and-payment-reports-leaked/