Posted on January 25, 2022 at 5:35 PM
“Minecraft” DDoS Attack Shuts Down Andorran Internet For 30 Minutes
A multi-day Twitch gaming tournament was recently targeted by a “Minecraft” DDoS attack in the small European country of Andorra. According to reports on the incident, the attack affected Andorra’s only ISP, Andorra Telecom, causing the country’s entire internet to shut down. However, the disconnection lasted for 30 minutes before the internet was restored.
More than eight streamers were unfairly sent out of the tournament because the attack left them disconnected. The SquidCraft game, considered the most popular Twitch Rivals tournament, is in the popular “Minecraft” server, even though it’s a parody of the hit Netflix series “Squid Game.”
It’s not clear what the motive behind the attack was, but some think the attackers were trying to get the tournament’s huge $100,000 prize.
The breach was confirmed by Andorra Telecom via its Twitter page, noting that the network is undergoing a DDoS attack. The ISP also stated that users may find it difficult to browse the web as a result of the attack. Andorra Telecom, however, said it was dealing with the situation.
Eight Competitors Were Unfairly Kicked Out Of The Tournament
According to Tom’s Hardware report, the threat action occurred during the second day of the tournament, when not less than eight competitors were kicked out as mentioned earlier. Following the attack, Andorra’s contingent in the competition was eliminated, as confirmed via Twitter by internet watchdog NetBlocks.
While the investigation is ongoing, no suspects have been identified yet. However, the SquidCraft game is still ongoing and there is no indication that a further attack has been recorded. This is the latest development following the hacking incident involving the Log4j exploit. The attacks showed that threat actors are not relenting in their efforts to launch attacks on servers that are perceived vulnerable and less secure.
Based on the severity of the attack and its impact on the targets, the Log4j exploit could be considered the most dangerous. It was also discovered within the “Minicraft servers” last year and utilizes the popular data-logging tool Log4j.
The tool is utilized by several tech companies, which makes it very lucrative for hackers to exploit the vulnerability, victimizing several organizations in the process. Just three days after it was exploited, more than 840,000 log4j attacks were recorded.
Minecraft Is Now Considered A “Hotspot” For Malware Developers
While the SquidCraft game is very popular, attacks like this have caused a dent in its name and reputation against gamers. No one wants to be exposed to exploitation, which may see some gamers being discouraged to continue.
“Minecraft” has been called by MakeUseOf a hotbed of malware, saying the server is too vulnerable, which can put millions of users at risk of being exploited. The game has also topped the charts of games considered the “hotspots” of malware developers.
The claim is coming after AtlasVPN conducted research to confirm that the game is the most exposed when it comes to vulnerability to malware flooding. “Minecraft” players have been advised to be very careful with their connection and activities of the gaming server. Security researchers have warned them that more threat actors could decide to launch their attacks when they see how successful their predecessors have been.
In the latest attack, more than 303,000 individual devices were affected, and over 185,000 “Minecraft” users fell prey to the hackers.
The Identity Of The Perpetrators Is Not Known
A significant portion of the 150 SquidCraft games participants live in Andorra. In terms of fairness, day one went without any issue for all the players. The games “hide and seek”, “red light”, and “green light” went smoothly for all gamers without any issue, according to a Spanish language report on the incident.
However, a programming glitch caused the “cookie game” to be suspended on day two. At that time, it was not clear what the issue was. But that was when the DDoS attack on Andora Telecom started.
30 minutes after the attack, Andorra Telecom tweeted that it was getting back to normal service for everyone.
The Andorrans on the SquidCraft game have complained about their unfair elimination, but the organizers have nothing to do about it.
For example, internet observers at NetBlocks stated that it seemed the attack on Andorra Telecom was specifically launched to eliminate Team Andorra from the tournament.
However, these are all assertions as an investigation into the incident is still ongoing. Hopefully, more information about the attack and the identity of the perpetrators will be revealed after the investigation.