news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

According to Fast Technology on August 26, on the evening of August 24, many netizens reported that they were unable to log into Steam and could not enter the game.

Subsequently, Steam’s Chinese agent, Perfect World Competitive Platform, stated that the Steam crash was caused by a large-scale DDoS attack.

Recently, Qi'anxin XLab Laboratory published an article disclosing and restoring the behind-the-scenes details of this attack.

According to the introduction,Nearly 60 botnet masters launched this DDoS attack, and the attack instructions increased by more than 20,000 times overnight. They attacked Steam's global website in turn, involving 107 Steam server IPs in 13 countries and regions.

Attack command trends for attacks against Steam in the past year

In this attack, Xlab observed a total of 280,000 attack instructions against the Steam platform. Based on long-term historical observations, attacks against Steam have occurred frequently in the past, but the number of attack instructions was usually in double digits.

On the night of the incident, the number of attack commands skyrocketed by more than 20,000 times. Such a high number of attack commands is extremely rare.

In addition, other attack groups also participated in this attack using methods such as NTP and CLDAP reflection amplification attacks. The mobilization of botnets on this scale is rare in recent years.

It is understood thatStarting at 18:00 on August 24, the attackers concentrated their firepower on attacking the Singapore data center in Asia and the Perfect World data center represented by Steam China. On the morning of the 25th, they switched to the US data center.

In terms of time selection, it almost coincides with the local gaming peak period (local evening and night).

The main attack targets include 107 Steam server IPs in 13 regions including China, the United States, Singapore, Sweden, Germany, Austria, Spain, the United Kingdom, Japan, South Korea, Australia, Chile, and the Netherlands.

It is reported that the Baidu index of the Steam platform is usually around 70,000, but it surged to 315,000 on the day when "Black Myth: Wukong" was launched.

XLab laboratory said that considering the characteristics of this DDoS attack, such as the surge in attack commands, the huge scale of the botnet, and the fierce firepower of the attackers, it is almost certain that there is a strict organization and a careful action plan behind this attack, as well as a clear attack target.

"Black Myth: Wukong" has just been launched and has become popular.It happened to be Saturday night, when players were online at their peak, and Steam suffered such a large-scale DDoS attack. XLab said that it was hard not to think that the attack was not aimed at "Black Myth: Wukong".

Screenshots of some of the attacks on Perfect World's Steam servers