Naked Security Naked Security

PewDiePie-spammers and whale-flingers exploit hole in Atlas game

Last week hackers allegedly compromised an admin’s Steam account and used it to spawn planes, tanks, and whales in Atlas.

The newly launched Atlas game has pirates, a fountain of youth, ramshackle sloops, naval battles, submarines, and guillotines.

What Grapeshot Games’s MMO (Massively Multiplayer Online) game is not supposed to have: a flood of whales, spawning in water, on land and sometimes in mid-air.

Image from StreamerHouse playing ATLAS, on Twitch

That, however, is what happened after multiple players found and exploited a vulnerability in the Atlas game itself. On Sunday, an assistant community manager wrote on the Atlas community forum that the game maker had to do “emergency maintenance” at 09:00 am UTC, rolling back the game and wiping out players’ gains in the five and a half hours since the exploit enabled the infliction of whales.

Multiple accounts were eventually banned. But before the game admins had a chance to close the hole, the whale-flingers got bored and they, and/or others, started flooding the servers with dragons… after which some players exploited the vulnerability by spamming players to exhort them to subscribe to PewDiePie… for hours.

Did Atlas get PewDiePie-rolled?

This is par for the course for fans of Swedish video game commentary celebrity Felix “PewDiePie” Kjellberg. Last month, somebody intent on keeping PewDiePie in his position as top YouTube channel hacked printers worldwide to print pro-PewDiePie propaganda.

That propaganda war also included antics such as defacing the Wall Street Journal’s website and hijacking thousands of internet-exposed Chromecasts, smart TVs, and Google Home devices earlier this month. The gadgets were hacked to play yet another PewDiePie channel advertisement.

When it comes to the Atlas exploits, ZDNet’s Catalin Cimpanu suggests that the PewDiePie spam “seems more of a secondary effect” rather than being the main directive.

In fact, PewDiePie subscription spam seems to have become the “de facto prank message and a rite of passage for any wannabe hacker,” Cimpanu said.

Move over, Rickrolling and references to security journalist Brian Krebs. Modern-day pranksters have PewDiePie to drop into website defacements and malware code!

Atlas: Injury added to insult

The exploit of the technical vulnerability in Atlas on Sunday was actually the second time in days that Atlas was compromised, and it’s the second time that Grapeshot Games did a five-and-a-half-hour game rollback.

Early access to Atlas was launched on Steam before Christmas. Last week, on Thursday, hackers allegedly compromised an admin’s Steam account and used it to spawn planes, tanks, and whales in Atlas.

Grapeshot Games, from a post on the community forum on Thursday:

Earlier today, an admin’s steam account was compromised and used to cause some devastation on our Official NA PvP Network. To be clear this was not caused by a hack, third party program, or exploit. We have taken the appropriate steps to ensure this does not happen again. We’ll be rolling back our Official NA PvP Network by approximately 5 and a half hours to a network world save at approximately 11 AM UTC (3 AM PST/6 AM EST). We apologize for the inconvenience and we thank for your patience and understanding during this time.