For two hours, several Twitch pages have been modified by alleged attackers who would have obtained unauthorized access.
The affected pages are those of some of the most popular games of the moment, such as GTA V, Back 4 Blood, Minecraft and Apex Legends. Through these pages it is possible to access live streams of users playing those titles, and include information such as the synopsis and images of the games.
The attackers have managed to change those images for a photo of Jeff Bezos, in which the founder of Amazon, owner of Twitch, is shown making a funny gesture with his face; It is an image that has been used as a ‘meme’ on social networks.
Early users noticed the change at 11:00 AM PST, but it could have happened earlier, and the photos were shown until at least 1:00 PM.
At the time of this writing, it does not appear that hackers have had access to user data, but Twitch has not yet officially confirmed this. The attackers have most likely exploited a vulnerability or accessed through a secret method available only to Twitch employees.
This week, a 4Chan forum user shared about 120 GB of files belonging to Twitch , including the source code for the website; the attackers could have analyzed the code in search of ‘bugs’ or possible uncontrolled access. In this way, they managed to upload the image of Bezos to the Twitch servers, and link it on the games pages. The same photo of Bezos was used in the original announcement of the hacker attack.
According to The Verge, former Twitch employees warned that this was a likely scenario, accusing the company of not doing enough in terms of cybersecurity.
It is also possible that this is a case of ‘cache poisoning’, a technique consisting of modifying the cache memory used by the servers so that they obtain files other than the normal ones; it can also be used to redirect users to other sites.
At the moment, the attack appears to have affected only a few specific pages, and not the entire Twitch system and other data.