Latest News
Animal Jam data breach: 100,000 de-hashed user records leaked, 900,000 more sold on hacker forum
A database containing 900,000 user records from the free-to-play game Animal Jam is being sold on hacker forums, with another 100,000 records leaked as a proof-of-concept sample.
Animal Jam is a free-to-play pet simulator developed by WildWorks, a US-based game development studio. The game is available on iOS, Android, PC, and Mac, and has over 130 million registered accounts across all supported platforms.
Recently, the game suffered a data breach where a database containing more than 50 million stolen player records, including email addresses and hashed passwords, has been leaked on a hacker forum.
It seems that it took about a week for a second hacker to de-hash about a million passwords from the previous database and put the plain-text data for sale on another hacker forum: the user records stored in the file that was posted on the hacker forum on November 17 include the players’ email addresses and passwords in plain text.
To see if your email address has been exposed in this or other security breaches, use our personal data leak checker.
What data is contained in the leak?
The file posted on the hacker forum contains what appears to be 100,000 Animal Jam user records, including email addresses and presumably de-hashed passwords stored in plain text.
Such combinations of decrypted user credentials are also known as combo-lists, giving attackers ready-made, machine-readable strings. Combo-lists are typically used as input for automated authentication requests in various malicious activities, such as credential stuffing attacks.
What’s the impact of the leak?
Fortunately, the data found in the leaked file does not contain deeply sensitive information like document scans or credit card numbers. However, it can still be used against Animal Jam players in a variety of ways, such as:
- Carrying out credential stuffing attacks in order to hack players’ accounts in other games
- Holding players’ Animal Jam accounts ransom
- Spamming the victims’ email inboxes with malicious emails
Animal Jam is a free-to-play game that is targeted towards children and incorporates microtransactions. This means that selling stolen game accounts with unlocked premium features and cosmetics back to the affected players or their parents could net malicious actors a lot of money.
What to do if you have been affected?
If you (or your child) have an Animal Jam account and your data has been leaked on this hacker forum, we recommend you:
Change your Animal Jam and email passwords immediately and consider using a password manager to create long, complex passwords
If you have been using an identical password for any other games or online services, change it there as well.
Watch out for potential phishing emails. Do not click on anything suspicious or respond to anyone you don’t know.
Enable two-factor authentication (2FA) on all your online accounts.
De-hashing: The danger of using weak passwords
Judging from the Animal Jam combo-list sample posted on the hacker forum, the vast majority of the de-hashed passwords were weak and contained commonly used words and word-number combinations. While hashing is similar to encryption in that it scrambles input data into semi-randomized output data, there’s a significant difference: hashing is a one-way process.
Competent threat actors are able to de-hash weak passwords by taking acquired lists of password hashes and comparing them with hashes of known weak hash combinations. This is because of the difference between hashing and encryption: identical combinations of symbols will have the same hash value. This means that if a certain commonly used password has been de-hashed once, every other identical password can be de-hashed using the same value.
In fact, there are software tools that are designed specifically for these kinds of tasks. An attacker only needs to upload two text files (called “dictionaries”). The first dictionary is typically composed of hashed password column entries from a hacked database. In this case, it would be the hashed passwords from the previous Animal Jam breach.
The second column contains commonly used passwords or combinations of words, symbols and numbers. These combinations, when joined together, form the second dictionary.
The de-hashing tool takes the second dictionary and the hashes already known by the attacker and compares it with the first dictionary hashes. If any of the hashes match, the password is identified by the program and is associated with the plain text value, giving the attacker all the de-hashed passwords in plain text.
This might be how the threat actor who is selling the Animal Jam combo-list acquired a million passwords in a relatively short amount of time since the Animal Jam data breach.
Which brings us to the moral of the story: never use weak passwords. And if you’re as bad at creating and remembering strong passwords as we are… please, for the love of all that is holy, use a password manager.
7777 gaming, a leading provider of online casino games, is thrilled to announce its entry into the Georgian market through a strategic partnership with Europebet – one of the leading online gambling operators in the region, part of the renowned Betsson Group since 2015.
7777 gaming presents an expansive collection of more than 100 online casino games, each meticulously certified to comply with Georgia’s latest legal standards. With a focus on innovation and quality, 7777 gaming provides unique and engaging casino experiences that cater to the preferences of the new generation of players.
The direct integration of 7777 gaming’s content into Europebet’s platform demonstrates a commitment to offering players a premium gaming experience with a wide range of high-quality titles. Through this integration, players at Europebet in Georgia can enjoy 7777 gaming’s engaging and diverse games portfolio, such as Cash 100, Barbarian, Candy Anyways, Sea of Treasures, Diamonds of Majesty, and Thracian Treasures.
Elena Shaterova, Chief Commercial Officer at 7777 gaming, stated: “We take pride in our relentless dedication to adhering to the latest legislative requirements in Georgia’s online gambling sector. Recognizing the immense potential of this lucrative market, we eagerly join forces with Europebet, a renowned brand synonymous with thrilling gameplay, innovation, and creativity.”
Mindia Tsiklauri, Slots Product Manager at Europebet said: “Our partnership with 7777 gaming introduces a new dimension of entertainment for our players. Their extensive and distinctive game selection adds valuable diversity to our platform, a sought-after quality in our vibrant and competitive market. Continuously seeking innovative avenues to captivate our audience, we view 7777 gaming as an invaluable ally in our ongoing mission.”
La Française des Jeux (FDJ), one of Europe’s leading betting and gaming operators, will meet investors over the next days with a view to launching its first bond issue, subject to market conditions.
FDJ recall that, on 7 November, Moody’s assigned the Group a long-term credit rating of Baa1 – stable outlook.
With a total value of €1.5 billion, in 3 tranches with maturity of 6, 9 and 12 years, the bond issue would be used to refinance most of the €2 billion bridging loan, drawn on 7 October to finance the acquisition of Kindred shares for nearly €2.5 billion. The bonds will be listed on the Euronext regulated market in Paris.
Furthermore, FDJ is finalising a €400 million syndicated loan with top-tier French and international banks, which will be repaid over 5 years. This financing is also intended to repay the bridging loan which will be settled with Group’s cash.
Celebrating 15 years of BEGE, Sofia Expo will transform itself again into the epicenter of the regional gaming industry from November 27-28. The annual gathering invites the industry’s key manufacturers, suppliers and customers for two days of business and networking. NOVOMATIC, as Europe’s largest gaming technology group, is naturally participating with a first-rate product range and unrivalled offerings dedicated to the Balkan markets.
The appealing DIAMOND X 1.55J cabinet will shine as one of the sophisticated product highlights at the NOVOMATIC stand #2.11, showcasing the latest Linked Progressives, such as CASH FLOOD Link and GODS & LEGENDS Link. Also being presented in the elegant DIAMOND X 1.55J cabinet will be the unique Linked Progressive XTENSION LINK Volume 2, which has quickly become a favourite with operators and players alike, with its clear above-floor average and regular top-floor performances in many casinos across different markets.
Visitors also shouldn’t miss out on the brand-new SUPERIA GAMES Link 1, which comprises 25 classic and recent titles from the renowned player favourites CASH CONNECTION and GOLDEN LINK. Furthermore, the outstanding BLACK EDITION II XL 3.32 will be presented with the exclusive NOVO LINE CASH CONNECTION Edition 4.
The BLACK EDITION II 3.27, with three 27” screens starring the NOVO LINE Edition X4 and Impera Line HD Edition 9, guarantees exciting gaming fun and profitable variety in video slot entertainment.
Visitors can also enjoy an exciting entertainment programme on the NOVOMATIC stand and delicious catering from AdmiralBet Pub.
Miloš Pejić, NOVOMATIC Regional Manager SEE, said: “We are looking forward to welcoming our customers to the extraordinary NOVOMATIC Experience at our stand. Whether you are focused on international markets or the Balkans, our product line up offers the best solution for everyone. We invite you to visit us, meet our team, and discover the best product variety for your needs. See you in Sofia!”
7777 gaming enters the Georgian market in partnership with Europebet
FDJ Announces its First Bond Issue
NOVOMATIC Presents New Gaming Highlights at the BEGE
Spillemyndigheden Calls Attention to FATF’s Updated Lists of High-risk Jurisdictions
Betsoft Gaming Invites Players to Mount Olympus in Coins of Zeus – Hold & WinTM
Flutter CEO Peter Jackson Signals Bid Interest in Italy’s Main Lottery Licence
BetBlocker partners with Yellow Scarf to deliver to valuable support to Ukrainian, Polish and Russian communities in the UK
South Africa: Tribunal Grants Lottoland Interim Relief – Orders Google to Grant Lottoland Access to its Advertising Platform
SmartSoft’s expertise and future vision for the African market
BOOMING GAMES EXPANDS IN EAST AFRICA WITH MAYBETS LAUNCH
SIS partners with leading operator 888AFRICA to provide live numbers draws
Promatic Games named Best Emerging iGaming Company at the European iGaming Excellence Awards 2024
Slot Saturation – Q&A w/ Qianqian Liu, Senior Art Director at Gaming Corps
Safety First: Slots Temple Q&A
Play’n GO announces partnership with Finnish state-lottery Veikkaus
SiGMA Europe Summit Alert
-
Asia5 days agoHong Kong Construction Titan Turned Macau Casino Boss Lui Che-Woo Dies Aged 95
-
Cryptocurrency7 days ago
Kyrrex to host online panel discussion on MiCA and the future of crypto in Europe
-
Asia7 days ago
Skillhub Online Games Federation Launches SOG Grandmasters Series, Targets Discovery of 1 Lakh Gaming Talents Nationwide
-
Africa6 days ago
SunBet Extends Online Betting Platform Contract with Bede Gaming Amid Record-Breaking Performance
-
Conferences in Europe7 days ago
Aviatrix approved for Sweden take-off
-
eSports7 days ago
Welcome to the World Esports Championship 2024!
-
Africa6 days ago
Booming Games Partners with Hollywoodbets to Launch Immersive Slots Games in South Africa
-
eSports6 days ago
Intel commits to developing young talent in universities from the UK and Ireland through UNIVERSITY Esports
