Close
indie games Chinese games TapTap

Cyberattacks target Chinese indie online games for ransom, but developers refuse to let the hackers win

Chen Du

posted on August 10, 2021 3:58 pmEditor : Wang Boyuan

In a series of less-than-elaborated game hacking schemes, the servers of Duel of Sword, a recently published online player-versus-player mobile game, crashed after being attacked using a common hacking method called DDoS (Distributed Denial of Service).

QingDu Game, the game maker, announced that it had temporarily shut down PVP features and already refunded all of the in-game purchases, prompting online users to applaud the developer’s resolve (since PVP is at the game’s core). 

Song Jiubian, a co-founder of QingDu Game, posted that the studio does not intend on paying the ransom, saying “宁为玉碎,不为瓦全!”(literally “rather be a shattered vessel of jade than an unbroken piece of pottery”, or “better to die with honor than to survive in disgrace”.)

According to the studio, as well as other developers that suffered from such hacking, Duel of Sword became the latest victim of ACCN. This hacker organization notoriously targets promising indie game studios. 

Game developers posted on Zhihu, a Chinese social network and Quora-like Q&A website, that nearly all known victims of ACCN were once highly-anticipated online mobile games developed by indie studios, and were attacked early on, or sometimes immediately after their publishing. ACCN often stakes its potential targets out by looking at the “rankings” sections on TapTap, a popular forum as well as a publishing company for mobile games.

A screenshot showing ACCN’s ransom notice to QingDu Game. Image Credit: QingDu Game
A screenshot showing ACCN’s ransom notice to QingDu Game. Image Credit: QingDu Game

Many of ACCN’s past victims were also using cloud servers provided by Tencent Cloud. Some of them paid the ransom; some quickly purchased extra services from Tencent to defend against future DDoS attacks, which often costs more than what the hackers were asking, while others stuck to not paying at all, suffering from hundreds of thousands, if not millions of RMB in potential loss from server crashing. Many developers have posted online in the past years, asking for help with standing up against ACCN.

QingDu Game said that ACCN originally targeted Duel of Sword’s login servers, which TapTap already protected, but later on moved on to attack servers that were handling online combat, which was not sufficiently protected at the time.

Huang Yimeng, the CEO of X.D. Network (the operator of TapTap) posted on Zhihu that his company had been working together with developers and law enforcement agencies to try to apprehend the hackers while providing free DDoS protection service to developers: “Duel of Sword had already utilized our protection service, however some of its online combat servers were fallen due to our insufficient experience.”

Huang added that developers and gamers should not fear “these criminals who earn a living by extorting small and medium-sized developers”, since these so-called ACCN hackers are sometimes “mere kids who hide behind their computers and buy DDoS attacks on Taobao.”

What Huang referred is an actual kind of product, dubbed DDoS-for-hire by security professionals, being sold online through e-commerce websites. Sellers of such DDoS attacks mask their offerings as “server pressure tests” or “controlled internet traffic renting”, etc., and post them onto Taobao or Xianyu, an e-commerce website/app for second-hand goods, which is often less regulated. Huang also called on these platforms to look into these postings.

A screenshot of DDoS-for-hire postings on e-commerce website Xianyu. Image Credit: Huang Yimeng
A screenshot of DDoS-for-hire postings on e-commerce website Xianyu. Image Credit: Huang Yimeng

Traditionally, malicious hacking of computer systems is severely punishable in China, but the situation is more complicated in this case. The limited information collected by industry insiders suggests that ACCN is a hacker organization loosely run by a group of Taiwan-based hackers, who are currently out of the jurisdiction of local law enforcement in Mainland China. 

Although international internet traffic is blocked mainly in China, the likely scenario brought up by Huang, that these hackers were using Mainland China-based DDoS-for-hire services, means that they can continue to hold indie games across the Strait as hostages however they please.

The targeted hacking against smaller game studios and publishers already irritated quite a lot of gamers throughout recent years. 

As giants like Tencent currently dominate the Chinese gaming market, many gamers purposefully spend more time and money on indie games developed and published by smaller companies and have a lot of respect and care for them. The success of Genshin Impact by MiHoYo, as well as a number of other games made by smaller Chinese developers, also proved that indie works could make a global hit and mount a worthwhile challenge against the giants, marking the beginning of an exciting era for new market disruptors to emerge. 

In this sense, gamers are infuriated to have found that the game they finally can enjoy was quickly being taken down due to hacking.

On Chinese social media, gamers call authorities to crack down on hackers and protect game developers. One user named Pingsheng posted on Zhihu, saying that “it is already a feat for such small developers to get publication approval” in China, adding that relevant authorities should protect and support such cultural products that not only innovated on game mechanics but also actively promote the Chinese martial arts culture.

Top Image Credit: QingDu Game