Steam platform rarely crashes: nearly 60 botnets, DDoS attacks surge 20,000 times

Details of a rare major crash in Steam history revealed: nearly 60 botnets, DDoS attacks surged 20,000 times

On August 26, according to various sources, on the evening of August 24, the Steam platform encountered a large number of users reporting that they were unable to log in. At the same time, topics related to "Steam crashed" quickly became hot searches on Weibo. According to an announcement issued by the Perfect World Competitive Platform, the unstable state of the Steam platform was caused by the impact of a DDoS attack.

The next day, Qi’anxin XLab officially issued a statement confirming that the Steam platform indeed encountered a DDoS attack on the evening of August 24. This incident directly caused many users to be unable to successfully log in or enter the game. It is reported that this attack was jointly launched by nearly 60 botnet masters, and the number of attack instructions increased by more than 20,000 times in just one night.

▲Steam outages reported by Downdetector users

DDoS attack, the full name of Distributed Denial of Service, is a type of network attack method. Its characteristic is that the attacker uses one or more computers distributed in different geographical locations to attack single or multiple targets simultaneously. Launch an attack. This type of attack aims to cause the server to run slowly or even completely crash by consuming the performance or network bandwidth of the target server, thereby preventing the server from providing normal services.

"As far as this DDoS attack is concerned, its large scale, large number of controlling botnets, violent attack intensity and thorough organization are all extremely rare among the attacks we have observed in recent years." Qi Anxin XLab Lab recently announced the details of this DDoS attack: The attack was launched by nearly 60 botnet master nodes. The number of attack instructions increased by more than 20,000 times overnight, and repeated attacks were carried out on the Steam global website. , affecting 107 Steam server IP addresses in 13 countries and regions.

1. The number of attack instructions has increased significantly, increasing by 20,000 times compared to normal times. This change is extremely prominent compared to daily conditions.

In this attack, the Xlab laboratory detected a total of 280,000 attack instructions targeting the Steam platform. Based on long-term historical observations, although there have been attacks against Steam in the past, the number of attack instructions usually remains at double-digit levels. However, "last night this number jumped by more than 20,000 times. Such a high number of attack instructions is really rare in our experience in the industry."

▲Trends of attack commands against steam platform attacks in the past year

2. This attack involved the participation of nearly 60 botnet masters. Its scale was 15 times larger than the previous DDoS attack (only 4 botnets) encountered during the live interview between Trump and Musk. . In addition, multiple attack groups used NTP, CLDAP and other reflection amplification attack methods to jointly participate in this attack. The use of such a large-scale botnet is a rare phenomenon in recent years.

3. The intensity of this attack was extremely violent. The attackers went all out to conduct concentrated attacks on a total of 107 Steam server IPs in 13 countries and regions around the world. It is reported that the attack began at 18:00 on August 24. The attackers first concentrated their firepower on the Singapore node computer room in Asia and the Perfect World computer room represented by Steam China. Then on the morning of the 25th, they turned their attack targets to the American computer room. . The choice of attack time almost coincides with the peak hours of the local game (i.e. local evenings and nights), showing the attacker's high degree of targeting and careful planning. The key attack targets cover 13 countries and regions including China, the United States, Singapore, Sweden, Germany, Austria, Spain, the United Kingdom, Japan, South Korea, Australia, Chile, the Netherlands, etc., with a total of 107 Steam server IPs.

▲Screenshots of some attacks on Perfect World’s Steam servers

Last week, the peak number of online users of "Black Myth: Wukong" on the Steam platform successfully exceeded the 2.4 million mark on August 22. However, due to a sudden failure of the Steam platform, the number of real-time online users of the game plummeted to less than one million. As of now, the number of current players of the game on the Steam platform has stabilized at 390,000, and it once again showed strong momentum today, with the peak number of online players climbing to 2.13 million. This data fully demonstrates the widespread influence of "Black Myth: Wukong" in the game market and the enthusiastic expectations of players.