On August 24, a sudden failure occurred on the Steam platform, causing widespread complaints from players worldwide unable to access their accounts. Initially, many users speculated that the issue stemmed from an influx of players in the popular game Black Myth: Wukong. However, it was later revealed that a large-scale DDOS attack on Steam servers was the actual cause.
According to Perfect World, the attack impacted both the international Steam servers and the company’s servers in China. A total of 107 IP addresses of servers in 13 countries, including the United States, China, Japan, and Germany, were targeted in a well-planned attack carried out in four waves aimed at disrupting the platform’s functionality during peak player times across different time zones.
An analysis of cyberurosis by XLAB research group revealed that over 60 botnet control nodes were involved, coordinating actions of thousands of infected devices. The primary source of the attack was identified as a botnet named Aisuru, boasting around 30 thousand bots and a powerful attack rate of up to 2 terabits per second.
The timing of the incident with the release of Black Myth: Wukong on Steam raised suspicions that the attack may have been targeted at undermining the Chinese game market. Prior to this event, no major attacks on Perfect World servers had been reported.
The notorious botnet Aisuru gained prominence in the cybercrower community due to its potent attacks. Evolving from the previously known Fodcha, Aisuru exploited various vulnerabilities to hijack devices and conduct attacks, incorporating its own encryption and network communication innovations while continuing the strategies of its predecessor.
Aisuru utilized a sophisticated bot control system and encrypted commands to orchestrate its actions, employing multiple protocols to evade protective measures and adapt to new threats. This incident underscored the persistent threat of DDOS attacks on large Internet services, with the Aisuru attack significantly impacting the global gaming industry and causing substantial disruptions.