What just happened? After the massive Twitch leak earlier this week, hackers are now exploiting the frontend logic of the platform for their own amusement. All of this is said to be mounting on the Amazon-owned platform as a direct result of its negligence on the security side of things, so it looks like this could be just the start.
Twitch has been having a hard week, and it’s not quite over yet. This morning, hackers were able to deface the platform for a few hours, seemingly uninterrupted by anything other than their own laughter.
Users who jumped on the Amazon-owned service were greeted by closeup images of Jeff Bezos when searching for GTA V, Dota 2, Apex Legends, Minecraft, Smite, Overwatch, Dead by Daylight, Final Fantasy XIV, and several other games. Apparently, hackers replaced many background game images with the creepiest photos of the Amazon chairman and founder they could find.
As of writing, the most likely explanation for this is that some people who got their hands on a treasure trove of information and code about Twitch’s inner workings are now abusing the site’s functionality for fun. As with all such leaks, it was only a matter of time before it would be exploited, and this is likely just the beginning.
It all started on Tuesday, when someone on 4Chan posted a torrent link to over 125 gigabytes of source code, API documentation, internal tools and unreleased projects, and more. This was supposedly done to spur more competition in the video streaming space, but a lot of people were drawn by leaked gross payouts for the most successful Twitch streamers.
Twitch has been investigating the incident, but only confirmed that a “malicious third party” had exploited an error in a server configuration change to perform the hack, and that sensitive information like credit card information wasn’t exposed. However, several former employees told The Verge the situation is a lot more complicated than the company is willing to admit.
One source claimed that Twitch had been receiving multiple warnings about security and safety issues, but the company often ignored them as it scrambled to launch new features and grow the platform as quickly as possible.