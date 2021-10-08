Twitch has vandalized game pages with photos of Jeff Bezos

It’s been a very complicated week for Twitch. After the leak on Wednesday (6) of a 125 GB directory of the platform, with reports income streamers, internal tools and the site’s source code, this Friday morning (8) several game pages were vandalized with an image of Amazon founder Jeff Bezos. Remember that the retail giant is the current owner of the streaming service.

Twitch has individual pages dedicated to video game titles, so visitors can quickly find l

ives

of the game they want to watch. Usually, these pages, in the background, have images that reference the game.

Dota 2 game page with Jeff Calfs in the background. (Image: Playback/BleepingComputer)

However, as many Reddit and Twitter users commented this Friday morning, several of these pages were in the background with a photo of Jeff Bezos

The same image of Amazon’s founder was also used in the post that made the platform’s data leakage available on the 4chan website. To remedy the issue, Twitch has disabled all game page backgrounds.

4chan’s post with Twitch’s data leak. (Image: Playback/BleepingComputer)

Twitch still in danger?515189

According to a former employee of the platform, in an interview with The Verge website, the data leak that occurred on Wednesday contains information about the functioning of several internal services of the website and Amazon , which can be used for malicious purposes as long as Twitch makes no changes to these affected aspects. At the same time, as of this writing, it is not known whether the changing of background images was possible due to the leaked information or the use of another vulnerability.

According to a Reddit user , it is possible to modify the images of the game pages from modifications in the cache present in the Content Distribution Network (CDN) used by Twitch. CDNs are networks of servers that keep copies of website content in their memory, that is, cache, and then make them available to visitors.

The Reddit user finishes explaining the theory, stating that if this method was used, it does not mean that the author of the modification has had access to Twitch’s internal systems and sensitive information, since, although the CDN cache modification is an invasion, it does not give access and control to anything in addition to the pages saved on their servers.

The

Canaltech

contacted Twitch’s press office, asking about what had happened. However, until the publication of this news, the answer had not yet been sent. The story will be updated when we have a platform placement.

Source: BleepingComputer, The Verge

