Forums

Twitch Safety Thread is sticky

Quick find code: 14-15-759-66231630

Mega Duck
Nov Member 2013

Mega Duck

Posts: 3,057 Adamant Posts by user Forum Profile RuneMetrics Profile
Hey everyone! :)

I would just like to raise some awareness regarding a problem on Twitch, that allows hackers to steal the IP addresses of people that view their channel by using an extension.

The main way that they do this is by using a bot to follow streamers on multiple accounts, in hopes that they will get curious and check out their channel. They have also been known to do "Hate Raids" and spam the chat with hateful and offensive language in hopes to bait people into visiting their channel.

There are a few video's out there with inaccurate information about this, stating that having your IP address leaked is virtually harmless, besides DDoS (distributed denial of service) attacks.
This is very untrue
, having your IP address leaked puts you at risk of being "Doxed" Which is a term used to gather information about the victim, leading to their accounts being hijacked.

What is a Dox?


Doxing is a process where a hijacker searches for private information about an individual such as name, address, usernames, passwords, email addresses and IP Addresses.
If any of the above are obtained by a hijacker, they can use this information to search against leaked databases of websites that have had security breaches.

What is a breached website?


A breached website is a website that has been previously hacked and had all of their users information stolen, such as usernames, passwords, emails and IP addresses.
If a hacker has any information like the above, they can get other information linked to it, which can lead to email accounts, social media, steam accounts and many other things being stolen.

Does Twitch know about this?


Twitch knows about this and have put a couple of security features in place, including making it so that only verified accounts can post on a users channel if they have the option selected.
This is more of a Band-Aid type of solution and doesn't fix the issue 100%.
5.8b exp
|
Trimmed Completionist
| Account Security | Mega Duck Community Events

07-Oct-2021 01:59:48 - Last edited on 07-Oct-2021 16:18:31 by Mega Duck

Mega Duck
Nov Member 2013

Mega Duck

Posts: 3,057 Adamant Posts by user Forum Profile RuneMetrics Profile
How can i keep safe?


First of all, Dox attacks are more dangerous for people with poor internet habbits i.e. signing up to dodgy websites that are later hijacked and have all their users information leaked. Only sign up to places that you know are trust worthy and secure.

>
Never post your email address or other sensitive info on websites, you can check if you already have by searching your email address on google.

>
Never recycle an old password and remember to change them every so often, i personally change mine once every 6 months or so.

>
Use 2-factor authentication wherever you can, especially on your email addresses that have important accounts linked to it.

>
Don't click on dodgy accounts that you see type in the chat

>
If you're a streamer, don't check on the accounts that follow you. (they usually follow on more than 1 account with similar names, so be aware of that.)


If you're a streamer, here are some measures you can take:


How to use AutoMod
https://help.twitch.tv/s/article/how-to-use-automod?language=en_US


How to block certain terms and phrases:
https://help.twitch.tv/s/article/how-to-use-automod?language=en_US#BlockedandPermitted


Secure chat with email/phone verification
https://blog.twitch.tv/en/2021/09/29/securing-your-chat-with-phone-and-email-verification/


A couple of malicious Twitch usernames that are the most popular:


HOSS_RandomText
JudySlayer
Lunar


I have altered these names slightly to protect the community and to avoid people going to search for them. I will update the list if more crop up.
5.8b exp
|
Trimmed Completionist
| Account Security | Mega Duck Community Events

07-Oct-2021 01:59:52 - Last edited on 07-Oct-2021 04:53:58 by Mega Duck

Mega Duck
Nov Member 2013

Mega Duck

Posts: 3,057 Adamant Posts by user Forum Profile RuneMetrics Profile
Static IP Vs. Dynamic IP Addresses


A static IP address is simply an IP address that doesn't change. Once your device is assigned a static IP address, that number typically stays the same until the device is decommissioned or your network architecture changes. Having a static IP puts you at greater risk of being Doxed.

A Dynamic IP is subject to change at any time and usually switching your router off and back on will change your IP address.

How do i know if my IP is Static or Dynamic?


- Type “Cmd” in the search bar.
- Click “Command Prompt”
- Type “ipconfig/all” in the Command Prompt window and press “Enter”
- In the list of network information displayed, look for “DHCP Enabled”


If the word next to DHCP Enabled is no, this means you have a static IP
If the word next to DHCP Enabled is yes, this means you have a Dynamic IP


What to do if you fallen victim to an IP grabber?


>
The first thing you should do is change your passwords, starting with your most important online accounts such as your email address.

>
Enable 2-step verification and any other security measures that are available on all of your important accounts.


>
Switch social media accounts to Private.


>
If you have a Dynamic IP, restart your router.


>
If you have a Static IP, you will need to contact your Internet service provider and ask them to change it for you.


>
Form safer habbits when clicking around the internet.
5.8b exp
|
Trimmed Completionist
| Account Security | Mega Duck Community Events

07-Oct-2021 02:30:12 - Last edited on 07-Oct-2021 04:51:07 by Mega Duck

Kopaka

Kopaka

Posts: 3,578 Adamant Posts by user Forum Profile RuneMetrics Profile
Might be worth mentioning that most people have a dynamic IP address. This means you get a new one regularly from your ISP and if you reset your router this will usually give you a new one, too.

You can easily see your IP address if you just type into a search engine, 'what is my IP address?' this is because in order to serve you data, websites you visit receive your IP address. Otherwise they wouldn't be able to send the information back to you when you click a button etc.

Static IP addresses which stay the same over time and don't change when you reset your router are normally more expensive and are intended for web hosting.

07-Oct-2021 03:24:52 - Last edited on 07-Oct-2021 03:29:37 by Kopaka

Mega Duck
Nov Member 2013

Mega Duck

Posts: 3,057 Adamant Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
Extremely helpful thread! Thank you so much for taking the time to catalogue all of this info! I'll give this a sticky for the time being, as this is a pretty big issue right now.

Cheers :)

Thanks for the sticky, CM Nick! Very appreciated. :)

Original message details are unavailable.
Thanks for sharing this useful information and thanks to CM Nick for applying some glue.


No problem, hopefully twitch finds a way to stop the exploit. Unfortunately due to it being caused by 3rd party extensions, they are having trouble dealing with it without rendering other extensions unfixable.
5.8b exp
|
Trimmed Completionist
| Account Security | Mega Duck Community Events

07-Oct-2021 22:49:30

Jr0113
Oct Member 2021

Jr0113

Posts: 59 Iron Posts by user Forum Profile RuneMetrics Profile
I will also add onto this by recommending those who do stream on Twitch to refrain from using Chrome as a browser as it is the #1 browser for vulnerabilities. Instead, I suggest using Firefox or even Tor (#1 recommended browser of 2021).
"To make any kind of progress, we need to imagine a different reality and believe that it is possible."
-
Tali Sharot

06-Jan-2022 06:09:00

Quick find code: 14-15-759-66231630 Back to Top