What To Do After A Smurf Attack?

Introduction

As far as anyone knows, the smurf attack is a Denial of Service (DoS) attack. In this letter I will try to show you what one can do After being attacked by an attacker who uses a smurf attack in the direction of your computer that enables him to perform a DoS against you using ICMP.

Smurf attacks have been known for years and depend on the fact that most routers forward broadcast messages through all their interfaces. A “Smurf” is a forged ICMP packet sent with a source address spoofed towards some target host on the Internet; this generates an enormous amount of ICMP echo traffic back to this target. It’s kind of a ping flood, that’s all.

Case incident

According to the official statement of Riot games , someone(a team of hackers) had hacked into North American game servers and had given unfair advantages to some players. The hackers were able to get access to these accounts through an email list of all players. A player interviewed yesterday stated that his account was broken by a hacker due to which he lost 125$ in RP and a rare skin called Silver flame(worth around 300$). This shows how much damage can be done by smurfers.

Steps To Do After A Smurf Attack?

Step 1- Check if your email is compromised or not.

This step is very important to follow in case you are getting signed out repeatedly from your account. Riot games accounts are linked with your email address, so it’s possible that either someone has accessed your email account(in which case you might want to check the “Hacked Email Account” tutorial) or they have used smurf accounts to send password recovery requests for your email account. If any password recovery request comes to your email account then immediately change the password of both the email and game account to prevent hackers from gaining access. You can also check my earlier tutorial on how to know if your email account has been hacked. For checking whether any password requests were sent to your email address or not, go to this link and see if any password reset request has been sent.

If none of the requests are found in your account then it is possible that they might have used smurf accounts for resetting passwords.

Step 2- Check with Riot Games for suspicious sign in activity.

Now that you are sure that someone else(hacker) is accessing your account, ask Riot games about it immediately through the Report A Player forum . Provide them with all details like what time did you logout last? When did this start? Who has logged in when you didn’t? What were their names etc… If it’s a smurf attack then you will be able to see smurf accounts or computer names in the games played list. Riot usually responds within 24 hours so be patient after you have provided them with all information about the hacked account.

Step 3- Change your password and email if required.

After Riot investigates your report, they will ask you to change the passwords of the game account and email account (if it is linked). So do that right away to make yourself secure from hackers

Step 4- Contact your ISP(Internet Service Provider) 

for further information on hacker’s IP address(basically whom should you contact in case someone hacks into your network to peep other people’s data)

Assuming that the hacker might have used his own internet connection for hacking into the game account, then ask your internet service provider(ISP) for the list of all IP addresses and time (at which time that connection was made and from which ISP it came etc…)

Step 5- Contact PayPal/Other UP or Banks  to block payment methods.

If you use PayPal or any payment method  as a payment method for buying Riot points, then ask PayPal to block it since hackers might have used your account to make purchases. Do this without any delay since after initiating charges through paypal, they cannot be reversed.

Step 8- Contact your ISPs for suspicious activity on other accounts.

Ask your ISP security about the list of all IP addresses and time which came from their area and accessed your email/other linked accounts. This is very important because hackers might use the same password(which was already hacked) for accessing more accounts like Facebook, YouTube which can lead to losing even more data. If possible ask them what action should be taken in case such a thing happens again.

Conclusion 

In the Above article we learnt few steps to be followed once being impacted by a Smurf Attack and keep our network safe and emails to be protected by such hamper.

This is why it’s important to use different passwords everywhere. However, if you ever do want to reuse the same password then keep in mind that not all websites are equally secure or safe for storing your data hence change their password when a concerned website asks you to. If possible consider using email authentication(sending one time password) too since it can help in preventing hackers from accessing your account even after gaining access to your email address.