Industry News
MMO game Street Mobster leaking data of 1.9 million users due to critical vulnerability
Attackers could exploit the SQL Injection flaw to compromise the game’s database and steal user data.
The CyberNews.com Investigation team discovered a critical vulnerability in Street Mobster, a browser-based massively multiplayer online game created by Bulgarian development company BigMage Studios.
Street Mobster is a free to play, browser-based online game in the mafia empire genre where players manage a fictional criminal enterprise. The game boasts a 1.9+ million player base and stores a user record database that can be accessed by threat actors by committing an SQL Injection (SQLi) attack on the game’s website.
Other games created by BigMage Studios are also potentially vulnerable to the same type of attack, which means that there is a possibility that even more users might be at risk.
The records that can be compromised by exploiting the SQLi vulnerability in Street Mobster potentially include the players’ usernames, email addresses, and passwords, as well as other game-related data that is stored on the database.
Fortunately, after we reported the vulnerability to BigMage Studios, CERT Bulgaria, and the Bulgarian data protection authority, the issue has been fixed by the developers and the user database is no longer accessible to potential attackers.
What is SQL Injection?
First found back in 1998, SQLi is deemed by the Open Web Application Security Project (OWASP) as the number one web application security risk.
Even though this vulnerability is relatively easy to fix, researchers found that 8% of websites and web applications are still vulnerable to SQLi attacks in 2020. Which, from a security perspective, is inexcusable. So much so, in fact, that UK internet service provider TalkTalk was hit with a record £400,000 fine over succumbing to a cyberattack that involved SQLi.
The vulnerability works by injecting an unexpected payload (a piece of code) into the input box on the website or in its URL address. Instead of reading the text as part of the URL, the website’s server reads the attacker’s payload as code and then proceeds to execute the attacker’s command or output data that would otherwise be inaccessible to unauthorized parties. Attackers can exploit SQLi even further by uploading pieces of code or even malware to the vulnerable server.
The fact that Street Mobster is susceptible to SQLi attacks clearly shows the disappointing and dangerous neglect of basic security practices on the part of the developers at BigMage Studios.
How we found this vulnerability
Our security team identified an SQL Injection vulnerability on the Street Mobster website and were able to confirm the vulnerability by performing a simple command injection test on the website URL. The CyberNews team did not extract any data from the vulnerable Street Mobster database.
What’s the impact of the vulnerability?
The data in the vulnerable Street Mobster database can be used in a variety of ways against the players whose information was exposed:
By injecting malicious payloads on Street Mobster’s server, attackers can potentially gain access to said server, where they can install malware on the game’s website and cause harm to the visitors – from using the players’ devices to mine cryptocurrency to redirecting them to other malicious websites, installing malware, and more.
The 1.9 million user credentials stored on the database can net the attackers user email addresses and passwords, which they can potentially use for credential stuffing attacks to hack the players’ accounts on other gaming platforms like Steam or other online services.
Because Street Mobster is a free-to-play game that incorporates microtransactions, bad actors could also make a lot of money from selling hacked player accounts on gray market websites.
What to do if you’ve been affected?
If you have a Street Mobster account, make sure to change your password immediately and make it as complex as possible. If you’ve been using your Street Mobster password on any other websites or services, change that password as well. This will prevent potential attackers from accessing your accounts on these websites in case they try to reuse your password for credential stuffing attacks.
However, it’s ultimately up to BigMage Studios to completely secure your Street Mobster account against attacks like SQLi.
Disclosure and lack of communication from BigMage Studios
Following our vulnerability disclosure guidelines, we notified the BigMage Studios about the leak on August 31, 2020. However, we received no reply. Our follow-up emails were left unanswered as well.
We then reached out to CERT Bulgaria on September 11 in order to help secure the website. CERT contacted the BigMage Studios and informed the company about the misconfiguration.
Throughout the disclosure process, BigMage Studios stayed radio silent and refused to get in touch with CyberNews.com. Due to this reason, we also notified the Bulgarian data protection agency about the incident on October 9 in the hopes that the agency would be able to pressure the company into fixing the issue.
Eventually, however, BigMage Studios appear to have fixed the SLQi vulnerability on streetmobster.com, without informing either CyberNews.com or CERT Bulgaria about that fact.
Powered by WPeMatico
Amusnet has been awarded the title of Best Slot Developer at the GamingTECH Awards 2026, marking a notable acknowledgment of the company’s innovative and technical prowess. Unveiled on March 25th in Prague at the 10th-anniversary edition of the Prague Gaming & TECH Summit, this recognition emphasizes the influence of the company’s varied, high-achieving slot collection throughout Central and Eastern European markets.
This accolade highlights the organization’s capacity to provide a diverse array of titles that satisfy the changing needs of both operators and players. By prioritizing technical dependability, dynamic animations, and captivating features, Amusnet has positioned itself as a key partner in the area.
“We are truly honoured to receive the Best Slot Developer award,” commented Julia Peeva-Sertov, CEO & Director at Amusnet Gaming, Malta. “This recognition reflects the dedication of our entire team and our commitment to delivering exceptional gaming experiences for players. Empowering our partners continues to inspire us to push boundaries and set new benchmarks in the industry.”
The Prague Gaming & TECH Summit united industry leaders and top executives to explore the connection between gaming, AI, and fintech. During the event, representatives from Amusnet Gaming participated in strategic networking and high-level discussions within the industry, enhancing connections with partners in the CEE area. Winning this title at a milestone anniversary occasion reinforces the company’s position as an innovative leader in the digital entertainment industry.
The post Amusnet Named Best Slot Developer at GamingTECH Awards 2026 appeared first on Eastern European Gaming | Global iGaming & Tech Intelligence Hub.
Soft2Bet, a leading iGaming turnkey solutions provider, recently brought together industry connections for an exclusive two-day golf and padel experience at the Gleneagles Hotel in Scotland. The event brought Soft2Bet’s friends and connections together to enjoy a relaxed day of golf and padel, meaningful conversations, and shared moments in an inspiring setting, celebrating the spirit of connection and community that defines the company’s approach.
Set against the backdrop of one of Scotland’s best-known sporting estates, the day paired competitive play with the camaraderie and shared spirit that are such a valued part of the game. Attendees enjoyed access to Gleneagles’ most exclusive Ryder Cup & Solheim courses, where the relaxed setting encouraged genuine connection and reflected the supportive atmosphere that made the gathering especially memorable.
Gleneagles was a fitting venue for the occasion. With more than a century of golfing history, three championship courses and a reputation built on world-class hospitality, it remains one of Scotland’s standout golf destinations. Its PGA Centenary Course hosted the 2014 Ryder Cup and the 2019 Solheim Cup, making Gleneagles the only golfing destination in Europe to have staged both events.
The event reflects Soft2Bet’s belief that strong connections are built through shared goals, trust and collaboration. Creating space for in-person connection allows the company to deepen those relationships and support long-term success.
Harrison Barrett, VP of Business Development at Soft2Bet, commented: “Bringing the industry together in a setting like Gleneagles allows us to go beyond day-to-day operations and focus on what truly drives success, while playing golf and padel. Events like this are an opportunity to align on vision, exchange ideas and celebrate the momentum.”
Stuart Trigwell, Director of Business Development at Play’n GO said: “The time spent at Gleneagles, enjoying the incredible courses and engaging in genuine, strategic conversations, was an absolute highlight. It is events like these that reinforce the trust and collaborative spirit at the core of our relations.”
The gathering reflects Soft2Bet’s wider approach to the iGaming community engagement, creating opportunities for stronger collaboration and supporting growth across key markets.
The post Soft2Bet Gathering: An Elite Golf & Padel Experience appeared first on Eastern European Gaming | Global iGaming & Tech Intelligence Hub.
AI chat technology
Casinofy Unveils Next-Generation Platform Redesign with AI-Powered Chat, Setting a New Standard for the Online Casino Industry
Casinofy, a forward-thinking leader in the online casino space, announced the launch of its completely redesigned platform featuring cutting-edge AI chat technology, a modernised user interface and a suite of innovative features that position the company at the forefront of the iGaming industry.
A Bold Leap Forward in Online Casino Innovation
The newly redesigned Casinofy platform represents one of the most ambitious overhauls in the online casino sector. With a focus on user experience, intelligent personalisation and next-generation technology, Casinofy is redefining what players expect from an online gaming destination.
Key highlights of the new platform include:
• AI-Powered Chat Assistant — An intelligent, real-time chat system that provides instant player support, personalised game recommendations, responsible gaming guidance and seamless interaction — available 24/7 with human-like conversational ability.
• Complete UI/UX Redesign — A sleek, modern interface built for speed, accessibility and engagement across all devices, delivering an immersive experience from the first visit.
• Smart Personalization Engine — Leveraging AI to tailor game suggestions, promotions and content to each player’s unique preferences and play style.
• Enhanced Navigation and Game Discovery — Intuitive categorisation, advanced search and AI-driven recommendations that help players discover new favorites effortlessly.
AI Chat: A Game-Changer for Player Experience
At the heart of the new Casinofy experience is its proprietary AI chat system — a feature that goes far beyond traditional customer support. The AI assistant understands context, remembers player preferences and delivers instant, accurate responses on everything from game rules and bonus terms to account inquiries.
Unlike conventional chatbots, Casinofy’s AI chat is designed to enhance every touchpoint of the player journey, making it one of the most sophisticated implementations of artificial intelligence in the online casino industry to date.
Leading the Industry Through Innovation
While the online casino market continues to grow, few operators have invested as heavily in technology-driven differentiation as Casinofy. The new platform positions Casinofy among the most innovative operators globally, bridging the gap between traditional online gaming and the AI-first future of digital entertainment.
The Casinofy team said that they are not just keeping up with the industry, but setting the pace. The new platform is built on the belief that players deserve smarter, faster and more personalised experiences. They added that the integration of AI chat is just the beginning of what they have planned.
The post Casinofy Unveils Next-Generation Platform Redesign with AI-Powered Chat, Setting a New Standard for the Online Casino Industry appeared first on Eastern European Gaming | Global iGaming & Tech Intelligence Hub.
-
Booming Games5 days agoBooming Games releases Ultra Buffalo Hold and Win
-
Baroness Fiona Twycross6 days ago
BGC AGM 2026 Discussed About Surging Illegal Gambling Black Market
-
Big Time Gaming5 days ago
BTG brings iconic board game action to the reels with MONOPOLY MEGAPOTS™
-
Latest News4 days ago
ELA Games Contributes to Discussions on Scalable iGaming Ecosystems and Studio Innovation at HIPTHER Prague Summit
-
Bonus Rush6 days ago
RAW iGaming launches BONUS RUSH® – a new family of feature-focused games
-
Arkansas6 days ago
CATALIST SPORTS SECURES NEW SUPPLIER LICENSES IN ARKANSAS AND NEBRASKA
-
Brazil6 days ago
EGT to showcase its gaming portfolio for Brazil at SiGMA Americas 2026
-
Brazil5 days ago
Brazil advances integrity agenda amid strong market growth
