Blue Archive Overrun By A Pink, Gun-Toting Gremlin In Cyberattack Dubbed “The Koyuki Incident”

As reported by Rock Paper Shotgun, on August 31 a hacker accessed Blue Archive and filled it to the brim with the in-game character Kurosaki Koyuki, a teen crypto analyst who’s fittingly known as a prankster. Some players found that the Café, where little chibi versions of the game’s cast congregate, had been filled with this pink-haired demon. Additionally, if you clicked on the event banner, you’d see an illustration of Koyuki picking a four-leaf clover, which seems innocent enough until an assault of smaller Koyuki PNGs filled the screen in an overlapping cacophony of “waaa! sound effects”

While we’ve come to associate major video game cyberattacks with data breaches and stolen passwords, Nexon clarified that this was a “client-side” hack that only affected what was displayed in-game, and that “players’ accounts, game data, and payment information were not affected, as they are operated in a separate database and always revalidated by the game server.”

Basically, the way most online games work is that there are databases that hold players’ important account information stored on the company’s servers. When users take an action that requires details about their account, their device makes a call to the database, which will then send back this data so that it can be visualized in-game.

This hacker was able to insert themselves in the middle of this process and fed data to the client that was different than what the database would have returned: in this case, a whole bunch of Koyukis. It didn’t fundamentally change anything about these players’ accounts, as the hacker didn’t have access to the database where their information was stored, but they could alter what appeared in-game.

While players have mostly reacted to the incident with celebratory fan art and memes, Nexon appears quite nonplussed and has reported the situation to the KISA (Korea Internet & Security Agency) for an ongoing investigation.