Practically all Twitch streamers use extensions, but a recent incident has highlighted the security risks associated with third-party bots. On September 10, the Pando Twitch extension was removed from the platform due to an exploit discovered by hackers. These hackers gained control of the chat of several streamers, using it to post profanity and spam links.
Streamers quickly identified Pando as the common link between them, and it was revealed that the Stream Alerts TV extension, developed by the same team, was also involved. The compromised extensions may have even put the streamers’ accounts at risk. As a result, some streamers had to abruptly end their livestreams. This issue affected streamers of all sizes, regardless of their audience.
One streamer, LunaBori, experienced her chat being flooded with threats and a Discord server link. She attempted various fixes, such as disabling bots, but ultimately had to disconnect and restart her livestream. Once she did this and disabled the bots, she was able to regain control and resolve the issue.
It’s worth noting that many people use Pando and the Stream Alerts TV extension, so this incident has raised concerns among the Twitch community. The developer of the extension promptly responded to user complaints and removed it from the platform. However, as a precautionary measure, it is recommended that users log out and reset their passwords to remove any active connections.
CVS Gaming, the team behind the Pando extension, has been working on an update to address the issue and fix the exploit discovered by the hackers. Twitch has already disabled the extension, ensuring no further risks for creators. However, users may need to wait a few more days as Twitch needs to approve the update before it can be implemented. It appears that Stream Alerts TV is also currently not functioning, suggesting that it may also be undergoing an update for approval.
In summary, the recent security incident involving the Pando and Stream Alerts TV extensions on Twitch has highlighted the potential risks associated with third-party bots. The affected streamers experienced chat hijacking, spam, and potential account compromises. The developer has taken action by removing the extensions and working on updates to address the issue. Twitch users are advised to take precautionary measures such as resetting their passwords.
Source: DOTESPORTS
