Nan Fang Du Shi Bao·2025-12-23 12:39Core Viewpoint - Kuaishou's live streaming function was attacked on December 22, 2025, leading to a surge of inappropriate content on the platform, which raised significant concerns about its security measures and response capabilities [1][6]. Incident Timeline - On December 22, around 21:30, users reported issues with login verification and video playback, while some streamers experienced unstable live streaming [2]. - By 22:00, numerous Kuaishou live rooms were flooded with pornographic and violent content, attracting thousands of viewers [3]. - From 22:00 to 23:30, the number of violations peaked, prompting Kuaishou's security team to initiate an emergency response [4]. - After 23:30 on December 23, Kuaishou enforced a shutdown of the live streaming function and froze related accounts [5]. - By around 02:00 on December 23, Kuaishou's related pages began to return to normal, and the company reported the incident to relevant authorities [6]. Security Vulnerabilities - Experts identified three main vulnerabilities exploited during the attack: "bulk registration and account security loopholes," "abuse of live streaming and content publishing interfaces," and "bypassing traditional risk control strategies" [7]. - The attack was characterized by a systematic approach involving resource preparation, automated attacks, and persistent countermeasures [7]. Broader Implications - The incident highlights a shift in the landscape of cyber threats, indicating that black and gray market activities have entered an "automated attack" era [9]. - A report indicated that global organizations are facing an average of 1,673 cyber attacks per week in 2024, a 44% increase from 2023, with content platforms becoming high-risk areas [10]. Recommendations for Future Security - Experts suggest that Kuaishou should enhance its security measures across five key areas: account security, streaming, content review, emergency response, and infrastructure [11]. - Recommendations include implementing multi-factor authentication, utilizing AI for real-time content review, and establishing baseline traffic models to detect anomalies [11]. - Additionally, security measures should be integrated into business processes to ensure "invisible protection" for users while maintaining robust defenses against potential threats [12].