22日晚的黑灰产攻击与快手反应处置此处不再赘述。那么，22日之前，是否有迹象透露出平台已被黑灰 产盯上？ 大数据安全企业知道创宇向第一财经提供的一份暗网雷达监测数据显示，近年来，暗网中多次出现涉及 快手相关数据或业务的交易宣称。 http://mapi/0026p7eXly1i8lx6npgt8j60k00dcn2202 【#暗网曾叫卖快手直播订单数据#】#短视频与直播平台频成黑灰产目标#12月24日，针对此次快手科技 （1024.HK）遭遇的黑灰产网络安全事故，资本市场态度渐趋和缓。港股开盘，快手股价维持下行走 势，盘中回调。截至发稿，快手股价涨0.54%。 规模空前的黑灰产网络攻击在直播间内暂告一段落，但此次攻防失守造成的影响仍在持续。直播平台该 如何做好内容生态平衡？作为攻击回报率较高的领域，直播平台该如何做好日常网络安全防御？黑灰产 如此大规模攻击到底图什么？ 根据现有公开信息分析，安恒研究院专家对第一财经记者表示，即便是如此大规模的攻击，筹备时间会 长至1-2个月，但消耗的资源其实并不大，只需要在灰产市场上购入僵尸账号、买通水军配合直播间人 气等虚假流量、结合如接码平台实现认证等，总体成本可控。而被 ...

12月24日，针对此次快手科技（1024.HK）遭遇的黑灰产网络安全事故，资本市场态度渐趋和缓。港股 开盘，快手股价维持下行走势，盘中回调。截至发稿，快手股价涨0.54%。 规模空前的黑灰产网络攻击在直播间内暂告一段落，但此次攻防失守造成的影响仍在持续。直播平台该 如何做好内容生态平衡？作为攻击回报率较高的领域，直播平台该如何做好日常网络安全防御？黑灰产 如此大规模攻击到底图什么？ 根据现有公开信息分析，安恒研究院专家对第一财经记者表示，即便是如此大规模的攻击，筹备时间会 长至1-2个月，但消耗的资源其实并不大，只需要在灰产市场上购入僵尸账号、买通水军配合直播间人 本文字数：2612，阅读时长大约4分钟 气等虚假流量、结合如接码平台实现认证等，总体成本可控。而被攻击平台直接资金损失难以量化，但 名誉折损、监管问责风险及股价波动等间接损失，远超攻击方投入成本的百倍千倍。 此次快手所遭攻击已非简单的"内容违规"问题，而是一次典型的基础设施级别安全事件。当日公司股价 下挫3.52%，核心原因在于公司未披露事件波及的直播间数量、封禁账号规模、收入影响区间等量化信 息，以及事故具体原因与改进动作，投资者担心类似事件有可 ...

短视频与直播平台频成黑灰产"目标" 22日晚的黑灰产攻击与快手反应处置此处不再赘述。那么，22日之前，是否有迹象透露出平台已被黑灰产盯上？ 大数据安全企业知道创宇向第一财经提供的一份暗网雷达监测数据显示，近年来，暗网中多次出现涉及快手相关数据或业务的交易宣称。 如2025年9月，暗网有用户发帖称，已"渗透快手平台直播订单"，并宣称掌握约1万条虚拟商品订单数据，标注为"不退不换"。同月，暗网有帖子宣称售卖"3 亿快手购物订单"数据，样刊截图显示数据为姓名、手机号码、收件地址、采购商品等。2024年12月，亦有暗网帖子宣称获取所谓"快手订单库"数据，规模 约3.1亿条，内容包括订单购买记录、收货地址、联系电话等信息。2023年，曾出现帖子售卖"快手绑定数据约430万条"，据称包含手机号和密码。 12月24日，针对此次快手科技（1024.HK）遭遇的黑灰产网络安全事故，资本市场态度渐趋和缓。港股开盘，快手股价维持下行走势，盘中回调。截至发 稿，快手股价涨0.54%。 规模空前的黑灰产网络攻击在直播间内暂告一段落，但此次攻防失守造成的影响仍在持续。直播平台该如何做好内容生态平衡？作为攻击回报率较高的领 域，直播平台该 ...

此次快手所遭攻击已非简单的"内容违规"问题，而是一次典型的基础设施级别安全事件。当日公司股价下挫3.52%，核心原因在于公司未披露事件波及的直 播间数量、封禁账号规模、收入影响区间等量化信息，以及事故具体原因与改进动作，投资者担心类似事件有可能直接被复制到电商、广告等收入核心场 景。 24日，资本市场的反应渐趋平静，但为快手乃至整个行业敲响的风控警笛仍在长鸣。 平台需要进行系统性升级，从"事后处置"转向"事前预防"。 12月24日，针对此次快手科技（1024.HK）遭遇的黑灰产网络安全事故，资本市场态度渐趋和缓。港股开盘，快手股价维持下行走势，盘中回调。截至发 稿，快手股价涨0.54%。 规模空前的黑灰产网络攻击在直播间内暂告一段落，但此次攻防失守造成的影响仍在持续。直播平台该如何做好内容生态平衡？作为攻击回报率较高的领 域，直播平台该如何做好日常网络安全防御？黑灰产如此大规模攻击到底图什么？ 根据现有公开信息分析，安恒研究院专家对第一财经记者表示，即便是如此大规模的攻击，筹备时间会长至1-2个月，但消耗的资源其实并不大，只需要在 灰产市场上购入僵尸账号、买通水军配合直播间人气等虚假流量、结合如接码平台实现认 ...

毕马威中国区合伙人兼跨国客户联席主管马克·哈里森表示，过去6个月在华跨国公司并购活动显著增 加，背后主要受两大战略驱动。一方面，全球跨国公司积极收购电动汽车、医疗技术、生物技术、水技 术、先进材料和机器人等优势行业企业，借此挖掘全球商业潜力并充分利用生产能力；另一方面，面向 消费者的行业中，为应对激烈本土竞争和复杂市场动态，跨国公司通过收购经销商、代理商及原始设备 制造商推进垂直整合，以更精准地把握中国消费者需求并提升服务质量。 与此同时，数字化转型已成为跨国公司在华核心战略。调查显示，超90%的企业将数字化转型列为重点 方向，其中52%的企业聚焦增强数据分析能力，46%的企业推进IT基础设施升级，36%的企业积极布局 新兴技术。此外，58%的跨国公司已在运营中引入人工智能工具，同时网络安全也成为数字化转型进程 中的重要战略驱动力。 根据调查，相较于全球经济，跨国公司对中国经济前景更为乐观。多数受访企业认为，中国经济将在中 短期内实现显著复苏，并对未来三到五年在华收入增长持积极预期。 毕马威中国客户及业务发展主管合伙人江立勤表示，中国市场的结构性创新与持续升级正推动跨国公司 重新审视在华策略。当前越来越多的企 ...

Core Viewpoint - Kuaishou, a well-known short video platform in China, experienced a significant network attack that led to the appearance of illegal content in multiple live streams, prompting the company to take immediate action by reporting the incident and removing the content [1][3]. Group 1: Impact on Users - The network attack caused Kuaishou's security system to collapse within 60 to 90 minutes, indicating a rare and large-scale automated attack [3]. - Experts suggest that the attack may have been orchestrated by foreign hackers, although a definitive classification of the incident is still pending further investigation [3][4]. - Users face risks such as potential theft of personal information, usage records, and consumption data if the platform lacks a robust security system [5]. Group 2: Security Breach Mechanism - Kuaishou's platform, despite having a stringent review system, was breached as hackers bypassed firewalls and both human and AI monitoring [7]. - The attack's effectiveness was attributed to the shift towards "automated attacks," while the platform relied on traditional human defenses, leading to a mismatch in defense capabilities [7][10]. - The timing of the attack during peak user activity further exacerbated the platform's vulnerability [7]. Group 3: Recommendations for Enhanced Security - Experts emphasize the need for platforms to prioritize network security over traffic, advocating for improved content review mechanisms and a comprehensive security framework [7][10]. - The implementation of AI-driven automated security measures is crucial to counteract the evolving tactics of hackers [10]. - Regular risk simulations and internal vulnerability assessments are recommended to identify and strengthen weak points in security defenses [11].

Core Viewpoint - Kuaishou Technology, one of China's largest short video platforms, experienced a significant cyber attack on December 22, leading to the broadcast of inappropriate content on its live streaming channels, marking one of the largest security incidents in the Chinese internet sector in recent years [2][11]. Group 1: Incident Details - The cyber attack resulted in a peak of nearly 100,000 viewers in some live streaming rooms, prompting Kuaishou to temporarily suspend its live streaming services [2]. - Following the attack, Kuaishou's stock price fell nearly 6% at the opening of the Hong Kong stock market, closing with a decline of 3.52% [2]. - Kuaishou reported that the platform was targeted by black and gray market attacks, and they have since implemented emergency measures to restore normal service [2][11]. Group 2: User Impact and Response - The incident led to a surge in Kuaishou's visibility on social media, with the app climbing to the second position in the Apple App Store download rankings in China, surpassing other competitors [4]. - There were rumors regarding potential security breaches affecting WeChat accounts, which were later debunked by WeChat officials [4]. - Kuaishou is reportedly intensifying its recruitment for security positions, although some job postings predate the attack [6]. Group 3: Security Analysis - Experts suggest that the attack was likely a well-organized external hacking effort, exploiting vulnerabilities in the live streaming interface and bypassing Kuaishou's content review processes [8]. - The incident highlights significant vulnerabilities in Kuaishou's risk control and security defense systems, as traditional manual defenses are inadequate against automated attacks [8][9]. - The complexity of live content moderation poses unique challenges, making it more susceptible to attacks compared to static content [9]. Group 4: Financial Implications - Kuaishou's live streaming business, which accounted for 26.9% of total revenue in Q3 2025, is under scrutiny due to the potential impact of this incident on its operations [11]. - The company has issued a warning to investors regarding the potential risks associated with trading its securities following the attack [11].

Core Viewpoint - The recent coordinated attack on Kuaishou's live streaming platform by black and gray market organizations highlights significant vulnerabilities in the platform's governance and security systems, exacerbated by advancements in AI technology [2][18]. Group 1: Incident Overview - On December 22, a large-scale attack led to the emergence of numerous illegal live streaming rooms on Kuaishou, with some attracting nearly 100,000 viewers, while the platform's review and banning systems failed [2][18]. - Kuaishou implemented a "no-difference shutdown" measure to close all live channels, regaining control after approximately two hours [2][18]. - This incident is noted as one of the largest governance failures in the mobile internet's history, revealing systemic shortcomings in the platform's defense mechanisms [2][18]. Group 2: Attack Mechanism - The attack involved several sophisticated techniques, including the use of "verification code platforms" to create a large number of zombie accounts and bypass real-name authentication [4][20]. - Attackers employed high-frequency IP rotation and device fingerprint manipulation to mimic normal user behavior, evading real-time risk control systems [4][20]. - The exploitation of vulnerabilities in the live streaming protocol allowed attackers to inject illegal streams directly into the CDN network, resulting in a massive application-layer DDoS attack [4][20]. Group 3: AI's Role in Cybersecurity Threats - The rapid development of AI has significantly enhanced the capabilities of hackers, enabling them to conduct attacks with minimal intervention [5][21]. - Black market organizations are increasingly utilizing AI to automate and optimize their operations, leading to a structural leap in their technological capabilities [5][21]. - The shift towards AI agents capable of understanding commands and executing actions with high human-like fidelity poses a serious threat to traditional behavior-based risk control measures [6][21]. Group 4: Impact on Kuaishou - Following the incident, Kuaishou's stock price plummeted, with a market value loss exceeding 10 billion yuan, reflecting investor distrust [7][22]. - The incident exposed deficiencies in Kuaishou's emergency management and risk control systems, which failed to respond effectively to the attack [7][22]. - There are concerns regarding the platform's ability to manage its vast number of accounts and the effectiveness of its monitoring systems [7][22]. Group 5: Broader Implications for Internet Security - The incident underscores a broader issue of inadequate cybersecurity awareness among domestic companies, which often meet only the minimum legal standards for cybersecurity [8][23]. - The black and gray market has become a systemic issue within the internet ecosystem, undermining the authority of rules, the authenticity of data, and the credibility of identities [9][24]. - Kuaishou's failure to address the social impact of the incident and its lack of public apology may further erode trust in its governance and operational integrity [28][29].

Core Viewpoint - Kuaishou experienced a significant network security incident involving the infiltration of explicit content into multiple live streaming rooms, raising concerns about the company's governance and cybersecurity measures [1][8]. Group 1: Incident Overview - On December 22, Kuaishou's platform was attacked by black and gray market operations, leading to a rapid spread of explicit content [1]. - The company's stock price fell by over 3% following the incident [1]. - Kuaishou's response included immediate remediation efforts and reporting the situation to relevant authorities [1]. Group 2: Nature of Black and Gray Market Attacks - Black and gray market operations refer to illicit and borderline illegal activities in the internet sector, often involving automated tools to manipulate user accounts and data [2]. - The attack on Kuaishou was characterized by the use of automated tools for mass account registration and content disruption, overwhelming the platform's manual review processes [3][5]. Group 3: Vulnerabilities in Live Streaming Platforms - Live streaming platforms like Kuaishou are attractive targets for black and gray market attacks due to their high traffic, interactivity, and low entry barriers [4]. - The incident involved the creation of approximately 17,000 fake accounts, which were easily registered without identity verification [4]. - Real-time interactions in live streaming complicate content moderation, making it difficult for traditional manual reviews to keep up with the volume of user-generated content [4][5]. Group 4: Recommendations for Risk Management - Companies should enhance their risk management capabilities by identifying patterns in bulk registrations and linking user behavior to registration processes [6]. - Implementing automated systems for detecting unusual activities and establishing robust emergency response mechanisms are crucial for mitigating risks [6][7]. - A comprehensive approach to cybersecurity should address both external threats and internal vulnerabilities [7]. Group 5: Legal Implications - Kuaishou may face legal responsibilities related to network security, particularly if it is found that the platform's defenses were inadequate against the attack [8]. - The incident highlights the need for thorough investigations into the platform's security measures and response protocols following such breaches [8].

Core Viewpoint - Kuaishou's live streaming function faced a significant network attack, leading to the dissemination of extreme violations including obscene and violent content, which exposed vulnerabilities in the company's security and risk management systems [1][4]. Group 1: Incident Overview - On December 22, Kuaishou's live streaming feature was attacked, resulting in a surge of inappropriate content on the platform [1]. - The attack was characterized by a large number of newly registered accounts simultaneously broadcasting pre-recorded illegal videos, indicating an automated and organized effort [2]. - Kuaishou implemented emergency measures, including a "no-difference shutdown" of the live streaming channel, and other services experienced temporary disruptions [2]. Group 2: Response and Recovery - Kuaishou announced that the live streaming function was gradually restored by December 23, and other services remained unaffected [2]. - The company condemned the illegal activities and reported the incident to law enforcement, emphasizing its commitment to compliance and user safety [2]. Group 3: Security Vulnerabilities - Experts highlighted multiple deficiencies in Kuaishou's security mechanisms, including the failure of real-time monitoring systems and content review processes during the attack [4]. - The lengthy decision-making chain and lack of effective crisis management plans were also criticized, indicating inadequate preparedness for coordinated attacks [4]. Group 4: Legal and Financial Implications - Legal experts noted that Kuaishou could still bear responsibility for the incident despite it being an external attack, as platforms are required to manage content and ensure security [5]. - Potential penalties for failing to meet security obligations could reach up to 1 million yuan or 5% of the annual revenue for responsible individuals [5]. - Following the attack, Kuaishou's stock price fell by 3.52%, closing at 64.350 HKD per share, with a total market capitalization of 277.9 billion HKD [6].