Core Viewpoint - Kuaishou's live streaming function faced a significant network attack, leading to the dissemination of extreme violations including obscene and violent content, which exposed vulnerabilities in the company's security and risk management systems [1][4]. Group 1: Incident Overview - On December 22, Kuaishou's live streaming feature was attacked, resulting in a surge of inappropriate content on the platform [1]. - The attack was characterized by a large number of newly registered accounts simultaneously broadcasting pre-recorded illegal videos, indicating an automated and organized effort [2]. - Kuaishou implemented emergency measures, including a "no-difference shutdown" of the live streaming channel, and other services experienced temporary disruptions [2]. Group 2: Response and Recovery - Kuaishou announced that the live streaming function was gradually restored by December 23, and other services remained unaffected [2]. - The company condemned the illegal activities and reported the incident to law enforcement, emphasizing its commitment to compliance and user safety [2]. Group 3: Security Vulnerabilities - Experts highlighted multiple deficiencies in Kuaishou's security mechanisms, including the failure of real-time monitoring systems and content review processes during the attack [4]. - The lengthy decision-making chain and lack of effective crisis management plans were also criticized, indicating inadequate preparedness for coordinated attacks [4]. Group 4: Legal and Financial Implications - Legal experts noted that Kuaishou could still bear responsibility for the incident despite it being an external attack, as platforms are required to manage content and ensure security [5]. - Potential penalties for failing to meet security obligations could reach up to 1 million yuan or 5% of the annual revenue for responsible individuals [5]. - Following the attack, Kuaishou's stock price fell by 3.52%, closing at 64.350 HKD per share, with a total market capitalization of 277.9 billion HKD [6].

2025.12.23 本文字数：1777，阅读时长大约3分钟 作者 |第一财经 何涛 12月22日晚，国内短视频巨头快手遭遇了一场史无前例的大规模黑客攻击，导致大量直播间出现违规内 容，混乱局面持续数小时之久，平台被迫采取强制关闭直播功能、封禁部分账号的处理措施。次日，快 手港股股价大跌，公司形象比股价面临更长时间的修复。 攻击事件震惊了众人——没想到这么大的公司在网络安全方面这么脆弱，在防线失守后的应对这么迟 缓，造成的负面影响这么严重。尽管快手的事后解释看起来他们"已经尽力"，并且自我感觉做得不错， 然而，一切解释在残酷的事实面前变得苍白无力。在众目睽睽之下，快手像是被扒光衣服"裸奔"了至少 3小时。这一幕不仅让快手蒙羞受损，也给整个互联网行业、用户以及监管部门，上了一堂深刻的网络 安全教育课。 这堂课首先教育了互联网平台企业。长期以来，各大平台企业在宣传自身安全防护能力方面，可以说一 个比一个"吹"得厉害。但与此同时，大大小小的网络安全事件却时有发生，到快手这里终于"拉了坨大 的"。可见，平台企业在安全防护方面其实做得并不让人放心，只是没有遇到真正的考验。 有网络安全专家表示，此次攻击之所以破坏严重，核 ...

本文字数：1777，阅读时长大约3分钟 作者 | 第一财经 何涛 12月22日晚，国内短视频巨头快手遭遇了一场史无前例的大规模黑客攻击，导致大量直播间出现违 规内容，混乱局面持续数小时之久，平台被迫采取强制关闭直播功能、封禁部分账号的处理措施。次 日，快手港股股价大跌，公司形象比股价面临更长时间的修复。 攻击事件震惊了众人——没想到这么大的公司在网络安全方面这么脆弱，在防线失守后的应对这么迟 缓，造成的负面影响这么严重。尽管快手的事后解释看起来他们"已经尽力"，并且自我感觉做得不 错，然而，一切解释在残酷的事实面前变得苍白无力。在众目睽睽之下，快手像是被扒光衣服"裸 奔"了至少3小时。这一幕不仅让快手蒙羞受损，也给整个互联网行业、用户以及监管部门，上了一 堂深刻的网络安全教育课。 这堂课首先教育了互联网平台企业。 长期以来，各大平台企业在宣传自身安全防护能力方面，可以 说一个比一个"吹"得厉害。但与此同时，大大小小的网络安全事件却时有发生，到快手这里终于"拉 了坨大的"。可见，平台企业在安全防护方面其实做得并不让人放心，只是没有遇到真正的考验。 有网络安全专家表示，此次攻击之所以破坏严重，核心原因在于网络黑灰 ...

Core Viewpoint - A major content security incident occurred on a short video platform, attributed to black and gray market attacks, prompting the platform to take urgent action and report to authorities [1] Group 1: Incident Overview - The platform experienced a large-scale attack that involved automated tools for mass account registration, leading to the rapid spread of illegal content [1] - Black and gray market attacks are characterized by their high level of organization and specialization, making them a significant threat to internet security [1] Group 2: Impact on Live Streaming - Live streaming rooms are targeted due to their high traffic, which aligns with the illegal demands of black and gray market activities [2] Group 3: Security Measures and Challenges - The proliferation of AI technology has lowered the cost of forgery, increasing the potential attack surface for platforms [3] - Platforms must enhance their risk management strategies to effectively counteract the evolving tactics of black and gray market attacks [3] - There is a need for cross-departmental and cross-platform collaboration to improve the identification, warning, and tracking of black and gray market activities [3] Group 4: Regulatory Considerations - Regulatory bodies are urged to expedite the development of legal frameworks defining black and gray market behaviors and platform responsibilities [3] - The establishment of industry-wide technical standards and traceability platforms is essential for data interoperability and effective enforcement [3]

Core Viewpoint - A large-scale cyber attack targeted Kuaishou's live streaming platform on December 22, leading to a surge of inappropriate content and significant public outcry [2][3]. Group 1: Incident Overview - The attack involved tens of thousands of manipulated "zombie accounts" flooding the live streaming rooms with pornographic and violent content, with some rooms attracting over 10,000 viewers [2][4]. - Kuaishou's stock, valued at over HKD 270 billion, saw a decline of more than 5% during intraday trading on December 23 due to the incident [3]. - The platform's live streaming functionality was gradually restored after emergency measures were implemented, while other services remained unaffected [3]. Group 2: Response and Measures - Kuaishou initiated an emergency response by restricting live streaming access and banning accounts associated with the violations, eventually taking down the live streaming channel entirely [4][6]. - The company reported the incident to law enforcement and expressed a strong stance against illegal activities, emphasizing compliance with regulations [6]. Group 3: Security Analysis - Security experts highlighted vulnerabilities in Kuaishou's defenses against automated large-scale attacks, suggesting that the attack's scale indicated a potential breach of the platform's content review mechanisms [7][10]. - The estimated cost of executing such an attack could exceed CNY 1 million, factoring in the purchase of live streaming accounts and proxy IP costs [8][10]. - There have been previous claims on the dark web regarding the sale of Kuaishou-related data, indicating ongoing threats to the platform's security [10].

当时，Armis联合创始人Yevgeny Dibrov在接受采访时表示，公司原本计划在2026年或2027年寻求上 市，但其更核心的目标是将年度经常性收入(ARR)提升至10亿美元以上。他指出，网络暴露管理和安全 平台的需求正在持续上升，对相关工具的需求"独特且巨大"。 美国企业软件公司ServiceNow(NOW.US)周二宣布，将以全现金交易收购网络安全初创公司Armis，交易 估值约77.5亿美元。ServiceNow表示，此次并购将显著增强其在人工智能时代的网络安全能力，并使其 安全与风险解决方案的潜在市场空间扩大至原来的三倍以上。 ServiceNow在声明中称，交易预计将于明年下半年完成，资金来源为现金与债务相结合。消息公布后， 该公司股价盘初交易时跌超2%。 ServiceNow总裁兼产品与运营主管Amit Zavery表示，双方的结合将打造"行业定义级"的战略网络安全防 护体系，为各类技术资产提供实时、端到端、前瞻性的主动防护。 本月早些时候报道称，Armis正在探索与ServiceNow的潜在交易，估值约70亿美元。Armis总部位于加 州，主要帮助企业保护联网设备免受网络风险。该公司在今年 ...

同时，事件还有望成为平台用户的数据权利启蒙课。用户应当意识到，自己有权利要求平台采取充分的 安全保障措施，并在发生数据泄露或损失时，依法寻求问责与赔偿。用户不能再是沉默的数据提供者， 而应成为积极的安全监督者和权利主张者。专家认为，此次事件可能会促使一部分用户重新评估对平台 的依赖，也可能推动更大范围的公众讨论，关注数据隐私与安全立法、公益诉讼等议题，从而在消费者 端形成推动行业改进的压力。 再次，事件教育了网络空间的监管者。随着网络技术的飞速发展，网络攻击手段也在不断升级，传统的 监管模式和法律法规可能难以完全适应新的形势。监管部门需要进一步完善法律法规，明确网络攻击的 量刑标准，加大对网络犯罪的打击力度，对黑产团伙的组织者、参与者依法从重处罚。鉴于互联网的跨 国属性，应建立跨区域、跨境的执法协作机制，加强国际合作。此外，监管部门还应加强对互联网平台 的日常监管，督促平台切实履行网络安全主体责任，建立健全安全防护体系和应急响应机制。 12月22日晚，国内短视频巨头快手遭遇了一场史无前例的大规模黑客攻击，导致大量直播间出现违规内 容，混乱局面持续数小时之久，平台被迫采取强制关闭直播功能、封禁部分账号的处理措施 ...

智通财经记者 胡含嫣 范佳来 实习生 周家钰 国内头部直播平台快手遭遇黑产攻击，暴露出其在应急机制上的漏洞。 12月23日午间，快手（01024.HK）在港交所公告称，公司快手应用的直播功能于2025年12月22日22:00 左右遭到网络攻击，公司已第一时间启动应急预案，经全力处置与系统修复，快手应用的直播功能已逐 步恢复正常服务。 公告称，快手应用的其他服务未受影响。公司始终严守合规底线，坚决反对任何违规内容及行为。公司 强烈谴责黑灰产的违法犯罪行为，已就上述事宜向公安机关报警并向相关部门报告，并将视情况采取其 他适当的法律补救措施，以保障本公司及其股东的权益。 曲子龙解释道，正常情况下，各个平台都会有AI（人工智能）+人工的视频内容审核服务。然而，一旦 需要鉴定的视频集中式爆发，原本准备的视频智能审核的云投入的并发不够大，就和遭遇了DDoS（分 布式拒绝服务工具）一样，一堆需要审核的内容同一时间疯狂涌入到智能AI审核任务里，造成审核能 力无法实时完成，出现了队列和拥堵。 曲子龙表示："如果是灰黑产的群控攻击，那么真的是堪称'黑灰产史无前例的教科书攻击'了，毕竟以 往黑灰产只是集中注册账户、你关了我再继续发 ...

Core Viewpoint - A major content security incident occurred on a short video platform due to black and gray market attacks, prompting the platform to take immediate action and report to authorities [1] Group 1: Incident Overview - The platform experienced a large-scale content security event, which was attributed to black and gray market attacks, leading to urgent repairs and reporting to law enforcement [1] - Black and gray market attacks are characterized by illegal or fraudulent activities using network technology, including telecom fraud and account theft [1] Group 2: Nature of Attacks - The attacks are highly secretive, dangerous, and widespread, representing a significant threat to modern internet security [2] - Experts highlight the challenges in preventing such attacks due to the use of automated tools for mass account registration and content dissemination, which can overwhelm normal review processes [2] - The industrialization of black and gray market attacks has led to professionalized methods and expanded target demographics, complicating defense efforts [2] Group 3: Implications for Platforms - The presence of system vulnerabilities necessitates higher standards for daily management and crisis response from internet companies, especially in heavily regulated areas like live streaming [2] - Live streaming is a primary target for these attacks due to its high traffic, which aligns with the illegal objectives of black and gray market actors [2] Group 4: Security Measures and Recommendations - Platforms must enhance their risk control mechanisms to counteract the rapid evolution of black and gray market tactics, ensuring real-time vigilance [3] - Effective governance against black and gray market activities requires breaking down asymmetric defenses and fostering cross-departmental and cross-platform collaboration for precise identification and response [3] - Regulatory bodies should expedite the development of legal frameworks defining black and gray market behaviors and platform responsibilities, while also promoting inter-regional law enforcement cooperation [3]

Core Viewpoint - Kuaishou Technology, one of China's largest short video platforms, experienced a significant network attack that led to the temporary shutdown of its live streaming services, marking one of the largest security incidents in recent years for Chinese internet platforms [6][19]. Group 1: Incident Overview - On December 22, Kuaishou's live streaming channels were flooded with inappropriate content due to a large-scale cyber attack, with reports indicating that some live streams attracted nearly 100,000 viewers at one point [6]. - Following the attack, Kuaishou's stock price fell nearly 6% at the opening of the Hong Kong stock market, closing down 3.52% [8]. - Kuaishou issued a voluntary announcement stating that the live streaming function was attacked around 10 PM and that emergency measures were taken to restore services [8]. Group 2: Public Reaction and Impact - The incident led to a surge in Kuaishou's visibility on social media, with the app climbing to the second position in the Apple App Store's download rankings in China, surpassing other competitors [11]. - There were rumors about potential security issues affecting WeChat accounts due to the attack, but these were debunked by WeChat's official response [11]. - Kuaishou is reportedly intensifying its recruitment for security positions, although some job postings predate the attack [13]. Group 3: Technical Analysis - Experts suggest that the attack was likely a well-organized external hacking effort, exploiting vulnerabilities in the live streaming interface and bypassing Kuaishou's content review processes [16]. - The incident highlights significant weaknesses in Kuaishou's risk control and defense systems against extreme security attacks, as traditional manual defenses are inadequate for large-scale automated attacks [16][19]. Group 4: Financial Implications - Kuaishou's live streaming business, which accounted for 26.9% of total revenue in Q3 2025, is under scrutiny due to the potential impact of this security incident on its operations [19][20]. - The company has warned investors to exercise caution when trading its securities following the incident [20].