'%20x='0'%20y='0'%20height='100%25'%20width='100%25'%20%0A%20%20%20%20%20%20%20%20%20%20xlink%3Ahref='data:image/jpg;base64,/9j/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wgARCAAGAAoDASIAAhEBAxEB/8QAFgABAQEAAAAAAAAAAAAAAAAAAAYH/8QAFAEBAAAAAAAAAAAAAAAAAAAAA//aAAwDAQACEAMQAAAA0W6ET//EAB8QAAICAQQDAAAAAAAAAAAAAAECAwQFABETISIyYv/aAAgBAQABPwBMk082Zmr27cUVXJcVjcAsWVgPD59dLNA6hgJNm77A1//EABYRAQEBAAAAAAAAAAAAAAAAAAEAEf/aAAgBAgEBPwBMv//EABcRAQADAAAAAAAAAAAAAAAAAAIAATH/2gAIAQMBAT8AatbP/9k='%3E%3C/image%3E%3C/svg%3E)
URLs containing "mihoyo.com" at the end are likely compromised, but this does not include the official website in and of itself. For those unaware, miHoYo is the company that develops Genshin Impact. They also make popular games like Honkai Star Rail, Honkai Impact 3rd, and Tears of Themis. New website URLs have supposedly been compromised by bad actors creating questionable subdomains under various names.
Players are recommended to avoid going to any link associated with that URL tacked at the end. Note that the original website was not reported suffering from any issues. It is currently unknown how the perpetrators accessed the DNS records in the first place. Players should be cautious of treacherous schemes involving these sites and not enter personal information on them.
What is currently known about miHoYo's website compromise and how it affects Genshin Impact users
Trending
Looking for Crossword hints & solutions? Check out latest NYT Mini Crossword Answers, LA Times Crossword Answers, and USA Today Crossword Answers
There is currently no information to suggest that any player's accounts will automatically be compromised by bad actors having access to some subdomains. Nonetheless, a player should avoid suspicious links with "mihoyo.com" attached at the end since, while it may seem legitimate at first glance, such a site could be used for nefarious means.
Well-known Genshin Impact leaker Mero was the first notable name to report this new compromise. Typing something like "vpn.mihoyo.com" would get a screen similar to what's shown above, relevant to the user's browser.
That means some bad actors can potentially create subdomains with viruses, malware or attempt to phish a player's account. The above example involves VPN in the URL, but these people could theoretically use different words, too. Be careful not to fall for a trick since the URL includes the development company's full name, but it's not necessarily from them.
Mero brings up how old websites are still fine. It's just that new sites using mihoyo.com at the end could be harmful. Players should be diligent when browsing online, especially since it's unknown how this situation could escalate in the future due to the recency of these reports.
Gamers should avoid any suspicious links tied to this company. As evident below, Google Safebrowsing is the security vendor that has flagged some of these fake sites.
For example, VirusTotal shows how Google Safebrowsing shows one site as 'Malicious,' yet technically considers it 'Clean' as well. Other security vendors didn't flag it as such, but that could change. The following image shows a different perspective on why Google may consider such URLs unsafe.
Note that this new incident was not reported to affect HoYoverse-related URLs. Hence, gamers should still feel safe using those websites, which they would typically use for games like Genshin Impact and Honkai Star Rail.
Much of the recent information provided in this article came out around 8 am PT. Further developments could arrive later, so stay tuned for other news on the current troubles involving websites using miHoYo's name.
Are you stuck on today's Wordle? Our Wordle Solver will help you find the answer.
