Nintendo Seeks $4.5 Million From Reddit Moderator Over Piracy Damages - 1

Photo by Patrick on Unplash

Nintendo Seeks $4.5 Million From Reddit Moderator Over Piracy Damages

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

Nintendo has filed a new lawsuit against a Reddit moderator known as Archbox, accusing him of moderating and promoting piracy-related communities on the platform. The company is seeking $4.5 million in damages.

In a rush? Here are the quick facts:

  • Nintendo is requesting $4.5 million in damages to Reddit moderator Archbox.
  • The company filed a new lawsuit last week and a U.S. federal judge should issue a final order soon.
  • Nintendo claims Archbox copied and distributed Nintendo games without authorization, and led a Reddit community called “SwitchPirates.”

According to Nintendo Everything , Nintendo had previously demanded that the moderator stop distributing copyrighted Nintendo Switch games. The company filed the lawsuit after the Reddit user, identified as James C. Williams, allegedly continued promoting so-called “Pirate Shops.”

“Williams not only copied and distributed Nintendo game files without authorization,” states the lawsuit . “He actively promoted their distribution and copying to thousands of others across a variety of websites and online ‘communities,’ and knowingly trafficked in unlawful software products aimed at circumventing Nintendo’s technological measures protecting against unauthorized access to and use of Nintendo Switch games and the Nintendo Switch console itself.”

In the complaint, Nintendo of America (NOA) claims that Williams, under the Reddit username Archbox, was aware of his illegal actions. The filing alleges he led a Reddit community called “SwitchPirates,” which reached over 190,000 members, where he offered access to and promotions for pirate shops. Nintendo also asserts that Williams provided technical support and detailed instructions for downloading and using pirated game copies.

“For the foregoing reasons, NOA respectfully requests that the Court enter a default judgment in favor of NOA and against Williams for a monetary award of $4,500,000 and an injunction in the form of the Proposed Injunction,” states the conclusion.

A U.S. federal judge is expected to issue a final order in the coming days, as no final ruling has been announced yet.

Nintendo keeps actively fighting against piracy. A few weeks ago, the video game giant won a $2 million lawsuit against the owner of the Modded Hardware website for selling devices that bypass Nintendo’s piracy protection. The Japan-based company has also warned users that hacking or modifying consoles can result in those devices being permanently disabled.

Hackers Exploit Zimbra Flaw Via iCalendar Files To Steal Data - 2

Image by charlesdeluvio, from Unsplash

Hackers Exploit Zimbra Flaw Via iCalendar Files To Steal Data

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Hackers have exploited a previously unknown flaw in Zimbra Collaboration Suite (ZCS) using iCalendar (.ICS) files to steal sensitive data, researchers at StrikeReady revealed .

In a rush? Here are the quick facts:

  • The vulnerability affected ZCS versions 9.0, 10.0, and 10.1.
  • Attackers stole credentials, emails, contacts, and shared folders from Zimbra Webmail.
  • The malware executed asynchronously, hiding UI elements and evading detection.

ICS files function as a format to distribute calendar data including meetings and events between various applications. However, attackers discovered a cross-site scripting (XSS) vulnerability tracked as CVE-2025-27915 in ZCS versions 9.0, 10.0, and 10.1.

The security problem occurred because HTML sanitization of calendar files was insufficient, allowing attackers to insert dangerous JavaScript code to steal user session credentials.

StrikeReady detected the attack through their monitoring of big ICS files which contained JavaScript code. The researchers discovered that the attack operation started during early January before Zimbra released security updates on January 27.

“The threat actor spoofed the Libyan Navy’s Office of Protocol in an email that delivered a zero-day exploit that targeted a Brazilian military organization,” researchers said.

The attackers embedded Base64-encoded ICS files into their malicious emails to conceal their obfuscated JavaScript code. The executed code would enable attackers to steal Zimbra Webmail user credentials, together with their email content, contact information, and shared folder access.

It also used the Zimbra SOAP API to search for emails, forwarded messages to a ProtonMail address, and repeatedly sent stolen data every four hours.

The malware contains three main functions which enable it to conceal user interface elements and steal credentials by detecting user logout, and implementing a three-day reactivation delay for evading detection.

While StrikeReady couldn’t confirm the attackers’ identity, they noted that “a Russian-linked group is especially prolific” at exploiting such vulnerabilities. They also observed tactics similar to those used by UNC1151, a group linked to the Belarusian government.

BleepingComputer received a statement from Zimbra which indicated that the company does not think the exploit exists at large scale.

However, the company states that users should update their systems right away, and monitor their network activity for suspicious behavior, as well as check their filters for unauthorized modifications.