packet
Latest
Exploit uses firewalls to hijack smartphones, turns friends into foes
Normally, firewalls at cellular carriers are your best friends, screening out malware before it ever touches your phone. University of Michigan computer science researchers have found that those first lines of defense could be your enemy through a new exploit. As long as a small piece of malware sits on a device, that handset can infer TCP data packet sequence numbers coming from the firewall and hijack a phone's internet traffic with phishing sites, fake messages or other rogue code. The trick works on at least 48 carriers that use firewalls from Check Point, Cisco, Juniper and other networking heavy hitters -- AT&T being one of those providers. Carriers can turn the sequences off, although there are consequences to that as well. The only surefire solution is to either run antivirus apps if you're on a mobile OS like Android or else to run a platform that doesn't allow running unsigned apps at all, like iOS or Windows Phone. Whether or not the exploit is a serious threat is still far from certain, but we'll get a better sense of the risk on May 22nd, when Z. Morley Mao and Zhiyun Qian step up to the podium at an IEEE security symposium and deliver their findings.
Further developments in MapleStory Europe's hacking madness
Last week, we brought you the news that players abusing an exploit had brought MapleStory Europe's in-game economy to its knees. Using a packet-forging exploit, players with the Meso Guard skill were able to trick the server into giving them 2.17 billion mesos. Hundreds of mule accounts were created to house the forged currency, and trillions was poured into the economy via trades and market stalls. Nexon EU's initial response was to trade-ban all characters with over a certain amount of currency, a move that was criticised for catching a great deal of legitimate players and also somehow missing many of the hackers' mule accounts. Despite concerns that the issue had gotten out of hand, Nexon EU stated that the company opted not to perform a server rollback. "The reason why we didn't perform a rollback on our servers," a Nexon EU representative told us, "was because we detected the exploit too late which may make the players lose even more of their gains if we were to turn everything back." The company's final plan for dealing with the massive influx of mesos has finally been announced, and it's bad news for practically everyone involved. After determining that the damage to the economy had become irreversible, Nexon decided to try to bring balance back to the economy by deleting a large percentage of every single player's mesos. The forums have been in an uproar about the solution, with players complaining that it harms legitimate players more than the hackers. Legitimate players who have never cheated nor hacked will log in to find up to 90% of their hard-earned cash gone. Hackers will suffer the same percentage deduction, but with trillions stashed away in mule accounts they'll still be a lot better off than they were before the incident. Nexon EU clarified the statement in a later announcement, stating that "the deduction of Mesos will only be applied to users who have logged into the game between January 5th, 2011 and February 9th, 2011 5:00 A.M. (GMT+1)." Accounts that were previously trade-banned will also be receiving 1,000 maple points and an incubator as compensation.
MapleStory Europe's economy collapses due to currency exploit [Updated]
Despite its huge financial success, MapleStory Europe has had more than its fair share of problems. Last month, controversy hit MapleStory Europe when double-xp cards lasting for 90 days, instead of the intended 24 hours, were accidentally placed in the cash shop during the new year sale. The latest issue to hit MapleStory Europe has done serious and potentially irrecoverable damage to the game's economy. The exploit involved the Chief Bandit and Shadower classes, which both have a skill called "Meso Guard". This causes them to lose mesos, the game's currency, when hit instead of hitpoints. Packet-forging exploits have been used for some time to alter the damage players deal to monsters or receive from them. Combined with Meso Guard, hackers were able to fool the game into hitting them for -2,147,483,648 damage (the largest negative value a signed 32-bit integer can hold). Since the damage was a negative value, the Meso Guard skill then granted the player over two billion mesos. Hacking players used their ill-gotten gains to buy up practically everything in players' market stalls, massively inflating the game's economy by pouring untold billions into the hands of random players. Nexon attempted to patch the exploit last night and responded by permanently trade-banning countless accounts. Reports from players indicate that the exploit is still possible and that many of the offending accounts were not banned. To make matters worse, a large number of legitimate players who were traded ill-gotten currency were also allegedly trade-banned. The follow-up to another meso exploit found last year was similarly lackluster, with no server rollback performed in either instance. [Update: Scott Yoo from Nexon Europe got in touch with us to provide an update on the story. He had the following to say: "[W]e did 'trade-ban' suspected accounts temporarily in order to conduct an internal investigation but we also had to make sure no-more illicitly gained Mesos (in-game currency) are going out to the in-game market and contained in the meanwhile. We do admit that a certain amount of legitimate players can be included in the trade banned list and that's what we are going to reveal through the investigation carefully. [...] The reason why we didn't perform a rollback on our servers was because we detected the exploit too late which may make the players lose even more of their gains if we were to turn everything back. Another announcement that includes more details on this incident will go up live shortly (either today or tomorrow as the latest)."]
