hackers

Latest

  • Free for All: The real damage of botting, in the words of a botter

    I received an interesting email from someone the other day, someone who wanted to let me in on the lifestyle of a botter. Frankly I was a little embarrassed for the guy since he seemed to believe me to be naive about the entire process. The truth is that I have met plenty of shady characters and heard stories that would make your eyes bug out of your head. I've heard these stories from the developers and players themselves. There truly is some nasty stuff going on in MMO gaming. The saddest thing is that cheaters honestly think that what they do cannot possibly result in much harm for the game they are botting in, cheating at, or hacking up. It's sad because the truth is that a cheater, as one person, might not have much of an impact on the game. Add up several thousands of these scam artists and the results are mindboggling. Drive by your local dump to see just how much trash can pile up, one person at a time. I want to shine some light on just how damaging botting can be. Click past the cut.

    Beau Hindman
    11.02.2011
  • Introducing Shadowrun Online

    Cliffhanger Productions, the makers of the upcoming Jagged Alliance Online, has announced another title in progress: Shadowrun Online. Based on the popular pen-and-paper game, Shadowrun will share a similar top-down strategy format with Jagged Alliance. Shadowrun takes place in a dystopian 2070 where magic and technology clash, and where hackers and street samurai are commonplace. Shadowrun Online players will split their game time between prepping missions and carrying them out. While some of the maps will require all-out action efforts, others will require stealth, hacking, and even magic. Between fights, players will seek out contacts, prepare spells, and purchase gear to improve their odds when the time comes. Shadowrun Online is in pre-production and the team hopes to get it into full development by November. It is planned to be a browser-based title, and Cliffhanger is drawing from Shadowrun alumni efforts to keep the game in line with the franchise. The company is still looking for partners to help with publishing and distributing.

    Justin Olivetti
    10.13.2011
  • Hackers compromise 33,000 SOE accounts

    Sony's hacking woes continue today, as intruders today have attempted -- and, in some cases, succeeded -- to access the giant corporation's accounts. Chief Information Security Officer Philip Reitinger posted a letter on several SOE forums informing players that their accounts may have been compromised. The good news is that less than 0.1% of Sony's entire playerbase has been affected. The bad news is that that leaves around 33,000 SOE players -- in addition to Sony Entertainment Network and PlayStation Network customers -- whose accounts were hacked. Following the intrusion, Sony temporarily locked the accounts and is investigating the situation. "Only a small fraction of these 93,000 accounts showed additional activity prior to being locked," Reitinger said. He assured customers that credit card numbers were not leaked and that any purchases made during this intrusion will be restored. SOE customers with locked accounts will receive an email with instructions on how to validate their credentials and restore their service.

    Justin Olivetti
    10.12.2011
  • Fighting the EverQuest hacking wildfire

    While hacking and botting may not be a source of frustration to you in your daily MMO, to the denizens of EverQuest, it is a real and ever-present headache. In what is already not the easiest MMO on the planet, players are experiencing an onslaught of hackers who go out of their way to ruin the fun for everyone. In a three-part series, Ten Ton Hammer exposes the systematic problem of rampant hacking in the game, especially on the new progression servers. While guilds are doing their part to crack down on hackers in their midst, it doesn't seem to be enough to stem the flow, especially as with a much smaller team in place these days. Ultimately, fighting this problem does not seem to be SOE's current priority. EQ Producer Thom Terazzas addressed the issue of hacking by saying, "The expansion is something that we're really focused on right now. That has gotten, I would say, 80 percent of the focus here. So doing anything that dramatically combats the hacking is something that we would really like to do, but it is not something we've been able to do." Terazzas followed that up by talking with the Customer Service team and promised that the hackings will receive higher priority once the expansion crunch is over. In the meantime, he urged players to file reports with CS if hacking was observed.

    Justin Olivetti
    10.06.2011
  • Researchers develop method to measure effects of WiFi attacks

    America is built on the principles of life, liberty and WiFi, the latter of which has increasingly become a target for hackers hoping to mess up our chi. To predict what would happen as result of an assault, researchers at North Carolina State University created two models -- one based on a continuous jam of service, and one on an intermittent disruption that would cut off service during specific times. They then measured "order gain," which compares the probability of an attacker having network access to the probability of a legitimate user having access. Basically, the more control a hacker has, the more regular users that will lose service and be shut out -- making it harder to regain control. Researchers hope the new method will help identify the most vulnerable networks, opening the doors to create effective countermeasures to keep our WiFi safe -- something that Starbucks customers will surely be thankful for.

    Lydia Leavitt
    09.13.2011
  • Artists hack Sony Ericsson's Xperia phones to see the unseen universe, use fire as a flash

    For most of us, cellphones are for texting, calling and maybe the occasional tweet, but what happens when you hand them over to some of the world's most creative minds? Giving hackers, artists and intellectuals free reign to mess with the various Xperia phones, Sony found out just how capable its handsets really are. Using a few tweaks and hacks, artists were able to create an installation that breathes fire when you snap a photo, a remote-controlled boat with GPS and a bike that uses colored lights to spell out secret words only visible when captured on camera. When Sony asked astrophysicist Joshua Peek to give it a go, he took full sky maps and telescope image data to build an app with an up-close view of electromagnetic patterns in the sky. To round out the project, musician Annabel Lindquist composed a song based on the sounds of Paris she recorded with an Arc. Now, if they could just mod one to avoid dropped calls, we'd be all set. Videos of their ingenuity in action after the break.

    Lydia Leavitt
    09.11.2011
  • Sony names former US Homeland Security official Philip Teitinger as 'Chief Information Security Officer'

    Though Sony's initial reaction to the enormous PlayStation Network breach earlier this year may have been less than stellar, the company responded in force as time went on, even vowing to hire a "Chief Information Security Officer" eventually. This morning, the company named the person filling that position: former director of the US National Cyber Security Center Philip Reitinger. Serious business! Reitinger is actually filling two roles, as he's been hired on as senior vice president as well as chief information security officer, reporting to executive VP and general counsel Nicole Seligman. A Sony spokesperson reconfirmed that the appointment of Reitinger was due to this year's PSN breach, and specifically noted, "We are looking to bolster our network security even further." May we suggest hiring a certain superhacker known as "Zero Cool"?

    Ben Gilbert
    09.06.2011
  • Star Wars Galaxies fan site hacked, 23K passwords stolen

    Talk about kicking a game's community when it's down. VentureBeat reports that Star Wars Galaxies.net, a major SWG fan site, was hacked yesterday. Star Wars Galaxies.net is part of a LucasArts fan site network, and apparently was not being actively maintained, as the last update was in June of 2009. Still, over 21,000 email addresses and 23,000 passwords were stolen -- some of which could lead to identity theft, according to authorities. The hack was perpetrated by ObSec, a small group in the vein of LulzSec. The hackers posted the email addresses and passwords online for all to see. Analysis of the passwords found that 71% were relatively weak and easy to crack anyway. Some Star Wars Galaxies players may see this as an unfortunate echo of the much larger Sony hack that happened earlier this year. We at Massively urge any players who have used this fan site to make sure that they change their passwords elsewhere as well.

    Justin Olivetti
    08.31.2011
  • MIT research team improves wireless security, is starting with the man in the middle

    Now that they've finished building a robot capable of making cakes, MIT's researchers can get on with the serious business of improving our wireless security. In a new study it reveals a technique dubbed tamper-evident pairing that stops so-called man-in-the-middle attacks. Put simply, a hacker intercepts your wireless communications, reads it and passes it onto the recipient, pretending to be you. Because the hacker controls the flow of information between the two parties, it's difficult to detect. MIT's process randomizes and encrypts the data with silence patterns and strings of additional information, which a hacker won't be able to replicate. The best part is that the added security measures only add 23 milliseconds of time onto each transmission. As fixing our wireless security problems is now out the door, the team are probably off to solve some more giant Rubik's cubes.

    Daniel Cooper
    08.26.2011
  • Android Network Toolkit lets you exploit local machines at the push of a button

    Defcon 2011 is in full hacking swing, and Itzhak Avraham -- "Zuk" for short -- and his company Zimperium have unveiled the Android Network Toolkit for easy hacking on the go. Need to find vulnerabilities on devices using nearby networks? The app, dubbed "Anti" for short, allows you to simply push a button to do things like search a WiFi network for potential targets, or even take control of a PC trojan-style. To do this, it seeks out weak spots in older software using known exploits, which means you may want to upgrade before hitting up public WiFi. According to Forbes, it's much like Firesheep, and Zuk refers to Anti as a "penetration tool for the masses." Apparently, his end-goal is to simplify "advanced" hacking and put it within pocket's reach, but he also hopes it'll be used mostly for good. Anti should be available via the Android Market this week for free, alongside a $10 "corporate upgrade." Consider yourself warned.

    Joe Pollicino
    08.08.2011
  • Kim Jong-il has hackers farming MMOs for in-game coin (and, we assume, Aviators)

    It all makes sense now -- North Korea's infamously deluded dictator, Kim Jong-il, wants to be king of the castle in NCsoft's MMO Lineage, completely explaining his fetishes for extravagance and naked discos. Kim has hired a team of hackers to farm Asian MMOs for in-game coin, which they sell online for cash IRL, according to South Korean officials. Kim's hackers hail from North and South Korea, and work with operatives in Northern China, four of which were arrested last week in Seoul for organizing a hacking squad of 30 people, authorities said. In less than two years, the organizers made $6 million, 55 percent of which went to the hackers, and some of that to Kim's agents in Pyongyang, Seoul police said. Officials believe the hackers report to a mysterious Communist Party agency named Office 39, which earns money for Kim through drug trafficking, arms sales and other illegal activities. Kim's slush fund is worth billions, American and South Korean officials said, and he uses it, in part, to fund a nuclear weapons program. This is truly upsetting, because the only thing more depressing than a nuclear attack is a nuclear attack funded by MMOs.

    Jessica Conditt
    08.07.2011
  • North Korea employing MMO hackers to fund government

    What's a dictator to do when his third-world economy is wheezing along on its last legs? Hack some video games, of course! According to a report in the New York Times, North Korea's Kim Jong-il unleashed an army of young computer crackers on popular South Korean online gaming portals to find ways to make quick cash. South Korean authorities claim that a squad of approximately 30 hackers operated from a base in China and were given the mission of breaching online gaming servers (including those of the immensely popular Lineage) to set up bot factories and automated farming collectives. The digital booty was then sold to gamers for a reported $6 million over two years. Chung Kil-hwan, a senior officer at South Korea's International Crime Investigation Unit, says that the hacker group "reports to a shadowy Communist Party agency called Office 39, which gathers foreign hard currency for Mr. Kim through drug trafficking, counterfeiting, arms sales, and other illicit activities."

    Jef Reahard
    08.06.2011
  • Hackers break into Subaru Outback via text message

    We've already seen SCADA systems controlled by Google Search, and now the Black Hat Technical Security Conference is offering up yet another slice of cringe-inducing hacker pie. A pair of pros from iSec Partners security firm was able to unlock and start the engine of a Subaru Outback using an Android phone and a process they call war texting. By setting up their own GSM network, they were able to snatch up password authentication messages being sent from server to car, allowing them the option to ride off in a brand new crossover. Apparently, your car isn't the only thing in danger of a war-texting takeover, however, as the team says there are a slew of devices and systems, accessible over telephone networks, that are vulnerable to similar attacks, including A-GPS tracking devices, 3G security cameras, SCADA sensors -- and thus the power grid and water supply -- home automation, and urban traffic control systems. Somehow this group of otherwise innocent looking New York texters appears a whole lot more sinister now.

  • Scott Hartsman says gold farming hurts our games more than we know

    Gold buying is one of those aspects of MMO culture that is seemingly universally denounced, yet enough people partake in the practice to keep the wheels of this grey market activity going. Scott Hartsman may be saying the obvious when he denounced gold farming and selling to Gamasutra, but apparently it is still something we need to hear. The Trion Worlds general manager shared a glimpse of just how hard these activities hit games, and how concerned he and other studio execs are about the proliferation of credit card fraud that results: "It's those kinds of things where people laugh and go, 'Oh, that never happens.' No. It happens. It happens a s**tload. To the point where, over the last three or four years, I would dare anybody to ask an exec at a gaming company how much they've had to pay in MasterCard and Visa fines, because of fraud. It happens a lot." According to Hartsman, the more these events take place, the more money studios spend on paying fines and dealing with them instead of reinvesting funds into the games themselves -- all because of the "jerks" perpetuating the crimes.

    Justin Olivetti
    07.21.2011
  • iOS 4.3.4 jailbroken already

    And the back-and-forth continues: iOS 4.3.4 has been jailbroken on every iDevice but the iPad 2, according to reports from Redmond Pie about PwnageTool. The 4.3.4 update was released just a little while ago specifically to plug up the exploit used to jailbreak the operating system, but apparently hackers have either found a way around the fix, or simply found another way in. If you want to play with fire, you can download the custom bundle right now and jailbreak away, though be warned of course that this is not for the faint of heart. If you want to make the leap (and enable things like Cydia on a newly-patched iOS device), you can follow the directions listed here. [via Engadget]

    Mike Schramm
    07.16.2011
  • Apple iOS 4.3.4 software update may fix iPhone hole, block PDF jailbreak

    Remember that PDF exploit from last year that JailbreakMe 2.0 was using to unlock your iPhone with just a few taps? Well, Apple patched it. And now it's apparently back. According to the Wall Street Journal, Apple acknowledged the exploit, and is working on an update at this very moment. In addition to the JailbreakMe 3.0 hack that came to light last week, the hole can also be used for some not-so-noble efforts, like grabbing your contacts database, accessing saved passwords, or activating your iPad or iPhone's built-in camera. And nobody wants that. For one reason or another, German authorities have taken the lead on encouraging Apple to investigate, and have also warned all users to avoid opening PDF docs from untrusted sources. And we're happy to echo that rather solid advice, given the implications. Ironically, JailbreakMe includes a patch for the very hole that allows it to function in the first place, so if you're terrified that rogue PDFs will take over your devices, that's an option to consider in the meantime.

    Zach Honig
    07.07.2011
  • Before disbanding, LulzSec releases Battlefield Heroes data

    The sextet of hackers known as "Lulz Security" may be done with their 50-day reign of semi-terror, but that doesn't mean the ramifications of their actions are over. In a final file released alongside yesterday's statement, the group released info from approximately 550,000 Battlefield Heroes beta user accounts (according to Rock, Paper, Shotgun) as well as the info from roughly 50,000 "random gaming forum" users. EA tells Eurogamer that the info was from "an early beta version" of the game, and "no emails, account history, credit card numbers or payment methods" were obtained. Apparently the breach took down BF Heroes servers over the weekend, though EA also explained that it has recovered the free-to-play FPS to operational status. And though it's possible that some of the group's handiwork has yet to be discovered, we're hopeful that this is the last story of a breach we'll be writing after the hacking group's disbandment.

    Ben Gilbert
    06.27.2011
  • Defcon Kids event invites hackers to bring their genetic back-up units

    Apparently, kids aren't at all put off by the air of misadventure and notoriety that surrounds hacking. In fact, they're so eager to partake in lock-picking workshops, clue-deciphering seminars and social engineering round-tables, that Defcon in August will have a side event totally dedicated to proto-hackers aged 8-16. The focus will be strictly on well-intentioned hacking and cyber-security, so there's little risk that your progeny will be set on a life-path that ends in a lengthy jail term. Nevertheless, the organizers warn that the main adult event will be going on all around the kids' areas, leading to a risk of exposure to bad language, possible nudity and an "assortment of philosophies." And if that doesn't deter them, nothing will.

    Sharif Sakr
    06.27.2011
  • Fifty days of 'lulz' over: LulzSec disbands

    The secretive hacking group known as LulzSec has announced that it is formally disbanding with the completion of its planned 50 days of mayhem. Among its many targets that it has hacked, including government sites, LulzSec struck at The Escapist, Bethesda Game Studios, League of Legends, and EVE Online. LulzSec sent out a final statement, which said the group was a band of six hackers who had planned 50 days of attacks from the beginning. Now that the time is up, the group plans to fade into the shadows. The group hopes that others will continue with these illegal activities: "Behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us." While a suspected member of LulzSec was arrested a few days ago, the organization denied that he was part of the collective.

    Justin Olivetti
    06.27.2011
  • Report: LulzSec hacking group releases thousands of account logins, includes Xbox Live and Facebook [update]

    Adding to the list of game-related companies it has attacked, LulzSec yesterday claimed to have stolen and leaked the login and password information for approximately 62,000 "internet accounts," reports the CBC. The stolen info is said to comprise logins/passwords from Facebook, Twitter, "dating sites," PayPal and, notoriously, Xbox Live. It is also claimed that the majority of accounts are from the United states, though several other countries are named in the report. The account database info is still currently available through the LulzSec website (though we'd suggest not visiting) -- various folks on Twitter responding to the group claim to have done a variety of things with the information, from having a large pack of condoms delivered to an elderly woman, to one person saying they bilked a PayPal account for £250 ($404). Earlier this week, the group attacked and successfully took down a handful of game industry websites, including EVE Online, Minecraft and The Escapist. All three sites quickly recovered and have been online since. Microsoft has yet to respond to request for comment on yesterday evening's alleged breach. Update: Microsoft has released a statement, which states that Xbox Live was not compromised to the best of Microsoft's knowledge, and the logins/passwords were released at random, with people encouraged to try said information on services like Xbox Live (among others). "This group appears to have posted a list of thousands of potential email addresses and passwords, and encouraged users to try them across various online sites like Xbox Live in the event one of the users happens to use the same password and email address combination. At this time we do not have any evidence Xbox Live has been compromised. However we take the security of our service seriously and work on an ongoing basis to improve it against evolving threats."

    Ben Gilbert
    06.17.2011