Massively http://massively.joystiq.com Massively http://www.blogsmithmedia.com/http://massively.joystiq.com/media/feedlogo.gif Massively http://massively.joystiq.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/<![CDATA[The Daily Grind: How do you keep track of your passwords?]]>http://massively.joystiq.com/2012/04/25/the-daily-grind-how-do-you-keep-track-of-your-passwords/http://massively.joystiq.com/2012/04/25/the-daily-grind-how-do-you-keep-track-of-your-passwords/http://massively.joystiq.com/2012/04/25/the-daily-grind-how-do-you-keep-track-of-your-passwords/#commentsFiled under: , , ,

Passwords
It's a hazard of the job that we accumulate scores of passwords while writing at Massively. It makes sense: Every new MMO tried means a new account, and because I'm not stupid, a new password. Unfortunately, the numbers began to pile up on me and I began to realize that there was no way I was going to remember all of these for when I'd go back to a game months after the fact.

My old system used a common theme (say, names of Pokemon) that allowed for different passwords while giving me a chance at guessing them if I forgot. My new system is a $0.99 notebook that I desperately hope my kids don't discover and chew up. It's a slight improvement but not perfect.

So I'm curious: How do you keep track of your passwords? Do you memorize them, write them down in a notebook, have a text file on your computer, or use a password manager program?

Every morning, the Massively bloggers probe the minds of their readers with deep, thought-provoking questions about that most serious of topics: massively online gaming. We crave your opinions, so grab your caffeinated beverage of choice and chime in on today's Daily Grind!

MassivelyThe Daily Grind: How do you keep track of your passwords? originally appeared on Massively on Wed, 25 Apr 2012 08:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>accountaccount-securitydaily-grindgi-joeopinionpasswordpassword-managerpasswordsrandom-passwordstdgthe-daily-grindWed, 25 Apr 2012 08:00:00 EST<![CDATA[F2P publisher gamigo's account services offline after hack [Updated]]]>http://massively.joystiq.com/2012/03/01/f2p-publisher-gamigos-account-services-offline-after-hack/http://massively.joystiq.com/2012/03/01/f2p-publisher-gamigos-account-services-offline-after-hack/http://massively.joystiq.com/2012/03/01/f2p-publisher-gamigos-account-services-offline-after-hack/#commentsFiled under: , , ,

gamigo logo
If you're a fan of gamigo's free-to-play MMO library, you may have run into some trouble accessing your account info as of yesterday. The company "detected an illegal intrusion into [its] gamigo account system," according to an official post on the Jagged Alliance forums.

The hack resulted in a temporary cessation of registration, account management, and payment services. The company says that while the game servers are still up and running, "the gAS services might be down for a while." gamigo also says that it encrypts passwords and that "no access to account names and other data is confirmed."

[Thanks for the tip, Tim!]

[Update: gamigo has now posted a letter to its website discussing the intrusion and recommending steps players should take to reset passwords and secure their accounts.]

MassivelyF2P publisher gamigo's account services offline after hack [Updated] originally appeared on Massively on Thu, 01 Mar 2012 10:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityf2pfree-to-playgamigogamigo-account-servicesgamigo-hackhackjagged-alliancesecuritysecurity-breachThu, 01 Mar 2012 10:30:00 EST<![CDATA[Nexon bringing Mabinogi back online, compensating affected players]]>http://massively.joystiq.com/2012/01/03/nexon-bringing-mabinogi-back-online-compensating-affected-playe/http://massively.joystiq.com/2012/01/03/nexon-bringing-mabinogi-back-online-compensating-affected-playe/http://massively.joystiq.com/2012/01/03/nexon-bringing-mabinogi-back-online-compensating-affected-playe/#commentsFiled under: , , , , , ,

Mabinogi - character selection screen
Nexon has brought Mabinogi back online, and the company tells Massively that "the issues that led us to temporarily disable service have been addressed."

The free-to-play sandbox was offline for nearly 40 hours last weekend, and Nexon will be compensating players with 5,000 NX (the company's cash shop currency), a two-day extension of VIP/Premium/Inventory Plus service, and a forthcoming double XP event. Nexon also tells us that players who were directly affected by the recent malicious activity will receive an additional 5,000 NX (10,000 total) and will have their lost items restored.

If you think you've been affected by the recent attacks, contact Nexon Support directly, and be sure to provide the following info when submitting your ticket:
  • account name
  • character name
  • character server
  • date of malicious activity
  • items missing/removed
  • name of malicious character (if available)
Finally, affected players should include the keyword MUGWORTS in their support ticket summary field to assist in filtering and processing.

[Source: Nexon press release]

MassivelyNexon bringing Mabinogi back online, compensating affected players originally appeared on Massively on Tue, 03 Jan 2012 15:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityf2pfantasyfree-to-playmabinogimabinogi-hackingmabinogi-offlinemalicious-activitynexonnexon-hackingsandboxsecurityTue, 03 Jan 2012 15:00:00 EST<![CDATA[Star Wars: The Old Republic launches Android authenticator and upcoming test server]]>http://massively.joystiq.com/2011/12/21/star-wars-the-old-republic-launches-android-authenticator-and-u/http://massively.joystiq.com/2011/12/21/star-wars-the-old-republic-launches-android-authenticator-and-u/http://massively.joystiq.com/2011/12/21/star-wars-the-old-republic-launches-android-authenticator-and-u/#commentsFiled under: , , , ,

Pictured: not security.
If analyst predictions hold true, Star Wars: The Old Republic is going to be big. And that means that it's going to be heir to the natural problem of account hackings, the sort of thing that goes hand in hand with every major MMO. Luckily, the game has launched with security authenticators already available, with a physical version and an Apple app available right out of the gate. The mobile authenticator for Android devices is also now available, meaning that you have a multitude of ways to ensure that the only threats to your characters are those of the blaster-wielding variety.

Once you've gotten through the authenticator stage, however, perhaps you'd like to see what's coming next for the game? Ask a Jedi reports that it looks like BioWare is in the process of setting up a public test server, giving every subscriber a chance to enjoy the upcoming patches and updates before they go live. While players will not be able to copy characters from the live servers to the test environment at this time, the team behind Star Wars: The Old Republic seems to be polishing up the game on a daily basis even though it's just launched, so that likely won't remain the case for long.

MassivelyStar Wars: The Old Republic launches Android authenticator and upcoming test server originally appeared on Massively on Wed, 21 Dec 2011 19:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityauthenticatorbiowarebioware-mmobioware-mmorpgbioware-star-warsbioware-swtoreaelectronic-artslauncheslucas-artslucas-arts-mmolucas-arts-mmorpgmobile-authenticatornewspublic-test-serversecuritysecurity-keystar-wars-gamestar-wars-mmostar-wars-mmorpgstar-wars-the-old-republicstar-wars-torstarwarsstarwars-the-old-republicsw-torswtortest-serverthe-old-republicWed, 21 Dec 2011 19:00:00 EST<![CDATA[MapleStory breached, 13 million accounts exposed]]>http://massively.joystiq.com/2011/11/26/maplestory-breached-13-million-accounts-exposed/http://massively.joystiq.com/2011/11/26/maplestory-breached-13-million-accounts-exposed/http://massively.joystiq.com/2011/11/26/maplestory-breached-13-million-accounts-exposed/#commentsFiled under: , , , ,

MapleStory
The famously hacked Sony has a sympathetic shoulder this week, as Nexon recently discovered a massive breach that's exposed over 13 million MapleStory player accounts to cyber ne'er-do-wells. Discovered this past Thursday, the breach was solely limited to South Korea, as Nexon hosts separate countries on their own servers.

This means that any South Korean MapleStory player's information is at risk, including user IDs, names, passwords, and residential registration numbers. This information could potentially be stolen and used for a variety of crimes.

While there's been no word whether actual personal information has been stolen, Nexon nevertheless urged these 13+ million subscribers to change their passwords. The company has contacted the police to ask for a formal investigation.

This comes at an unfortunate time for the company, as Nexon is poised to present its IPO on the Tokyo Stock Exchange in December.

MassivelyMapleStory breached, 13 million accounts exposed originally appeared on Massively on Sat, 26 Nov 2011 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securitybreachhackhackedhackersipokoreanmaplestorymaplestory-breachnexonsecurity-breachsoesonysouth-koreatokyo-stock-exchangeSat, 26 Nov 2011 18:00:00 EST<![CDATA[BioWare steps up The Old Republic account security]]>http://massively.joystiq.com/2011/11/07/bioware-steps-up-the-old-republic-account-security/http://massively.joystiq.com/2011/11/07/bioware-steps-up-the-old-republic-account-security/http://massively.joystiq.com/2011/11/07/bioware-steps-up-the-old-republic-account-security/#commentsFiled under: , ,

Screenshot -- Star Wars: The Old Republic
As Star Wars: The Old Republic's launch date draws ever nearer, BioWare has announced that it is stepping up account security for the game. Any players whose accounts were created prior to October 21st will be required to change their passwords in order to conform to the new standards. Those standards, for the curious, dictate that the password must be between eight and 15 characters and must contain at least one uppercase letter, one lowercase letter, and one number. For the full details, head on over to The Old Republic's official site.

MassivelyBioWare steps up The Old Republic account security originally appeared on Massively on Mon, 07 Nov 2011 20:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securitybiowareeaelectronic-artspasswordsecuritystar-wars-the-old-republicswtorthe-old-republictorMon, 07 Nov 2011 20:30:00 EST<![CDATA[Turbine addresses LotRO forum security concerns]]>http://massively.joystiq.com/2011/10/17/turbine-addresses-lotro-forum-security-concerns/http://massively.joystiq.com/2011/10/17/turbine-addresses-lotro-forum-security-concerns/http://massively.joystiq.com/2011/10/17/turbine-addresses-lotro-forum-security-concerns/#commentsFiled under: , , , ,

Lord of the Rings Online - horse at sunrise
While it's not quite a conspiracy unmasked, Turbine has officially acknowledged a bit of a security issue with its Lord of the Rings Online-related web applications. Last week we reported on the temporary closure of the game's official forums, and today Turbine has issued a press release that touches on the situation.

As you would expect, it's all very hush-hush in terms of details, and the release recommends password changes for all LotRO players. While the game itself remains open for business, there is no time table for the restoration of forum services. "We are continuing to investigate and the forums will not reopen until this work is complete," Turbine says.

MassivelyTurbine addresses LotRO forum security concerns originally appeared on Massively on Mon, 17 Oct 2011 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>a-conspiracy-unmaskedaccount-securityf2pfantasyforum-securityforums-closedfree-to-playlord-of-the-rings-onlinelotropress-releasesecurityturbineTurbine-EntertainmentMon, 17 Oct 2011 13:00:00 EST<![CDATA[SOE releases account authenticators]]>http://massively.joystiq.com/2011/08/11/soe-releases-account-authenticators/http://massively.joystiq.com/2011/08/11/soe-releases-account-authenticators/http://massively.joystiq.com/2011/08/11/soe-releases-account-authenticators/#commentsFiled under: , ,

SOE autheticator
Sony Online Entertainment has joined the growing list of gaming companies that offer physical authenticators for protection against account hacking and associated fraud. EQ2Wire brings us the details on the new device, which at $9.95, is slightly more expensive than Blizzard's comparable Battle.net fob.

SOE's authenticator may be used on multiple Station accounts, and for now at least, is shipping out sans handling charges (even for overseas orders). EQ2Wire also has a handy and detailed guide to the new authenticators from last month's Fan Faire, and the website notes that free iOS and Android security apps will be forthcoming at an as-yet unannounced date.

MassivelySOE releases account authenticators originally appeared on Massively on Thu, 11 Aug 2011 19:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-hackingaccount-securityauthenticatorfobhackingmmo-industrysecuritysoesoe-authenticatorsoe-fobSony-Online-Entertainmentvascovasco-security-fobThu, 11 Aug 2011 19:30:00 EST<![CDATA[Ask Massively: Stay inside edition]]>http://massively.joystiq.com/2011/08/11/ask-massively-stay-inside-edition/http://massively.joystiq.com/2011/08/11/ask-massively-stay-inside-edition/http://massively.joystiq.com/2011/08/11/ask-massively-stay-inside-edition/#commentsFiled under: , , , , , ,

The inspiration for the Dervish dance, we know.
In sharp contrast to last week's advice, this time around, I'm advising everyone to stay inside. There's all sorts of cool stuff wherever you are right now, and it's kind of hot out today. Besides, look at how much fun Christopher Walken is having inside. Don't you want to be like Christopher Walken? Don't you want the ability to fly when your indoor cavorting requires it?

In other news, please enjoy the earbug that's infected the entirety of the Massively staff on the day this was written.

In other other news, it's time for this week's installment of Ask Massively, addressing significantly less weighty issues than last week's gold selling question. No, this week we're talking about old livestream videos, the reason for the non-ubiquity of authenticators, and of course, the great outdoors. If you've got a question you'd like to see answered in a future edition of the column, leave it in the comments or send it along to ask@massively.com.

Continue reading Ask Massively: Stay inside edition

MassivelyAsk Massively: Stay inside edition originally appeared on Massively on Thu, 11 Aug 2011 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityask-massivelyauthenticatorsculturefeaturedhumormanagementmassively-metaopinionoutdoorssecuritysecurity-concernsThu, 11 Aug 2011 18:00:00 EST<![CDATA[RIFT bringing out a new authentication service today - but not yet]]>http://massively.joystiq.com/2011/03/29/rift-bringing-out-a-new-authentication-service-today-but-not-y/http://massively.joystiq.com/2011/03/29/rift-bringing-out-a-new-authentication-service-today-but-not-y/http://massively.joystiq.com/2011/03/29/rift-bringing-out-a-new-authentication-service-today-but-not-y/#commentsFiled under: , ,

Authenticators are one of the most popular forms of account security around, giving players an extra layer of defense against hackers and keyloggers. RIFT has been dealing steadily with account security issues since launch, so the upcoming authenticator service is no surprise to players. Using a digital authenticator service, players will very soon be able to use their Android mobile devices for authentication services -- but carefully note the "soon," as the service isn't yet ready for prime time.

Currently, using the authenticator will prevent players from logging in, as the code for using said authentication isn't yet in place. A new launcher will be put into place for the game later today, allowing players with Android devices use of the authentication service. While the current release is only for the Android platform, code for the iOS is being finalized, meaning that iPhone and iPad users won't be left out in the cold. So if you're playing RIFT and want to have a little more random number to go with your login, you'll soon be able to do just that. (But not quite yet.)

[Thanks to Puremallace for the tip!]

MassivelyRIFT bringing out a new authentication service today - but not yet originally appeared on Massively on Tue, 29 Mar 2011 19:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-hackingaccount-protectionaccount-securityandroidandroid-osauthenticationauthenticatordroidhack-protectionmobile-authenticatormobile-devicenewsriftrift-planes-of-telarasecuritytriontrion-wroldsTue, 29 Mar 2011 19:00:00 EST<![CDATA["Solid one-two punch": Trion responds to account hacks]]>http://massively.joystiq.com/2011/03/19/solid-one-two-punch-trion-responds-to-account-hacks/http://massively.joystiq.com/2011/03/19/solid-one-two-punch-trion-responds-to-account-hacks/http://massively.joystiq.com/2011/03/19/solid-one-two-punch-trion-responds-to-account-hacks/#commentsFiled under: , , , ,

The saga of RIFT's account security woes continues, as Trion World's Scott Hartsman responded to the hacker attempts, reassuring fans curious about what steps were being taken to secure their accounts.

Citing "constant attacks" since the launch of RIFT that have impacted 1% of accounts, Hartsman said that the team is blocking hackers and botnets as quickly as they are identified, but that this will also be an ongoing process.

"Both the login fix and the Coin Lock addition have been doing their part in signficantly reducing overall incidents over the last 18 hours," Hartsman wrote. "Neither one is a silver bullet, but so far it is looking to be a solid one-two punch for the weekend."

According to his post, Trion will be hiring additional staff to tackle the problem, and is working on a "two-factor authentication" process for the future.

Hartsman also praised the efforts of the player who brought a serious log-in vulnerability to the team's attention. ZAM tracked down the player for an interview, who himself had his account hacked in early March. The player is an "ethical hacker" who owns a security software company and realized that these hacks were not the fault of the player, but an exploit that had been discovered.

Massively"Solid one-two punch": Trion responds to account hacks originally appeared on Massively on Sat, 19 Mar 2011 23:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityauthenticatorbotnetscoin-lockcompromised-accountsethical-hackerhackerhackingmanwitdaplanriftrift-planes-of-telarascott-hartsmansecuritytriontrion-worldstwo-factor-authenticationzamSat, 19 Mar 2011 23:00:00 EST<![CDATA[Player identifies "huge security hole" in RIFT's authentication system, Trion seals it]]>http://massively.joystiq.com/2011/03/19/player-identifies-huge-security-hole-in-rifts-authentication/http://massively.joystiq.com/2011/03/19/player-identifies-huge-security-hole-in-rifts-authentication/http://massively.joystiq.com/2011/03/19/player-identifies-huge-security-hole-in-rifts-authentication/#commentsFiled under: , , ,

Hacking and account hijacking have been severe issues for RIFT ever since launch, even though Trion Worlds anticipated the onslaught from the beginning. Yesterday we saw Trion implement the so-called Coin Lock patch to prevent hackers from selling other players' items in-game, which some see as a novel (partial) solution to the problem.

However, this may not be enough to stop the truly malicious invaders from getting into RIFT accounts. One player, identified as "ManWitDaPlan" on the forums, claims to have circumvented the account login completely, leaving a "huge security hole" for hackers to exploit:

"I have verified the authentication system can be bypassed by successfully logging into another account without needing its credentials. Worse, all it took was about thirty seconds of time once I got all of the details locked down. I did trigger Coin Lock, but I was fully able to access that handy delete-character button, so this exploit is a griefer's dream. I will not post details on how to do this (so don't ask), but I'm positive that I can reproduce this at will and likely on any account on the system."

Later in the thread, a Trion representative added: "We have some things in the works right now and have been passing on your feedback, concerns, and thoughts throughout the day (no matter how radical or unlikely). Sharing sensitive information about our actions (no matter how broad) naturally also informs those carrying out these attacks. This puts us in a tight spot with how much information we can provide, and the questions we can answer."

And it looks as though the problem may be fixed, as ManWitDaPlan posted late last night: "Got word back from Steve Chamberlin, the development lead for Rift. This hole is sealed."

MassivelyPlayer identifies "huge security hole" in RIFT's authentication system, Trion seals it originally appeared on Massively on Sat, 19 Mar 2011 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-exploitsaccount-securityauthenticationauthentication-systemcoin-lockcoin-lock-systemgriefershackhackedhackersmanwitdaplanriftrift-planes-of-telaratriontrion-worldsSat, 19 Mar 2011 13:00:00 EST<![CDATA[RIFT adds Coin Lock to improve security... probably]]>http://massively.joystiq.com/2011/03/18/rift-adds-coin-lock-to-improve-security-probably/http://massively.joystiq.com/2011/03/18/rift-adds-coin-lock-to-improve-security-probably/http://massively.joystiq.com/2011/03/18/rift-adds-coin-lock-to-improve-security-probably/#commentsFiled under: , , , ,

Getting your account stolen in an MMO is generally accepted to be about as much fun as having your car's engine fuse into a solid block of melted parts or getting bamboo slivers shoved under your fingernails. RIFT's newest patch, 1.02, includes a new feature designed to fight precisely that dreaded eventuality, with the new "Coin Lock" system restricting use of a character if the parent account logs in from a different location. While locked, the characters cannot access the auction or trade functions until the player verifies his or her identity.

While the system is a great idea in theory, several players are reporting that the coin lock system is not working as intended, with supposedly "locked" characters remaining accessible and capable of using all features freely. There are also several threads devoted to claims that account hacks are still taking place, although as with any account security issue, culpability is difficult to determine. While RIFT's Coin Lock is an excellent idea, it remains to be seen whether it's actually accomplishing the stated goals.

[Thanks to Simon for the tip!]

MassivelyRIFT adds Coin Lock to improve security... probably originally appeared on Massively on Fri, 18 Mar 2011 16:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>accountaccount-hackingaccount-securitycoin-lockforumshackingpatchpatchesriftrift-planes-of-telarasecuritysecurity-measurestriontrion-worldsupdatesFri, 18 Mar 2011 16:30:00 EST<![CDATA[NCsoft adding additional security to master accounts]]>http://massively.joystiq.com/2011/03/02/ncsoft-adding-additional-security-to-master-accounts/http://massively.joystiq.com/2011/03/02/ncsoft-adding-additional-security-to-master-accounts/http://massively.joystiq.com/2011/03/02/ncsoft-adding-additional-security-to-master-accounts/#commentsFiled under: , , , , , , ,

There's another layer of account security on the way for NCsoft master account users. The Korean gaming giant has posted updates on its City of Heroes, Guild Wars, and Aion websites inforrming users that they'll need to answer some additional security questions to log in to their master accounts.

Once the queries are correctly completed, you'll be granted one-time access as well as the ability to add that particular computer to an approved list. Login attempts from other computers will of course trigger the questions again, and users that have forgotten the security info entered at account creation will need to contact NCsoft support for assistance.

MassivelyNCsoft adding additional security to master accounts originally appeared on Massively on Wed, 02 Mar 2011 10:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityaioncity-of-heroesCity-of-Villainscoxfantasyguild-warsmaster-accountmmo-industryncsoftncsoft-master-accountsecuritysecurity-questionssuperheroWed, 02 Mar 2011 10:00:00 EST<![CDATA[APB blog talks beta applications, information security]]>http://massively.joystiq.com/2011/02/21/apb-blog-talks-beta-applications-information-security/http://massively.joystiq.com/2011/02/21/apb-blog-talks-beta-applications-information-security/http://massively.joystiq.com/2011/02/21/apb-blog-talks-beta-applications-information-security/#commentsFiled under: , , , , , ,

Welcome back to the weekly APB Reloaded update. This time around, GamersFirst has a followup to last week's beta application deadline announcement. APB's beta application process is a bit different than the norm, and GamersFirst producer Jon "Neume" Merriex has penned a lengthy blog entry that aims to fill in the gaps.

In addition to reviewing the game's beta key redemption process, the entry touches on the time-honored tradition of fudging your beta app in the hope of presenting a more appealing tester profile (and thus increasing your selection chances). "In the end, if you do fill out the form accurately and completely, we expect that the vast majority of beta applicants will in fact get closed beta access well before the roll out of the open beta," Merriex writes.

Finally, this week's post spends a bit of time on your personal information, and more specifically, the sharing of it with third parties. In a nutshell, GamersFirst pledges to keep your email address, phone number, credit card number, and other valuable bits of data both secret and safe. Information sharing from beta participants "is always aggregated, such as '85% of our players are male between the ages of 18 and 25,'" Merriex says. Head to the official APB Reloaded blog for more specifics.

MassivelyAPB blog talks beta applications, information security originally appeared on Massively on Mon, 21 Feb 2011 12:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityapbapb-reloadedbetabeta-applicationclosed-betacrimedev-blogdev-diaryf2pfree-to-playgamersfirstjon-merriexopen-betapersonal-informationsan-paroshooterthird-party-information-sharingMon, 21 Feb 2011 12:00:00 EST<![CDATA[Frogster not giving in to hacker's demands]]>http://massively.joystiq.com/2011/02/01/frogster-not-giving-in-to-hackers-demands/http://massively.joystiq.com/2011/02/01/frogster-not-giving-in-to-hackers-demands/http://massively.joystiq.com/2011/02/01/frogster-not-giving-in-to-hackers-demands/#commentsFiled under: , , , , ,

Free-to-play giant Frogster isn't playing along with Cpt.Z3r0, a hacker who resorted to blackmail and account theft to voice his views about the company's customer service and forum culture. Frogster, which publishes Runes of Magic, was stung by the release of over 2,000 RoM account names and passwords to its public forum last month, and has since been working to repair the damage done to its security systems as well as its reputation.

"Our team has to focus and work on making the system more secure, on managing the whole incident. It means that they can't work on their regular goals and targets, like making events for the game, or improving it in other ways," company COO Dirk Weyel told GamesIndustry.biz.

A police investigation into the hacking incident is ongoing, and Frogster is tight-lipped regarding any possible changes or improvements to its customer service apparatus, preferring instead to concentrate its PR firepower on the anonymous hacker. "Why is someone so angry? Why do they want to harm Frogster and the user base? Obviously, in any community you have people who complain. Some of them are reasonable, and some complain in a way that is unacceptable," Weyel said. He goes on to acknowledge that Frogster's community management isn't perfect, and that open and transparent communication are the ultimate goals.

MassivelyFrogster not giving in to hacker's demands originally appeared on Massively on Tue, 01 Feb 2011 10:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityblackmailcommunitycpt.z3r0customer-servicedirk-weyelf2pfree-to-playfrogsterfrogster-interactivehackingromrunes-of-magicsecurityTue, 01 Feb 2011 10:00:00 EST<![CDATA[Codemasters unveils Lord of the Rings Online hacked account program]]>http://massively.joystiq.com/2011/01/26/codemasters-unveils-lord-of-the-rings-online-hacked-account-prog/http://massively.joystiq.com/2011/01/26/codemasters-unveils-lord-of-the-rings-online-hacked-account-prog/http://massively.joystiq.com/2011/01/26/codemasters-unveils-lord-of-the-rings-online-hacked-account-prog/#commentsFiled under: , , , , ,

With great playerbase numbers comes great security responsibility. Wait, no. That's not the movie metaphor we're looking for. How about keep it secret, keep it safe!

That's more like it, but unfortunately for some Lord of the Rings Online fans, the secret (and the safe) parts are being compromised as the free-to-play title sees a rise in hacked accounts to go along with its expanding user numbers. All hope is not lost, however, as Codemasters (LotRO's European publisher) has introduced a new Hacked Account Restart Program designed to assist victims and speed them back onto the road to Mordor.

The program has a few prerequisites, among them player support eligibility and GM verification of the actual account owner. Claims must also be filed within seven days of the security breach, and reimbursement methods will vary at Codemasters' discretion. You can read the official announcement on the Codemasters website, and you'll also want to check out Customer Service Manager Sincilbanks' blog entry on the subject.

MassivelyCodemasters unveils Lord of the Rings Online hacked account program originally appeared on Massively on Wed, 26 Jan 2011 20:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-hackingaccount-securitycodemasterscodemasters-onlinef2pfantasyfree-to-playhackedhacked-accountslord-of-the-ringslord-of-the-rings-onlineLordOfTheRingslotrorestart-programrestart-programmeWed, 26 Jan 2011 20:00:00 EST<![CDATA[The Road to Mordor: Hacked!]]>http://massively.joystiq.com/2011/01/21/the-road-to-mordor-hacked/http://massively.joystiq.com/2011/01/21/the-road-to-mordor-hacked/http://massively.joystiq.com/2011/01/21/the-road-to-mordor-hacked/#commentsFiled under: , , , , ,

"My kinship had just finished an instance run about a week-and-a-half ago and was in the process of reloading back into the world when I got the message that I was being disconnected because I had just logged into the Brandywine server. Huh? Suspecting the worst, I immediately hit up the Turbine Account page and changed my password then re-logged back into the game, which would boot the hacker offline just like I had been booted minutes earlier.

"I was lucky and did that before the hacker had time to switch servers to where my active characters are. Other kinmates have not been so lucky."

So goes the frightening tale of Pumping Irony's Scott, who shares this in the hopes that others may avoid a similar scare. Unfortunately, it seems as though stories such as these are becoming more and more common in Lord of the Rings Online, where the worst threat to your quest may not be the eye of Sauron but the malicious intent of hackers gutting your account while you're offline.

Today we're going to step off the path for a temporary side trail into the gloomy undergrowth of account security and an MMO under siege.

Continue reading The Road to Mordor: Hacked!

MassivelyThe Road to Mordor: Hacked! originally appeared on Massively on Fri, 21 Jan 2011 19:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>a-casual-stroll-to-mordoraccountaccount-securityauthenticatorblizzardblizzard-authenticatorCodemastersCompromised-Accountcracked.comffxivfinal-fantasy-xivfirewallhackedhackersiphonelord-of-the-rings-onlinelotromalwaremiddle-earthparanoiapasswordpasswordspumping-ironysapiencesauronsecurityspywarethe-road-to-mordortokensturbineturbine-accountTurbine-Entertainmentvirus-scannerworld-of-warcraftwowFri, 21 Jan 2011 19:30:00 EST<![CDATA[The Daily Grind: What would you do if your account were compromised?]]>http://massively.joystiq.com/2010/12/17/the-daily-grind-what-would-you-do-if-your-account-were-compromi/http://massively.joystiq.com/2010/12/17/the-daily-grind-what-would-you-do-if-your-account-were-compromi/http://massively.joystiq.com/2010/12/17/the-daily-grind-what-would-you-do-if-your-account-were-compromi/#commentsFiled under: , , , ,

There's no denying that MMORPG security issues are on the rise and have been for several years now. As more people flood into the MMO space, script kiddies and social engineers naturally have more targets. Account compromises aren't always the result of end-user ignorance either, as several of us know computer-savvy folks who've logged into their favorite game to find their characters stripped (or haven't been able to log in at all).

Some game companies are fighting back, notably Blizzard with its World of Warcraft authenticators and NCsoft with its new Aion PIN system (which basically amounts to a second password). That said, ladies and gents, today's Daily Grind is more concerned with you. Specifically, what would you do (or have you done) if your account were compromised?

Every morning, the Massively bloggers probe the minds of their readers with deep, thought-provoking questions about that most serious of topics: massively online gaming. We crave your opinions, so grab your caffeinated beverage of choice and chime in on today's Daily Grind!

MassivelyThe Daily Grind: What would you do if your account were compromised? originally appeared on Massively on Fri, 17 Dec 2010 08:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-hackingaccount-securityaionaion-the-tower-of-eternityblizzardBlizzard-Entertainmentgame-discussiongamer-discussionhackingmmo-discussionmmo-hot-topicsmmo-issuesmmo-topicsmmorpg-discussionmmorpg-hot-topicsmmorpg-topicsncsofttdgthe-daily-grindWorld-of-WarcraftwowFri, 17 Dec 2010 08:00:00 EST<![CDATA[NCsoft answers questions on Aion's new security]]>http://massively.joystiq.com/2010/12/09/ncsoft-answers-questions-on-aions-new-security/http://massively.joystiq.com/2010/12/09/ncsoft-answers-questions-on-aions-new-security/http://massively.joystiq.com/2010/12/09/ncsoft-answers-questions-on-aions-new-security/#commentsFiled under: , ,

Ever been in the middle of a duel with a friend in Aion and watch him (or her) drop offline in the middle of a conversation, then come back online on each alt, strip it down, and sell off everything -- right in front of your eyes? That very scenario has happened to me, and similar situations have happened to others. Even counting RNG rages, nothing really compares to the frustration and heartache of losing all you have worked so hard for in-game, and no one wants to experience this. With this in mind, NCsoft has introduced an extra layer of security -- a new PIN system designed to better safeguard your virtual stash.

We were able to speak with Sean Neil, Associate Producer of Aion, and Lance Stites, Executive Vice President of Game Operations and Production at NCsoft West, to bring you the scoop on this new system.

Join us past the cut to hear what they had to say.

Continue reading NCsoft answers questions on Aion's new security

MassivelyNCsoft answers questions on Aion's new security originally appeared on Massively on Thu, 09 Dec 2010 16:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>Account-Securityaionaion-gamefeaturedinterviewInterviewskeyloggerkeyloggerslance-stitesloginnc-softnc-soft-aionncsoftncsoft-aionPINrmtSean-NeilsecurityThu, 09 Dec 2010 16:00:00 EST<![CDATA[Aion producer letter talks account security, transfers]]>http://massively.joystiq.com/2010/11/23/aion-producer-letter-talks-account-security-transfers/http://massively.joystiq.com/2010/11/23/aion-producer-letter-talks-account-security-transfers/http://massively.joystiq.com/2010/11/23/aion-producer-letter-talks-account-security-transfers/#commentsFiled under: , ,


Aion's been getting a decent amount of press this fall, first for September's Assault on Balaurea expansion and lately due to the uproar surrounding the 2.1 patch. Among other things, 2.1 substantially increased the game's loot drop rates, leading to huzzahs on one side of the aisle and raised eyebrows on the other.

Not to be outdone, NCsoft producer Chris Hager recently posted an open letter on the official Aion website, summarizing both the aforementioned changes and hinting at a few things to come for the world of Atreia. Hager gives a heads up regarding the final day for the free character transfers that have been ongoing since the summer. January 5th is last call, so make sure you've got your Elyos or Asmo where you want him.

Hager also mentions the fact that NCsoft is taking steps to increase account security, an issue that has plagued Aion since its launch in 2009. "We are stepping up our efforts and introducing a new secondary PIN system to Aion that will provide an additional layer of security to our players. This service will go live on December 1, 2010, and we will post a full FAQ in the coming days explaining exactly how it will work," he writes.

MassivelyAion producer letter talks account security, transfers originally appeared on Massively on Tue, 23 Nov 2010 20:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>2.1account-securityaionaion-the-tower-of-eternityaion-tower-of-eternityassault-on-balaureacharacter-transferschris-hagerncsoftncsoft-westopen-letterproducer-letterTue, 23 Nov 2010 20:00:00 EST<![CDATA[Runes of Magic team implements account security improvements]]>http://massively.joystiq.com/2010/07/28/runes-of-magic-team-implements-account-security-improvements/http://massively.joystiq.com/2010/07/28/runes-of-magic-team-implements-account-security-improvements/http://massively.joystiq.com/2010/07/28/runes-of-magic-team-implements-account-security-improvements/#commentsFiled under: , , , ,

Account security has been a concern for Runes of Magic players lately, and Frogster has been paying attention.

Community Manager Mike "Silberfuchs" Kiefer posted a fairly impressive list of improved security methods on the Runes of Magic forums, detailing some important changes. Players now have different options and methods for changing all usernames and passwords, and there are some new password requirements. Account and IP blocks will come into effect under certain circumstances as well.

Gold sellers also took a hit as a part of this new effort. Frogster has managed to obtain "an injunction against a number of goldsellers as well as companies and individuals offering leveling services," and those undesirables are being removed permanently.

Check out the forum post for all the details on how this will affect your account.

MassivelyRunes of Magic team implements account security improvements originally appeared on Massively on Wed, 28 Jul 2010 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-blocksaccount-securityf2pfree-to-playfrogsterftpgold-sellersip-blocksmike-kieferpasswordromrunes-of-magicsecurityWed, 28 Jul 2010 13:00:00 EST<![CDATA[SOE issues security alert for EQII and Station accounts]]>http://massively.joystiq.com/2010/07/15/soe-issues-security-alert-for-eqii-and-station-accounts/http://massively.joystiq.com/2010/07/15/soe-issues-security-alert-for-eqii-and-station-accounts/http://massively.joystiq.com/2010/07/15/soe-issues-security-alert-for-eqii-and-station-accounts/#commentsFiled under: , , ,

Ho hum, another week, another email phishing scam, not exactly news right? Well, this time around, Sony Online Entertainment thinks it is serious enough to issue a security alert via the official EverQuest II website, warning players to safeguard their login information and ensure that it is only used on the official SOE site.

While details on the new scam aren't clear, it's a safe bet that it has to do with exploiting a similar URL, as SOE explicitly states the legitimate login URL (http://auth.station.sony.com) in its press release.

With the explosion in online gaming popularity across diverse cross-sections of the general public in recent years, it's no surprise that account hacking is also on the rise, as gamers are no longer the tech-savvy demographic they once were. If you do suspect that your EQII or Station account has been compromised, you can email or chat live with SOE customer support.

MassivelySOE issues security alert for EQII and Station accounts originally appeared on Massively on Thu, 15 Jul 2010 22:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-hackaccount-securityEQ2EQIIEverQuest-2everquest-iihackingphishingscamsecurity-alertsoeSony-Online-EntertainmentThu, 15 Jul 2010 22:00:00 EST<![CDATA[A cautionary tale of account security in Club Penguin]]>http://massively.joystiq.com/2010/07/14/a-cautionary-tale-of-account-security-in-club-penguin/http://massively.joystiq.com/2010/07/14/a-cautionary-tale-of-account-security-in-club-penguin/http://massively.joystiq.com/2010/07/14/a-cautionary-tale-of-account-security-in-club-penguin/#commentsFiled under: , , ,

Many MMO gamers have children who are eager to jump into the online world but are unaware of the dangers that lurk there. While many kid-friendly MMOs have systems to guard children from unwelcome contact and identity theft, they still require the assistance of parents to teach their kids how to be safe in games.

The Ancient Gaming Noob's Wilhelm recently shared a cautionary tale involving his daughter, Club Penguin, and a breach of account security. Even though she was cautioned not to share a list of details with anyone in game, all it took was the offer of a special item to get her to give up her account name and password to a stranger. This resulted in a headache, as the account was banned, and Wilhelm went back and forth with Club Penguin to re-establish his daughter's account and security. In the end, he found that Club Penguin's security was just as questionable as his daughter's judgment, and passed this story along to the rest of us in an effort to guard our own young ones from this unfortunate event.

Considering that account security, personal identity and privacy are hot topics these days, we feel that this story is an eye-opener as to how far both game companies and families have to go to protect our loved ones from being exploited. You can read Wilhelm's full account over at The Ancient Gaming Noob.

MassivelyA cautionary tale of account security in Club Penguin originally appeared on Massively on Wed, 14 Jul 2010 10:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>accountAccount-Securityaccount-theftclub-penguindisneyfamily-mmoidentity-theftkid-friendlypasswordpersonal-identityprivacythe-ancient-gaming-noobwilhelmWed, 14 Jul 2010 10:00:00 EST<![CDATA[Final Fantasy XI accounts compromised]]>http://massively.joystiq.com/2010/06/08/final-fantasy-xi-accounts-compromised/http://massively.joystiq.com/2010/06/08/final-fantasy-xi-accounts-compromised/http://massively.joystiq.com/2010/06/08/final-fantasy-xi-accounts-compromised/#commentsFiled under: , , ,

With the highly anticipated June version update just around the corner, the last thing that Final Fantasy XI players want is something to distract them from the promise of wonderful things in the near future. But it's hard to ignore something as significant as a security breach, and that appears to be what has happened to the game. According to an official statement from Square-Enix, an external attack on their servers resulted in a potential compromise of some of the game's account information, although the statement was quick to point out that no payment information was violated.

That alone would be bad, but the actions taken by Square-Enix to inform players have been a bit haphazard, including prolonged outages of the North American customer service department. Many players have had their passwords reset, in some cases resulting in their accounts being outright locked with no way to regain access. Players are encouraged to check their email and ensure that they can still log in to the game as before, and to contact customer service if they're unable to log in to Final Fantasy XI or the PlayOnline service.

MassivelyFinal Fantasy XI accounts compromised originally appeared on Massively on Tue, 08 Jun 2010 18:30:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>accountaccount-securitycustomer-serviceffff11ffxifinal-fantasyfinal-fantasy-11final-fantasy-xisecuritysecurity-issueservice-departmentsquaresquare-enixTue, 08 Jun 2010 18:30:00 EST<![CDATA[GDC10: En Masse's Patrick Wyatt talks MMO security]]>http://massively.joystiq.com/2010/03/31/gdc10-en-masses-patrick-wyatt-talks-mmo-security/http://massively.joystiq.com/2010/03/31/gdc10-en-masses-patrick-wyatt-talks-mmo-security/http://massively.joystiq.com/2010/03/31/gdc10-en-masses-patrick-wyatt-talks-mmo-security/#commentsFiled under: ,

Security concerns in MMOs are nothing new. We all know the drill -- Don't share your account, avoid suspicious emails and sites, change your password regularly and so on. We go through all of that to keep our personal accounts safe, but what about the bigger picture?

Patrick Wyatt from En Masse looked over this very thing at GDC this year, explaining how issues like gold farming, account theft and even plain old griefing affects the MMO community at large. He began looking at the other side of the equation: the people causing these problems in the first place and what motivates them. Money is the main motivator, of course, but there is no shortage of attackers who are just doing it for kicks.

So as long as you protect your own account, it doesn't affect you, right? Wyatt addressed that false assumption as well, outlining the affect of each type of attack on the general gaming community and the game in question itself. Any event that affects the game and the community at large will of course affect every member of the community. So what's to be done? Game developers never stop working to stay ahead of "the enemy", and Wyatt illustrates quite a few possible solutions.

This slideshow certainly isn't only for those in the industry. It's very informative for any MMO player, so head over to playnoevil.com and take a look at the slideshow for yourself!

MassivelyGDC10: En Masse's Patrick Wyatt talks MMO security originally appeared on Massively on Wed, 31 Mar 2010 17:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-securityen-masse-entertainmentgdc-2010gdc2010patrick-wyattplaynoevilWed, 31 Mar 2010 17:00:00 EST<![CDATA[EVE Online devblog discusses account security]]>http://massively.joystiq.com/2010/03/10/eve-online-devblog-discusses-account-security/http://massively.joystiq.com/2010/03/10/eve-online-devblog-discusses-account-security/http://massively.joystiq.com/2010/03/10/eve-online-devblog-discusses-account-security/#commentsFiled under: , , ,

Every MMO suffers the horrors of gold spammers and EVE Online is no different. The RMT (Real Money Trading) industry is massive and EVE's developers CCP have waged a constant war against it in recent years. The PLEX initiative gave players a way to safely buy ISK for cash while at the same time helping players who couldn't afford their subscriptions pay with ISK. The result was a dramatic hit to the RMT market, who had to drop their prices to compete with a legitimate service replacing their own.

As part of Operation Unholy Rage in August of last year, EVE GMs also banned over 6200 accounts belonging to farmers known to be supplying the RMT industry. The effect on the market was instant, with the population in farmed mission systems like Ingunn disappearing overnight. Almost immediately, the farmers reacted with a spate of account hackings to claw back some ISK.

Continue reading EVE Online devblog discusses account security

MassivelyEVE Online devblog discusses account security originally appeared on Massively on Wed, 10 Mar 2010 23:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-hackaccount-hackingaccount-hacksAccount-Securitybanbansccpccp-eveccp-gameseveeve-ccpeve-mmorpgeve-onlinegm-grimmigold-spamgold-spammergold-spammingiskisk-sellerplexrmtspamspammersunholy-rageWed, 10 Mar 2010 23:00:00 EST<![CDATA[The Daily Grind: Locked out]]>http://massively.joystiq.com/2010/02/20/the-daily-grind-locked-out/http://massively.joystiq.com/2010/02/20/the-daily-grind-locked-out/http://massively.joystiq.com/2010/02/20/the-daily-grind-locked-out/#commentsFiled under: , ,


You don't really know the value of account security until it fails you. Or, more accurately, you don't think at all about entering your password until that day when you type it in... and it doesn't work. You double-check it, and it still doesn't work. You don't know if you somehow forgot it, or if you've gotten hacked, or what the issue is... but suddenly playing the game becomes impossible. And suddenly, something as trivial as going in and doing your obnoxious dailies seems like it's an urgent matter.

In the best-case scenario, you just forgot the correct password and it can be fixed fairly easily. In the worst-case scenario, you look and find that the recovery e-mail is an address you haven't used in years that no longer functions, and all of your contact information is completely wrong. Because who needs all of that, right? Except that you do now, and you're left kicking yourself for not thinking it through at the time.

Have you ever found yourself on the wrong end of getting locked out of an account? What happened? Were you angry, upset, or just ambivalent? Tell us your story, because for better or worse, we've all had to wrestle with security at some point.

MassivelyThe Daily Grind: Locked out originally appeared on Massively on Sat, 20 Feb 2010 08:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityaccountscontactlocked-outpassword-errorspasswordssecuritytdgthe-daily-grindSat, 20 Feb 2010 08:00:00 EST<![CDATA[AionSource.com compromised, e-mails possibly leaked to hackers]]>http://massively.joystiq.com/2010/01/29/aionsource-com-compromised-e-mails-possibly-leaked-to-hackers/http://massively.joystiq.com/2010/01/29/aionsource-com-compromised-e-mails-possibly-leaked-to-hackers/http://massively.joystiq.com/2010/01/29/aionsource-com-compromised-e-mails-possibly-leaked-to-hackers/#commentsFiled under: , , , ,

Yesterday we reported that a wide number of e-mail password phishing scams were being sent out to Aion users. Today, AionSource.com has sent out an e-mail announcement to all of their users that this new wave of scams may have been due to a hacking attack on their website.

Knite Shadowbane, administrator of AionSource, has posted that AionSource.com had been under hacker attack five days ago on the 24th of January. The staff has since cleared the attack and has proceeded to beef up their security, but today's e-mail to all AionSource members warns that their database could have been used for these phishing scams. So, if you are a member of AionSource, keep an eye out for any unusual e-mails coming your way.

Even if you aren't a member, always remember to check the source of any e-mails coming to you that request for you to "access your account" or "confirm your password" or require you to log into an unverified source.

Knite has also posted a handy guide to securing your account, such as changing your password and installing anti-virus software.

MassivelyAionSource.com compromised, e-mails possibly leaked to hackers originally appeared on Massively on Fri, 29 Jan 2010 16:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-securityaionaionsourceaionsource.combreakinge-mail-scamhackingkniteknite-shadowbanencsoftpassword-securityphishingscamsecuritywebsite-hackwebsite-securityFri, 29 Jan 2010 16:00:00 EST<![CDATA[Aion players: Watch your e-mails for scams]]>http://massively.joystiq.com/2010/01/28/aion-players-watch-your-e-mails-for-scams/http://massively.joystiq.com/2010/01/28/aion-players-watch-your-e-mails-for-scams/http://massively.joystiq.com/2010/01/28/aion-players-watch-your-e-mails-for-scams/#commentsFiled under: , ,

Keeping your password for your favorite game safe is always a top priority. No one wants to have their accounts hacked or have their passwords lost to someone who's willing to sell all of their items for gold, kinah, or what have you.

So today, as a friendly public service announcement, we here at Massively would like to remind you to make sure you double and triple check any correspondence that looks like it comes from NCsoft or your favorite game company. Today we've received an e-mail telling us that our Aion account password had been changed, and if it wasn't us that we needed to go to the NCsoft master account site and change it back.

We can guarantee you that the link provided was not for NCsoft's account management, but a phishing scam. While the scam letter was pretty obvious, always be wary of e-mails you don't anticipate. If you think there's something wrong, don't click any links in the e-mail -- instead go to your account management website directly to check on your account.

MassivelyAion players: Watch your e-mails for scams originally appeared on Massively on Thu, 28 Jan 2010 22:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityaione-mail-scamhackingncsoftncsoft-master-accountpasswordsphishingpublic-service-announcementsecurityThu, 28 Jan 2010 22:00:00 EST<![CDATA[Aion's community address for January]]>http://massively.joystiq.com/2010/01/22/aions-community-address-for-january/http://massively.joystiq.com/2010/01/22/aions-community-address-for-january/http://massively.joystiq.com/2010/01/22/aions-community-address-for-january/#commentsFiled under: , , , , ,

Approaching the end of the month means it's time for another Aion community address. It's reliable enough to set your watch by, assuming your watch runs in one-month increments of time. This address promises an increased number of double experience weekends, with one currently running to help players accelerate their leveling. It also promises that character re-customization and gender changing services are on the horizon for players who would like said services, and briefly discusses the need for ongoing improvement in the website. There's a scarcity of hard facts, however, beyond a promise that some of these features should be available in early February.

If you were guessing that the community seems a bit... unhappy about this, you'd be guessing right. The comments for this particular entry already stretch into the triple digits, with several players calling for server merges and additional content. It also has no mention about the recent security issues that NCsoft has been contending with, a somewhat sore point for several players. Coupled with the January Eye On Community, the natives seem to be getting a tad restless, especially with no news on the many features previewed in the Visions trailer. We're sure that Aion's team is hard at work, but the fan community seems a bit less docile than before.

MassivelyAion's community address for January originally appeared on Massively on Fri, 22 Jan 2010 18:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-securityaionaion-community-addressaion-the-tower-of-eternitycharacter-customizationcommunity-addressdouble-exp-weekeddouble-experiencegender-changencsoftsecurityvisions-trailerFri, 22 Jan 2010 18:00:00 EST<![CDATA[NCsoft's Game Survelliance Unit speaks out on account security]]>http://massively.joystiq.com/2010/01/20/ncsofts-game-survelliance-unit-speaks-out-on-account-security/http://massively.joystiq.com/2010/01/20/ncsofts-game-survelliance-unit-speaks-out-on-account-security/http://massively.joystiq.com/2010/01/20/ncsofts-game-survelliance-unit-speaks-out-on-account-security/#commentsFiled under: ,

The extra attention to security measures at NCsoft continues, with the latest being a message on the Aion site from Scott Jennings (GM Luminary) of NCsoft's Game Surveillance Unit.

The point of the message is to make sure the players understand what a large, aggressive business the RMT market is. There is a huge amount of money on the line, and those involved are working very hard to make sure the profits keep rolling in. Jennings explained what NCsoft views as their job in this fight and what they've been doing on their end, even detailing a few specific examples of security testing.

The message continued with a much longer list: what players can do on their end to protect themselves. While much of it may seem obvious to veteran players, with account security attacks becoming ever more frequent and aggressive, it's a pretty good idea for everyone to read through what Jennings has to say, and be sure you're protecting yourself as much as you can.

MassivelyNCsoft's Game Survelliance Unit speaks out on account security originally appeared on Massively on Wed, 20 Jan 2010 16:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>Account-Securityaionguild-warsncsoftrmtscott-jenningsWed, 20 Jan 2010 16:00:00 EST<![CDATA[Confessions of a gold scammer and identity thief]]>http://massively.joystiq.com/2010/01/19/confessions-of-a-gold-scammer-and-identity-thief/http://massively.joystiq.com/2010/01/19/confessions-of-a-gold-scammer-and-identity-thief/http://massively.joystiq.com/2010/01/19/confessions-of-a-gold-scammer-and-identity-thief/#commentsFiled under: , , ,

"We have met the enemy and he is us." The player identified as "Patrick" is not the malevolent monstrosity we'd like to see. Nor is he a victim of circumstance, at that. He acts for all the world like a perfectly normal gamer, and if you didn't know he'd scammed between $10,000 and $20,000 in a year of reprehensible behavior, you certainly wouldn't be able to guess. That's what makes a video interview with him, mirrored and annotated at PlayNoEvil and originally recorded by Marcus Eikenberry, so odd on many levels.

The full interview lasts thiry-eight minutes, which makes it a bit long for casual viewing. The article which mirrors the video notes some of the highlights, including when he almost breathlessly exhorts the moment he realized that there was nothing in PayPal's EULA that prevented him from not transferring his EVE Online account to a purchaser on Craigslist.

His rationalizing of the actions include the loss of his job and financial instability, even as he begins the interview explaining how he would scam players in both EVE Online and World of Warcraft for fun. His words are unsettling, but what makes them all the more eerie is the fact that without the foreknowledge... there's no way to tell his voice from any of ours. When you have the time, the whole interview is well worth looking at if you're at all interested in account security and the culture of scammers.

MassivelyConfessions of a gold scammer and identity thief originally appeared on Massively on Tue, 19 Jan 2010 10:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-securityaccount-theftcon-manconfidence-gamecraigslisteveeve-onlinepatrickpaypalplaynoevilscammerscamsworld-of-warcraftwowTue, 19 Jan 2010 10:00:00 EST<![CDATA[CEO of SecurePlay discusses account security]]>http://massively.joystiq.com/2010/01/18/ceo-of-secureplay-discusses-account-security/http://massively.joystiq.com/2010/01/18/ceo-of-secureplay-discusses-account-security/http://massively.joystiq.com/2010/01/18/ceo-of-secureplay-discusses-account-security/#commentsFiled under: , ,

Anyone even slightly in touch with the MMO community is aware that account security has been an even bigger concern than usual for the past few months. While it's more in the forefront of everyone's mind these days, it's important to remember that this isn't a brand new problem. It's very important for people on both sides of a game -- both the player side and the development side -- to work to make player accounts as safe as possible.

Steven Davis, CEO of SecurePlay and the mind behind PlayNoEvil, has been watching the events with interest and spent some time recently talking to us about his take on the situation as well as overall account security. Follow along after the jump and see what he had to say.

Continue reading CEO of SecurePlay discusses account security

MassivelyCEO of SecurePlay discusses account security originally appeared on Massively on Mon, 18 Jan 2010 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>Account-Securityaccount-theftaionarenanetblizzardfeaturedgold-farmersgold-fraudersguild-warshackinginterviewjohn-smedleyncsoftplaynoevilprotecting-gamessecureplaysteven-davisworld-of-warcraftMon, 18 Jan 2010 13:00:00 EST<![CDATA[January Eye on Community promises more for 2010 in Aion]]>http://massively.joystiq.com/2010/01/11/january-eye-on-community-promises-more-for-2010-in-aion/http://massively.joystiq.com/2010/01/11/january-eye-on-community-promises-more-for-2010-in-aion/http://massively.joystiq.com/2010/01/11/january-eye-on-community-promises-more-for-2010-in-aion/#commentsFiled under: , ,

The latest Eye on Community from Aion team member Andrew "Tamat" Beegle covers two of the biggest issues in player's minds these days: the recent account security breaches, and upcoming new content.

This month's player question was, "A lot of players are wondering about the future development of Aion. Since the Aion Vision Trailer we haven't heard anything." Tamat does mention that something as big as the Vision trailer will naturally lead fans to expect something concrete, and promises a "significant amount of content" this year brought to the game through several updates.

He also addressed the continuing security concerns, reminding players to take what steps they could to protect themselves on their end. Check out the first Eye on the Community for 2010 here.

MassivelyJanuary Eye on Community promises more for 2010 in Aion originally appeared on Massively on Mon, 11 Jan 2010 09:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityaionaion-vision-trailerandrew-beegleeye-on-the-communityncsoftMon, 11 Jan 2010 09:00:00 EST<![CDATA[City of Heroes offers a reminder on account security]]>http://massively.joystiq.com/2010/01/06/city-of-heroes-offers-a-reminder-on-account-security/http://massively.joystiq.com/2010/01/06/city-of-heroes-offers-a-reminder-on-account-security/http://massively.joystiq.com/2010/01/06/city-of-heroes-offers-a-reminder-on-account-security/#commentsFiled under: , , , ,

NCsoft hasn't been having an easy start to the year, at least not in the eyes of security-minded players. The entire Guild Wars security question recently came to a head with suspicions and accusations that the flaw was something wrong with NCsoft's account management, a black eye if ever there was one. Of course, that raises questions about not just Guild Wars, but any game under the company's aegis, which includes City of Heroes. So it should come as little surprise that a reminder about account security has recently been posted on the official site.

The reminder itself is fairly standard boilerplate, reminding everyone to avoid giving out their account information to any other players, only log in from secure locations, and so forth. It also addresses the issue at hand in a roundabout fashion, mentioning that they found no malicious workarounds after investigating "current claims." However, the very next line mentions that they have added more robust logging and security procedures, which can lead to the obvious conspiracy theories. With fewer items to be traded than many other games, City of Heroes has a smidge more built-in security -- but a little extra reminder and caution never hurts.

MassivelyCity of Heroes offers a reminder on account security originally appeared on Massively on Wed, 06 Jan 2010 20:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-issuesaccount-securitycity-of-heroescity-of-villainscohcovcoxexploitsguild-warsgwncsoftsecurity-breachsecurity-issuesWed, 06 Jan 2010 20:00:00 EST<![CDATA[Potential smoking gun found for Guild Wars security issues]]>http://massively.joystiq.com/2010/01/02/potential-smoking-gun-found-for-guild-wars-security-issues/http://massively.joystiq.com/2010/01/02/potential-smoking-gun-found-for-guild-wars-security-issues/http://massively.joystiq.com/2010/01/02/potential-smoking-gun-found-for-guild-wars-security-issues/#commentsFiled under: , , , ,

It started as a surprise. Guild Wars players reported suddenly finding themselves hacked, their accounts cleaned out, no indication of what could have caused the problem. NCsoft and ArenaNet offered suggestions, security safeguards, new measures being taken, hints that the problem lay in a popular third-party website with an undisclosed name. But with the recent rash of problems that Aion players have been having regarding security, new facts have begun coming to light, and they paint a picture that isn't pretty.

Specifically, some players seem to be finding that it doesn't take any skill to wind up hacking someone's account accidentally. And all it takes is a few log-in attempts to find yourself with access to someone's account name, password, and billing information for all of a player's NCsoft games.

Continue reading Potential smoking gun found for Guild Wars security issues

MassivelyPotential smoking gun found for Guild Wars security issues originally appeared on Massively on Sat, 02 Jan 2010 10:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-exploitsaccount-securityaionarenanetbreaking-newsgaile-grayguild-warsgwhackingncsoftregina-buenaobrasecurity-breachsecurity-issuesSat, 02 Jan 2010 10:00:00 EST<![CDATA[NCsoft taking first visible steps to improve security]]>http://massively.joystiq.com/2009/12/23/ncsoft-taking-first-visible-steps-to-improve-security/http://massively.joystiq.com/2009/12/23/ncsoft-taking-first-visible-steps-to-improve-security/http://massively.joystiq.com/2009/12/23/ncsoft-taking-first-visible-steps-to-improve-security/#commentsFiled under: , , , ,

Back at the end of November, we talked about the ongoing security issues affecting Guild Wars players. ArenaNet has been assuring players that they are working hard on the problem, and Monday evening the community saw the first fruits of that labor. Players saw a message in their chat windows that most of them have never seen before: "The Guild Wars servers will be taken offline momentarily for required maintenance."

It was a quick change, but once it happened, players logging in saw a surprising addition to the login screen. Besides the usual username and password combination, you now have to correctly enter the name of any character on your account before you are able to log in.

ArenaNet posted a FAQ on their site along with the update and Community Manager Regina Buenaobra interacted heavily with the community immediately afterward, logging in to Guild Wars to discuss the change with players (and presumably be asked a few hundred questions about Guild Wars 2.) She also spent time on the main fan forum sites, addressing concerns, clarifying the reasoning behind some decisions, and passing some well-deserved thanks from players on to the ANet team.

While not everyone is satisfied -- and when are they ever? -- this first step is a very welcome one to most players, and we look forward to seeing more.

MassivelyNCsoft taking first visible steps to improve security originally appeared on Massively on Wed, 23 Dec 2009 18:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>Account-Securityarenanetguild-warsgwhackingncsoftregina-buenaobraWed, 23 Dec 2009 18:00:00 EST<![CDATA[Guild Wars account security issues continue]]>http://massively.joystiq.com/2009/11/30/guild-wars-account-security-issues-continue/http://massively.joystiq.com/2009/11/30/guild-wars-account-security-issues-continue/http://massively.joystiq.com/2009/11/30/guild-wars-account-security-issues-continue/#commentsFiled under: , , , ,

If you play Guild Wars, you're undoubtedly a little paranoid about your account these days. Back in mid-October, posts on forums and wiki pages began popping up, all with a similar theme: "I've been hacked."

These incidents quickly gained attention in the Guild Wars community because of the very similar methods used and rapid succession of the incidents. Before long ArenaNet staff had stepped in to assure players they were aware, concerned, and working on it, and were able to release a bit of information. Support Liaison Gaile Gray revealed that "one of the trading sites associated with Guild Wars may have experienced a security breach and its account database (including user names and passwords) may be in the hands of hackers." The statement predictably invited extensive speculation, but at least told players that ArenaNet was making progress in their search.

For the time being, ArenaNet continues to work on the problem and players continue to get their accounts looted. (As of this writing the most recent reported incident was Sunday.) The issue continues to be widespread, with one alliance reporting at least eleven members hacked. It probably goes without saying, but while ANet sorts things out players can lower their risk a bit by changing their passwords and taking another look at the account security suggestions, if they haven't already.

Best of luck to ArenaNet in solving the problem soon!

MassivelyGuild Wars account security issues continue originally appeared on Massively on Mon, 30 Nov 2009 11:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>account-securityarenanetgaile-grayguild-warsgwhackingMon, 30 Nov 2009 11:00:00 EST<![CDATA[Microsoft warns users of worm that targets MMO players]]>http://massively.joystiq.com/2009/11/04/microsoft-warns-users-of-worm-that-targets-mmo-players/http://massively.joystiq.com/2009/11/04/microsoft-warns-users-of-worm-that-targets-mmo-players/http://massively.joystiq.com/2009/11/04/microsoft-warns-users-of-worm-that-targets-mmo-players/#commentsFiled under: , , ,

Remember how we always tell you to remain vigilant against malicious programs that can compromise your MMO account's security? Well, it seems we now have more reason to remain vigilant.

Microsoft's latest security intelligence report covers the resurgence of worm type viruses and specifically mentions one that targets MMO players -- Taterf. As a worm, Taterf attempts to divine the user's account name and password through keystroke logging, reading the active memory, and even injecting itself into the game client. Either way, by the end of it, you end up naked and goldless. Hrm, we wonder if Taterf has been masquerading itself as our last girlfriend.

Continue reading Microsoft warns users of worm that targets MMO players

MassivelyMicrosoft warns users of worm that targets MMO players originally appeared on Massively on Wed, 04 Nov 2009 12:30:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments]]>account-securitybreakingkeyloggermicrosoftnot-tateru-ninopostload-of-innuendosecurity-warningtaterfviruswe-love-tateru-ninowormWed, 04 Nov 2009 12:30:00 EST