Massively

Blizzard denies Diablo III authenticator hacking claims

Justin Olivetti — Tue, 22 May 2012 17:00:00 EST

Filed under: Fantasy, Launches, Legal, Diablo III

We've been following the mass reports of hackers bypassing passwords and authenticators to rob Diablo III accounts blind, and now we have a new twist on the story. While Blizzard confirmed "an increase in reports of individual account compromises," the studio says it has no hard evidence that hackers have found a way to skirt around the authentication system.

Community Manager Bashiok said that the company is taking the claims "extremely seriously" and is investigating the rash of account compromises. "Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password," he said. "While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand."

Blizzard is assisting compromised customers by restoring stolen items and rolling back their accounts. The studio has a post up on its forums to help players protect their accounts and get assistance if theft occurs.

Blizzard denies Diablo III authenticator hacking claims originally appeared on Massively on Tue, 22 May 2012 17:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Trion Worlds customer database hacked, 'no evidence' credit card info stolen

Justin Olivetti — Thu, 22 Dec 2011 22:00:00 EST

Filed under: Fantasy, MMO industry, Legal, RIFT, Miscellaneous

Trion Worlds has become the latest in a long string of MMO studio security breaches this year, as the company reported an intrusion into its customer database. At risk of compromise were customers' user names, passwords, birthdates, email and billing addresses, and partial credit card info. However, the company states that "there is no evidence" that full credit card numbers were stolen at this time.

In a message posted on the Trion Worlds website, the company promises that it is both researching the intrusion and taking steps to increase security. As part of this, all RIFT players will be asked to change passwords and security questions, and their mobile authenticators will need to be reconnected.

The company urges customers to watch their bank statements for questionable activity, and provides customers with resources to get a free credit report and putting a freeze on credit reports.

To compensate customers for the issue, Trion is providing all RIFT players with three extra days of gaming time and a Moneybags' Purse that increases all money looted by 10% in-game.

[Thanks to everyone who sent this in!]

Trion Worlds customer database hacked, 'no evidence' credit card info stolen originally appeared on Massively on Thu, 22 Dec 2011 22:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Square Enix Members server hacked, personal info possibly compromised

Justin Olivetti — Wed, 14 Dec 2011 08:30:00 EST

Filed under: MMO industry, Legal, Miscellaneous

Square-Enix has sounded the klaxons and let out the guard dogs in response to an "unauthorized access" on one of its Square Enix Members servers. The web service was taken offline in North America and Japan while the company investigates the situation and determines how serious the problem is.

Fortunately, it doesn't appear as if credit card information is at stake, although some users' personal information may be:

We are assessing the full extent of this potential breach to determine what data, if any, was compromised and will provide more details as soon as possible. While some personal information may have been accessed, we can confirm that there is no possibility of any credit card information leak from this incident, since the server in question stores no credit card information. We estimate that the suspension will continue for a few days until we complete our investigation and counter-measures. We will update you as we learn more.

Square Enix Members is a loyalty program that dishes out rewards in exchange for players who register Square-Enix games with the service. The website does store users' names, addresses, usernames, and passwords.

Square Enix Members server hacked, personal info possibly compromised originally appeared on Massively on Wed, 14 Dec 2011 08:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

MapleStory breached, 13 million accounts exposed

Justin Olivetti — Sat, 26 Nov 2011 18:00:00 EST

Filed under: Fantasy, MapleStory, MMO industry, Free-to-play, Legal

The famously hacked Sony has a sympathetic shoulder this week, as Nexon recently discovered a massive breach that's exposed over 13 million MapleStory player accounts to cyber ne'er-do-wells. Discovered this past Thursday, the breach was solely limited to South Korea, as Nexon hosts separate countries on their own servers.

This means that any South Korean MapleStory player's information is at risk, including user IDs, names, passwords, and residential registration numbers. This information could potentially be stolen and used for a variety of crimes.

While there's been no word whether actual personal information has been stolen, Nexon nevertheless urged these 13+ million subscribers to change their passwords. The company has contacted the police to ask for a formal investigation.

This comes at an unfortunate time for the company, as Nexon is poised to present its IPO on the Tokyo Stock Exchange in December.

MapleStory breached, 13 million accounts exposed originally appeared on Massively on Sat, 26 Nov 2011 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Gabe Newell confirms Steam security compromise

Matt Daniel — Thu, 10 Nov 2011 18:15:00 EST

Filed under: News items, Miscellaneous

A few days ago we reported that Valve's Steam forum security had been compromised. A letter from Valve head-honcho Gabe Newell today confirms this fact and reveals that the intruders also gained access to a Steam database that contained a ton of personal information, such as usernames, encrypted passwords, email addresses, and encrypted credit card information. Newell adds that there is currently no evidence that any of that information was actually taken by the intruders or that credit card numbers or passwords were cracked.

Steam users will be required to change their forum passwords when the forums are opened back up. While the company claims that no Steam accounts have been compromised, if your forum password was the same as your account password, a change would likely be a good idea.

Gabe Newell confirms Steam security compromise originally appeared on Massively on Thu, 10 Nov 2011 18:15:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Valve's Steam forum security compromised

Jef Reahard — Mon, 07 Nov 2011 17:00:00 EST

Filed under: MMO industry, News items, Miscellaneous

Valve is the latest gaming company to suffer a security breach during the hackathon that is the year 2011. What's that got to do with MMOs, you say? Well, the company's Steam digital download service offers access to a ton of our favorite virtual worlds, and it has thus far seemed relatively secure.

Kotaku reports that the Steam forums were hacked last night, with the paper trail leading to a cracker website known as Fknowned.com. The gentlemen in question are of course denying all responsibility for the mischief, and thus far Valve has offered no comment on the situation. It's worth noting that the Steam forum account info is separate from the actual Steam service account info, but it's also likely that some users employ identical sets of credentials. We'll keep you posted as we learn more.

Valve's Steam forum security compromised originally appeared on Massively on Mon, 07 Nov 2011 17:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Order & Chaos security compromised, accounts hacked

Matt Daniel — Wed, 19 Oct 2011 15:00:00 EST

Filed under: Fantasy, MMO industry, News items, Free-to-play, Mobile

Bad news for Order & Chaos Online players today. It would appear that the popular mobile MMO from Gameloft is suffering from some security issues resulting in a number of players' accounts being compromised.

The issue seems to be stemming from two major holes in the game's security. There is reportedly an exploit with Gameloft's website which allows players to change another player's password, and usernames and passwords are sent between the client and server in plain text, which makes it a breeze for anyone with the smarts to run interception. Hopefully these issues will be fixed soon, but until then, stay tuned in the event that more develops.

[Thanks to Andrew for the tip!]

Order & Chaos security compromised, accounts hacked originally appeared on Massively on Wed, 19 Oct 2011 15:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Hackers compromise 33,000 SOE accounts

Justin Olivetti — Wed, 12 Oct 2011 07:00:00 EST

Filed under: MMO industry, Legal, Miscellaneous

Sony's hacking woes continue today, as intruders today have attempted -- and, in some cases, succeeded -- to access the giant corporation's accounts. Chief Information Security Officer Philip Reitinger posted a letter on several SOE forums informing players that their accounts may have been compromised.

The good news is that less than 0.1% of Sony's entire playerbase has been affected. The bad news is that that leaves around 33,000 SOE players -- in addition to Sony Entertainment Network and PlayStation Network customers -- whose accounts were hacked. Following the intrusion, Sony temporarily locked the accounts and is investigating the situation.

"Only a small fraction of these 93,000 accounts showed additional activity prior to being locked," Reitinger said. He assured customers that credit card numbers were not leaked and that any purchases made during this intrusion will be restored. SOE customers with locked accounts will receive an email with instructions on how to validate their credentials and restore their service.

Hackers compromise 33,000 SOE accounts originally appeared on Massively on Wed, 12 Oct 2011 07:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Fighting the EverQuest hacking wildfire

Justin Olivetti — Thu, 06 Oct 2011 13:00:00 EST

Filed under: Fantasy, EverQuest, Bugs

While hacking and botting may not be a source of frustration to you in your daily MMO, to the denizens of EverQuest, it is a real and ever-present headache. In what is already not the easiest MMO on the planet, players are experiencing an onslaught of hackers who go out of their way to ruin the fun for everyone.

In a three-part series, Ten Ton Hammer exposes the systematic problem of rampant hacking in the game, especially on the new progression servers. While guilds are doing their part to crack down on hackers in their midst, it doesn't seem to be enough to stem the flow, especially as with a much smaller team in place these days.

Ultimately, fighting this problem does not seem to be SOE's current priority. EQ Producer Thom Terazzas addressed the issue of hacking by saying, "The expansion is something that we're really focused on right now. That has gotten, I would say, 80 percent of the focus here. So doing anything that dramatically combats the hacking is something that we would really like to do, but it is not something we've been able to do."

Terazzas followed that up by talking with the Customer Service team and promised that the hackings will receive higher priority once the expansion crunch is over. In the meantime, he urged players to file reports with CS if hacking was observed.

Fighting the EverQuest hacking wildfire originally appeared on Massively on Thu, 06 Oct 2011 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Star Wars Galaxies fan site hacked, 23K passwords stolen

Justin Olivetti — Wed, 31 Aug 2011 11:30:00 EST

Filed under: Sci-fi, News items, Star Wars Galaxies, Legal, Miscellaneous

Talk about kicking a game's community when it's down.

VentureBeat reports that Star Wars Galaxies.net, a major SWG fan site, was hacked yesterday. Star Wars Galaxies.net is part of a LucasArts fan site network, and apparently was not being actively maintained, as the last update was in June of 2009. Still, over 21,000 email addresses and 23,000 passwords were stolen -- some of which could lead to identity theft, according to authorities.

The hack was perpetrated by ObSec, a small group in the vein of LulzSec. The hackers posted the email addresses and passwords online for all to see. Analysis of the passwords found that 71% were relatively weak and easy to crack anyway.

Some Star Wars Galaxies players may see this as an unfortunate echo of the much larger Sony hack that happened earlier this year. We at Massively urge any players who have used this fan site to make sure that they change their passwords elsewhere as well.

Star Wars Galaxies fan site hacked, 23K passwords stolen originally appeared on Massively on Wed, 31 Aug 2011 11:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Scott Hartsman says gold farming hurts our games more than we know

Justin Olivetti — Thu, 21 Jul 2011 13:30:00 EST

Filed under: MMO industry, Legal, Miscellaneous

Gold buying is one of those aspects of MMO culture that is seemingly universally denounced, yet enough people partake in the practice to keep the wheels of this grey market activity going. Scott Hartsman may be saying the obvious when he denounced gold farming and selling to Gamasutra, but apparently it is still something we need to hear.

The Trion Worlds general manager shared a glimpse of just how hard these activities hit games, and how concerned he and other studio execs are about the proliferation of credit card fraud that results: "It's those kinds of things where people laugh and go, 'Oh, that never happens.' No. It happens. It happens a s**tload. To the point where, over the last three or four years, I would dare anybody to ask an exec at a gaming company how much they've had to pay in MasterCard and Visa fines, because of fraud. It happens a lot."

According to Hartsman, the more these events take place, the more money studios spend on paying fines and dealing with them instead of reinvesting funds into the games themselves -- all because of the "jerks" perpetuating the crimes.

Scott Hartsman says gold farming hurts our games more than we know originally appeared on Massively on Thu, 21 Jul 2011 13:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Talking Sony and identity protection with LifeLock

Justin Olivetti — Tue, 10 May 2011 09:00:00 EST

Filed under: Interviews, MMO industry, Miscellaneous

As Sony continues to struggle to restore service to both the PlayStation Network and Sony Online Entertainment's MMOs following a hacking intrusion that resulted in millions of customer identities being compromised, players are understandably concerned about how secure their information is with similar companies.

Even though Sony promised to provide a year's worth of identity theft protection for affected customers, part of the responsibility for safeguarding against such theft lies with us. As such, we spoke with Mike Prusinski, the Senior Vice President of Corporate Communications for LifeLock, an identity theft protection service. We asked him about what we should be doing to protect our identities online -- and what Sony could have done better in the first place.

Massively: What are the most common ways that people have their identities stolen?

Mike Prusinski: Though there are no statistics that point to one way over another, consumers get their personal information lost through stolen laptops, hackers, stolen mail, trash, skimming devices, scams (email, phone calls and personal visits), peer-to-peer networks and public websites.

Continue reading Talking Sony and identity protection with LifeLock

Talking Sony and identity protection with LifeLock originally appeared on Massively on Tue, 10 May 2011 09:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

SOE takes services offline due to serious issue

Justin Olivetti — Mon, 02 May 2011 09:30:00 EST

Filed under: MMO industry, News items, Miscellaneous

This Monday morning, Sony Online Entertainment customers are waking up to discover that all of their games' services are down. Apparently, the company has discovered a serious issue while following up with the previous weeks' hacker intrusion and is taking steps to rectify it.

The Station.com posted the following notice:

Dear valued SOE Customers,

We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants enough concern for us to take the service down effective immediately. We will provide an update later today (Monday).

We'll update this story as it develops.

SOE takes services offline due to serious issue originally appeared on Massively on Mon, 02 May 2011 09:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

PlayStation Network credit card info appears to be safe: 'No unauthorized activity relating to Sony'

Justin Olivetti — Thu, 28 Apr 2011 17:30:00 EST

Filed under: MMO industry, Legal, Miscellaneous

It looks like the beleaguered Sony finally caught a break. The company, which has struggled for over a week following a hacker attack that stole massive amounts of player information, says that it looks as though user credit card information remains secure and encrypted. It turns out that Sony had encrypted some personal info but not all of it.

Gamespot also reports that several financial companies, including MasterCard, WellsFargo and American Express, have witnessed "no unauthorized activity relating to Sony."

Sony's Patrick Seybold passed along the positive news: "The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."

Sony's PlayStation Network is still offline while it's rebuilt with a higher level of security. The company saw its shares drop 4.5% today on the Tokyo exchange to $27.71.

PlayStation Network credit card info appears to be safe: 'No unauthorized activity relating to Sony' originally appeared on Massively on Thu, 28 Apr 2011 17:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

The Daily Grind: Do you trust MMO companies after the Sony debacle?

Justin Olivetti — Thu, 28 Apr 2011 08:00:00 EST

Filed under: Culture, MMO industry, Opinion, The Daily Grind, Legal, Miscellaneous

It's hard to believe that it's been over a week after a major intrusion into the PlayStation network, and Sony is still trying to put the pieces back together. Many customers were dismayed to hear that their private information was compromised by the attack.

Free Realms and DC Universe Online players are among those who have to feel shaken up at the revelation that Sony wasn't the impregnable fortress they perhaps hoped. It's unsettling to realize just how much personal info you hand over to these companies -- your name, address, birthday, credit card information, passwords -- when that info could be grabbed by hackers.

In light of the Sony debacle, do you still trust MMO companies with this information, or has it made you think twice about the corporations to which you're handing the keys to your life?

Every morning, the Massively bloggers probe the minds of their readers with deep, thought-provoking questions about that most serious of topics: massively online gaming. We crave your opinions, so grab your caffeinated beverage of choice and chime in on today's Daily Grind!

The Daily Grind: Do you trust MMO companies after the Sony debacle? originally appeared on Massively on Thu, 28 Apr 2011 08:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Player identifies "huge security hole" in RIFT's authentication system, Trion seals it

Justin Olivetti — Sat, 19 Mar 2011 13:00:00 EST

Filed under: Fantasy, Game mechanics, Rumors, RIFT

Hacking and account hijacking have been severe issues for RIFT ever since launch, even though Trion Worlds anticipated the onslaught from the beginning. Yesterday we saw Trion implement the so-called Coin Lock patch to prevent hackers from selling other players' items in-game, which some see as a novel (partial) solution to the problem.

However, this may not be enough to stop the truly malicious invaders from getting into RIFT accounts. One player, identified as "ManWitDaPlan" on the forums, claims to have circumvented the account login completely, leaving a "huge security hole" for hackers to exploit:

"I have verified the authentication system can be bypassed by successfully logging into another account without needing its credentials. Worse, all it took was about thirty seconds of time once I got all of the details locked down. I did trigger Coin Lock, but I was fully able to access that handy delete-character button, so this exploit is a griefer's dream. I will not post details on how to do this (so don't ask), but I'm positive that I can reproduce this at will and likely on any account on the system."

Later in the thread, a Trion representative added: "We have some things in the works right now and have been passing on your feedback, concerns, and thoughts throughout the day (no matter how radical or unlikely). Sharing sensitive information about our actions (no matter how broad) naturally also informs those carrying out these attacks. This puts us in a tight spot with how much information we can provide, and the questions we can answer."

And it looks as though the problem may be fixed, as ManWitDaPlan posted late last night: "Got word back from Steve Chamberlin, the development lead for Rift. This hole is sealed."

Player identifies "huge security hole" in RIFT's authentication system, Trion seals it originally appeared on Massively on Sat, 19 Mar 2011 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Turbine upgrades LotRO's compromised account reimbursement policy

Justin Olivetti — Sat, 26 Feb 2011 20:00:00 EST

Filed under: Fantasy, Lord of the Rings Online, Free-to-play, Legal

Account security is a worrysome topic in Lord of the Rings Online these days, especially following a reported rise in hacks and thefts among the playerbase. A couple months ago Codemasters implemented a stronger policy to help players recover lost property, a direction that Turbine followed yesterday when it revised its compromised account reimbursement policy.

Sapience announced on the LotRO forums that this policy is significantly updated and expanded from the old one. Now when a player's account is hacked, Turbine gives a seven-day window to report the issue, during which the company can restore "most" of the lost items and compensate players for items that cannot be replaced. This, however, is not a true rollback and does not cover accounts compromised before February 24th.

Turbine also reassured players that the studio is making it much tougher for unauthorized intruders to delete or sell rare items like raid gear, which should add another layer of protection from losing one's goods.

Turbine upgrades LotRO's compromised account reimbursement policy originally appeared on Massively on Sat, 26 Feb 2011 20:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

You are the navigator: China developing motion-sensing MMO

Justin Olivetti — Tue, 22 Feb 2011 10:00:00 EST

Filed under: Game mechanics, MMO industry, New titles, Miscellaneous

MMO players are always looking for games that provide deeper, more immersive experiences to draw us into the game world and keep us there. China, one of the world's largest MMORPG markets, is attempting to forge ahead with the next evolution of immersive gameplay by combining online games with motion-sensing controls.

Jin Gang Network is developing Land of Lords Online, an MMO that promises to allow players to explore the world and control their characters via a Kinect-like device. Without touching a physical controller or keyboard, a person can instruct his avatar to move, kill and cast spells in the game. Although details on the project are scant at this point, the company says that it will be releasing a video next month to show how the game's technology works.

Whether motion-sensing controls are the next true gaming interface or just an odd fad, China isn't the only place where a marriage between MMOs and such devices is being explored. Students from the University of Southern California hacked a Kinect to interface with World of Warcraft while South Korea's GamePrix is bringing the Kinect-compatible Divine Souls to Xbox.

You are the navigator: China developing motion-sensing MMO originally appeared on Massively on Tue, 22 Feb 2011 10:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Codemasters unveils Lord of the Rings Online hacked account program

Jef Reahard — Wed, 26 Jan 2011 20:00:00 EST

Filed under: Fantasy, Lord of the Rings Online, Culture, MMO industry, News items, Free-to-play

With great playerbase numbers comes great security responsibility. Wait, no. That's not the movie metaphor we're looking for. How about keep it secret, keep it safe!

That's more like it, but unfortunately for some Lord of the Rings Online fans, the secret (and the safe) parts are being compromised as the free-to-play title sees a rise in hacked accounts to go along with its expanding user numbers. All hope is not lost, however, as Codemasters (LotRO's European publisher) has introduced a new Hacked Account Restart Program designed to assist victims and speed them back onto the road to Mordor.

The program has a few prerequisites, among them player support eligibility and GM verification of the actual account owner. Claims must also be filed within seven days of the security breach, and reimbursement methods will vary at Codemasters' discretion. You can read the official announcement on the Codemasters website, and you'll also want to check out Customer Service Manager Sincilbanks' blog entry on the subject.

Codemasters unveils Lord of the Rings Online hacked account program originally appeared on Massively on Wed, 26 Jan 2011 20:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

The Road to Mordor: Hacked!

Justin Olivetti — Fri, 21 Jan 2011 19:30:00 EST

Filed under: Fantasy, Lord of the Rings Online, Game mechanics, MMO industry, Free-to-play, The Road to Mordor

"My kinship had just finished an instance run about a week-and-a-half ago and was in the process of reloading back into the world when I got the message that I was being disconnected because I had just logged into the Brandywine server. Huh? Suspecting the worst, I immediately hit up the Turbine Account page and changed my password then re-logged back into the game, which would boot the hacker offline just like I had been booted minutes earlier.

"I was lucky and did that before the hacker had time to switch servers to where my active characters are. Other kinmates have not been so lucky."

So goes the frightening tale of Pumping Irony's Scott, who shares this in the hopes that others may avoid a similar scare. Unfortunately, it seems as though stories such as these are becoming more and more common in Lord of the Rings Online, where the worst threat to your quest may not be the eye of Sauron but the malicious intent of hackers gutting your account while you're offline.

Today we're going to step off the path for a temporary side trail into the gloomy undergrowth of account security and an MMO under siege.

Continue reading The Road to Mordor: Hacked!

The Road to Mordor: Hacked! originally appeared on Massively on Fri, 21 Jan 2011 19:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Runes of Magic addresses account hacks

Jef Reahard — Sat, 15 Jan 2011 11:00:00 EST

Filed under: Fantasy, MMO industry, News items, Free-to-play, Runes of Magic

What do you do if a game company's actions get under your skin? If you're a hacker that goes by the name of Cpt.Z3r0, you breach the company's account security and post thousands of user names and passwords to its public forum. Runes of Magic publisher Frogster recently fell victim to said cyber-bullying, and though the offending information was quickly removed from the game's German website, the saga is far from over.

The hacker(s) claim possession of 3.5 million accounts, and in an anonymous video message recently uploaded to YouTube, state that Frogster "better start respecting the people that pay your salary." While specific details of the demands are unclear, the video message hints at Frogster's reputation for censoring critical forum posts. Runes of Magic community manager Mike "Silberfuchs" Kiefer posted an official reply on the game's boards, stating in part that a criminal investigation is underway and that the 2,100 compromised accounts have been blocked from accessing the game, forum, and account management until the dust settles.

Runes of Magic addresses account hacks originally appeared on Massively on Sat, 15 Jan 2011 11:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

EVE Evolved: The RMT problem

Brendan Drain — Sun, 19 Dec 2010 18:00:00 EST

Filed under: Sci-fi, EVE Online, Culture, Economy, Game mechanics, MMO industry, EVE Evolved

Of all the problems that plague MMOs, RMT (real money trading) is perhaps the most disruptive to normal gameplay. By design, almost every MMO has some form of tradable currency that can be collected through normal gameplay. The time it takes to collect that currency has an inherent value, which varies from player to player as not every player values his free time at the same level. It's inevitable that cash-rich players who value their time highly will often want to shortcut normal gameplay by buying the currency directly for cash.

The negative impact of RMT and its associated problems is felt in every popular MMO, and EVE Online is no exception. The direct balance issues inherent in allowing players to buy ISK with cash are just the tip of a very unpleasant iceberg. Players who buy ISK from shady websites and services are the reason that the rest of us have to put up with spam-bots in popular chat channels, rampant account hacking, and macros taking up a disproportionately large cut of EVE's in-game resources and server load.

In this week's EVE Evolved, I look into the problems caused by RMT, why macro-farming operations have become so wide-spread, and what CCP has done to combat this growing problem.

Continue reading EVE Evolved: The RMT problem

EVE Evolved: The RMT problem originally appeared on Massively on Sun, 19 Dec 2010 18:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Behind the Curtain: Hacked account - opportunity or deathknell?

Craig Withers — Thu, 26 Jun 2008 20:30:00 EST

Filed under: World of Warcraft, Fantasy, Culture, Exploits, Behind the Curtain

Well, it seems I may have been too hasty in jumping on the 'omgblizzardgmsaretehsuckzorz" bandwagon last week. Merely a handful of hours after logging back on to my World of Warcraft account and submitting a GM ticket after reformatting my PC, not only had my deleted characters been restored, but all of their gold and items had been recovered.

Colour me chuffed.

I was correct in my suspicions, and whoever had managed to compromise my account had indeed stripped and deleted two of my level 70 characters. The last time I had logged on, I had three characters at level 70; a Horde Druid and Priest and an Alliance Warrior. On checking the Armoury, both the Priest and Warrior were missing, and the Druid was naked - which, as I'm sure any other Tauren player can attest, is rarely a good look.

Now, as much as I deplore it, I can understand the concept of hacking a person's account in order to sell their gear, then pass that money along via a Goldseller - that's simply business, but I don't understand why you would delete a character completely - while the first is an undeniably rotten thing to do to a person, it's generally something that can be recovered from, or (in the worst-case scenario) rebuilt. New gear can be acquired, gold can be earned once again, and if your guild happens to be chock-full of good folk like mine, you'll maybe get some help along the way.

Continue reading Behind the Curtain: Hacked account - opportunity or deathknell?

Behind the Curtain: Hacked account - opportunity or deathknell? originally appeared on Massively on Thu, 26 Jun 2008 20:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Blizzard Authenticator adds new layer of security, for a price

Chris Chester — Thu, 26 Jun 2008 20:00:00 EST

Filed under: World of Warcraft, Exploits, MMO industry

When you play online games these days, you always have to be mindful that you don't leave yourself vulnerable to viruses, account fraud, and hacks. Something as seemingly simplistic as a hidden keylogger in a UI mod can open the floodgates to strangers to come on your computer and take your account information. Stories abound of players losing accounts they've dumped thousands of hours into because they didn't take the proper precautions. While some of the blame certainly lies with the players, there are some critics who have charge that the MMO industry doesn't do enough to prevent fraud.

Enter the Blizzard Authenticator. This new keychain SecurID device can be attached to your World of Warcraft account, making it impossible for anybody to access it without the Authenticator plugged into the computer They'll be debuting the device at the upcoming Blizzard Invitational, but it should be available on Blizzard's online store soon at the low, low price of $6.50. It's a small price to pay for peace of mind.

Blizzard Authenticator adds new layer of security, for a price originally appeared on Massively on Thu, 26 Jun 2008 20:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

A personal account of the devastation wrought by virtual theft

Chris Chester — Tue, 24 Jun 2008 19:00:00 EST

Filed under: Final Fantasy XI, Economy, Exploits, MMO industry

In the mainstream media it's not entirely uncommon to hear tales of virtual theft cast in a mocking or sometimes even light-hearted tone. Given the right set of details, we're sometimes guilty of it ourselves. In any case, when you actually read a first-hand account of such an experience, you quickly see how devastating a personal blow it can be to a person. A recent article in The Escapist explores one such experience, going into the depths with one unfortunate Paladin who had her Final Fantasy XI account hacked.

Much the same way that a real life burglar can rob somebody of their sense of safety, virtual thieves rob players of the joy and security they get from building up a character in a virtual world. The Paladin followed in the article lost her will to play altogether, which we think is an even sadder outcome than losing her highly-valued account.

A personal account of the devastation wrought by virtual theft originally appeared on Massively on Tue, 24 Jun 2008 19:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Behind the Curtain: My turn to get hacked

Craig Withers — Thu, 19 Jun 2008 21:00:00 EST

Filed under: World of Warcraft, Fantasy, Culture, Opinion, Behind the Curtain

It's official - my guildies are 'teh awesomez'. The reason? My World of Warcraft account was hacked yesterday afternoon, and I've already been inundated by offers of assistance and gold from my friends, should things go South once I log back into my account.

To clarify - I came home from work yesterday evening to find a nausea-inducing email from Blizzard informing me that my account had been suspended due to activities which made them suspect it has been compromised. They advised that they had reset my account password, and suspended the account for three hours as a precautionary measure. Unable to actually access my account in-game, I check the Armoury to see what state my characters were in, only to find that of my three level 70 characters, only one is now showing up, and he's completely naked. So it seems that not only have all my items been sold off, but at least two of my characters have been deleted. It's that last part that really annoys me.

Continue reading Behind the Curtain: My turn to get hacked

Behind the Curtain: My turn to get hacked originally appeared on Massively on Thu, 19 Jun 2008 21:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Account hacked? Why not stop and smell the flowers?

Michael Zenke — Thu, 12 Jun 2008 14:30:00 EST

Filed under: World of Warcraft, Fantasy, Culture, Humor

It happens to the best of us. We try to be careful, we try to be conscientious, and then the unthinkable happens: your MMO account gets hacked. You log in to find your virtual life has been torn asunder. What happens then? Sean Sands, over at the Gamers with Jobs site, walks us through the ordeal of having his World of Warcraft account hacked.

Sean reminds us that the most important thing to do is to keep things in perspective. Most likely the person that hacked you was just doing their job. It probably wasn't malicious, and unfocused rage never helped anyone resolve their problems. Moreover, Blizzard is well aware of the problems inherent to the account breach issue. They've got a polished, professional team ready to give you back your stuff in a timely fashion. In fact, as Sean notes, it may be that they're a bit ... too practiced at this.

The problem of account hacking is universal. We suggest you check out some of the security resources WoW Insider has on hand for World of Warcraft fans, as many of them can be transposed to another game. in the meantime, have you had any experiences with hacked accounts? What happened and ... most importantly ... did you get your stuff back?

Account hacked? Why not stop and smell the flowers? originally appeared on Massively on Thu, 12 Jun 2008 14:30:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

How easily can your account be hacked?

Shawn Schuster — Tue, 27 May 2008 19:30:00 EST

Filed under: Game mechanics, Legal, Education

You've probably heard the stories before. A friend's roommate's cousin once got his WoW account hacked. The hacker took all of his character's items and gold, and left a few naked, violated characters to fend for themselves. It conjures the same feelings as coming home to find your house has been broken into, or walking out to the driveway in the morning to find your car is gone.

There has been a recent phenomenon of hacked accounts lately, more than ever. WoW had a recent problem with Xfire, and several people got their accounts hacked. The leader of Rebel Rising [rawr], one of the top PvP guilds in Guild Wars just got their account hacked and the hacker disbanded the entire [rawr] alliance and deleted the guild. This is a guild that had worked for years to establish itself in the GW PvP community, including its very own tournament cup named after them. But the fact that it can all go away so easily, as it did from one hacker, makes us aware of the inherent dangers and vulnerabilities we face in this environment.

Continue reading How easily can your account be hacked?

How easily can your account be hacked? originally appeared on Massively on Tue, 27 May 2008 19:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Mabinogi hacked by a 16-year-old for $325K of virtual currency

Mike Schramm — Tue, 29 Jan 2008 17:30:00 EST

Filed under: Economy, Events, real-world, Making money, Free-to-play, Mabinogi

A sixteen-year old boy allegedly hacked the website of Nexon Japan, and made off with about $325k worth of game points for Mabinogi, a free-to-play MMO that's inspired by Celtic mythology (and on its way to North America soon). He reportedly was able to obtain the password of a former Nexon employee, and then used that info to log on to the game servers and load himself up with virtual cash.

Some of which apparently then turned into real cash, as he was able to sell it (as least that's what it seems like) for "web money," which he used to buy books and other software. The bottom line here seems to be not that the kid is a genius, but that the company and/or its employee made a dumb mistake, allowing the password to get nabbed by simple hacking software.

No word on what punishment, if any, the kid faces, but Nexon claims they've "re-evaluated" their security software, and created a "24-hour monitoring system." Well that's good -- when they get hacked again, at least they'll be able to monitor it.

Mabinogi hacked by a 16-year-old for $325K of virtual currency originally appeared on Massively on Tue, 29 Jan 2008 17:30:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Final Fantasy XI hacked; Square-Enix hides behind policy

Akela Talamasca — Mon, 17 Dec 2007 10:00:00 EST

Filed under: Fantasy, Final Fantasy XI, Economy, Expansions, Exploits, Game mechanics, New titles, Making money, News items, Politics, Legal

Numerous reports have come in concerning the recent hacking of Final Fantasy XI player accounts, with the concomitant liquidation of assets, leaving many users without gear and gil. Although complaints to the game admins have been many and passionate, Square-Enix seems to be employing a strategy of claiming that the hacked users are somehow to be found at fault for downloading keylogging software, or somehow allowing their account information to be taken by malicious hackers.

There is an interesting theory circulating that the attacks are in response to S-E's crackdown on real money trading (or RMT) activities, which in general drive up inflation of in-game economies. It's been supposed that " ... RMT have decided for Christmas to meet demands for the people who buy the games currency (gil) to hack droves of veteran characters and sell everything of value in an attempt to meet the demand with the least amount of labor as possible", to quote player Sparthos.

Interestingly, many of the hacked account holders place the inception of these attacks as occurring shortly after the release of FFXI's newest expansion, Wings of the Goddess. If there is a connection, it might be possible for there to be some weak code in the expansion that allows a hack of this nature to occur. With S-E's refusal to acknowledge legitimate grievances on the part of the players, however, it's not likely that we'll have this either confirmed or denied. We'll keep an eye on this story and see how it develops.

[Thanks to everyone who sent this in!]

Final Fantasy XI hacked; Square-Enix hides behind policy originally appeared on Massively on Mon, 17 Dec 2007 10:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

MMO security irresponsibly bad, experts claim

Chris Chester — Tue, 27 Nov 2007 17:02:00 EST

Filed under: Bugs, MMO industry

MMO players have more to fear than simply kobolds and virtual super villains. According to several security engineers interviewed by TechNewsWorld, gamers face greater risks than many of them realize, as lax security measures on the part of publishers expose players to identity theft, malware, and potential hack attacks. And as persistent online worlds continue to grow in size, they only become more lucrative targets for online ne'er-do-wells. They attribute much of the risk to the fact that so much of the actual game software lies on users' home computers, and is not adequately shielded by firewalls and other protective measures.

Unfortunately, the solutions posed by the so-called experts betray an obvious lack of experience with MMOs and the people who play them. They cite enterprise networks as an example of having the kind of network security that gamers need to ensure that they're protected from intrusive attacks... So they suggest that people play games from work to alleviate the risk. While I'm enthusiastic about such a prospect personally, I highly doubt that most employers are too keen on the idea of their employees logging in while on the clock and using up company bandwidth to grind for Sporeggar rep. They also suggest purchasing expensive security products, but that's not something I'd imagine most people haven't considered and disregarded already.

A more prudent suggestion, though not one explicitly cited in the article, is to instead be extremely mindful of what kind of mods you download for your favorite games, and from where you download them. If you don't give hackers an open door to your system, than there's probably not too big a cause for concern, unless you're unlucky enough to have bought pre-hacked products.

MMO security irresponsibly bad, experts claim originally appeared on Massively on Tue, 27 Nov 2007 17:02:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments