Rift Hacking Issues Report

Category: News Archive
Hits: 1653
Written by Brother None on March 21st, 2011

View Comments
Trion Worlds' MMORPG Rift has been troubled by attempts from hackers to break into accounts from day one. Executive producer Scott Hartsman offers an update on ongoing security issues.
On last night's fix -- I'm very happy to confirm that we did fix a login vulnerability, with significant assistance from an extremely clever user.

The root cause was a very subtle bug in error checking of our login validations deep in the server code. No personal information or any such was leaked out, and no outside attacker penetrated our servers, networks, or databases.

We'd definitely like to thank Mr. ManWitDaPlan for the well-timed assist. Sir, we salute you and offer our most heartfelt thanks.
Mr. ManWitDaPlan is a "White Hat" "ex-hacker" who offers his help to fix an account security explot. ZAM has an interview with the man.
ZAM: Why did you want to pin it down? Did you get an account hacked? Or did you just feel like doing a good deed?

ManWitDaPlan: My account was hit during the start of the hack-fest on the weekend of the 12th-13th of March. I was left with only two pieces of armor and some gold, but my bank and mailbox were completely untouched, which deviates from the norm for what happens to hacked accounts. That made me immediately suspect there was a bug of some sort.

Since I've been working with security for so long I run a very, VERY locked-down system and knew that there was pretty much no way I could have been hacked via the usual avenues (e.g., malware). Still, I invoked some of my more aggressive anti-malware scanners, including a couple that act as hypervisors, and every scan I could throw at the systems turned up nothing at present, and no signs of ever having been infected in the past.

Between these two - the bank being untouched and the systems being clean - I started looking up the chain from me to the game servers proper. I started searching for man-in-the-middle attacks and server-side compromises. That avenue began with investigating how the game works, which led to finding an exploit, which led to working out how it works, which led to the forum post that from the looks of things shook all of Telara in a way that'd make Regulos go "umm, okay, let's go find another planet to eat - these people are nuts!"
Site Search

RPG Search
  
Latest Viewer Comments
    RECENT ARTICLES
    UPCOMING RELEASES

    © Copyright 2000-2024. GameBanshee. All Rights Reserved.