2011-10-03 Path of Exile brute force attack incident report
|
It really is a shame but I wonder who the fuck makes such a big effort only to get some beta accounts. Ok you can make some money with them, but lets be honest, it isnt really worth the effort.
|
|
|
Folks that's just probably testing the capabilities of the development team to counter such threats for later times when there is a cash shop. Or maybe just for fun... Or to be pain in the but... I had my work e-mail used as spam distribution address some time ago so I know how infuriating such attacks can be. I hope some hack the hard drives and fries the system of those hackers.
Best wishes and I hope you put a nasty surprise for the next hackers wannabes. |
|
|
I am always amazed when people do stuff like this. All that talent wasted when they could be doing something more worthwhile and making $$$!!!
|
|
|
Thanks for the quick response, hope you do that quick! Man this game is going to be so awesome that people are already trying to hack, oh well, I believe you (At GGG) can make a good work and protect our accounts if we let.
When I mean we let, I mean making our passwords stronger. Intead of ??? ???918U23238242 for example. Hmm... What should I write here?
|
|
|
Could always add the secondary password feature, have to use mouse only to enter a 4 or 6 digit number on a keypad that randomly generates positions.
Couple other online games have it...probably helps alot, and doesnt bother the players too much. |
|
|
Lol imagine that nerd trying to steal an account just to play a bit , imagine his rage :D
|
|
|
Hopefully he rage quit ;) I wonder if he posted in the forums prior to attack: "give me key, or i hack accounts"... lol
|
|
|
hum...
i am wondering if there is a link between this & the guy claiming that he had keys to sell today (thread deleted now) otherwise good job & reaction team GGG. i like your transparency about this subject. i think that the game is in good way but unfortunately, be attacked by hackers is the Path of Glory. ;) going to change my pass as advised by Vandro to enhance the security of your server. "i'm the French Saigneur ! Fight for your life stupid MOBs !"
Post to ask for a Key is like a Baby crying for his baby bottle. Totally infantile, it's late, go to bed kids. |
|
|
Any chance the email accounts and passwords used were related to the hacks that occurred to Besthesda and the like recently?
|
|
" Just to note, a 0-9 numeric keypad with four available digits has only 10,000 possible combinations, and even with 3 to 4 login attempts a day with it, people still can get robbed. Why? Because the game does not log in the number of times it's attempted and failed in the interim. And any game that has such a keypad needs to. More over, such a keypad doesn't actually help that much. They're simply nuisances more often than not. I play a game with one. Hell, the best security feature possible? Once you login you get a "Since your last successful login, there have been __ attempts on this account. The most successful attempt was _____ with __ number of characters in common with your password." I had a computer back in 1999 that could do this, why the hell can't modern service providers do the exact same thing? |
|
