Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ragnarok Online Hacked Again

Posted by simoniker on from the not-good-for-business dept.

An anonymous reader writes "According to a Stratics article, Ragnarok Online, a primarily Asian MMORPG, has been hacked yet again. As many people will remember , Ragnarok was hacked in late June, and a file with every user's passwords/usernames was distributed." Another anonymous reader claims: "Someone logged on as a GM, loaded arbitrary items and distributed them, used the in-game announcement system to announce their accomplishment, and was able to delete all of the official GM accounts." As yet, there's no official statement from the Ragnarok developers on this latest alleged issue.

2 of 29 comments (clear)

  1. Why Clear Text Passwords are Bad, and How to Avoid by Anonymous Coward · · Score: 3, Insightful

    If they just wouldn't store passwords as cleartext, this kind of thing would happen much less often. Read this interesting article for more on the subject.

  2. Last time I checked... by ASkGNet · · Score: 5, Insightful

    Last time I checked, they did not even bother to upgrade their security after June's attack. But let's not speculate, and look at a known case:

    Private servers.

    Anybody that cared to dig up a bit the history of Ragnarok Online's private servers knows that a sizeable portion of it originated from Aegis. Aegis was the codename of the actual server software that Gravity runs on their servers. Indeed, there was a case of a few hackers in Korea beating the security (or lack of it thereof) and causing the leak of server software to public. This was in mid 2002 if I am not mistaken.

    Now, let us jump 1 year forward, to June 2003. Second attack on Gravity servers. Massive leaks of account data. One may think that after the first fiasco, the security measures were strengthened. However reports show up that passwords were stored in plaintext. Therefore one must conclude that if there was not enough attention to this small (and easy-to-fix) detail, the overall security is in the same state.

    Which ultimately means that nobody bothered to upgrade their security - if you check your RO client now with a sniffer, you will see that it sends login data in plaintext(?!), not to talk about actual server-side databases.

    If they could not fix this in a year, almost year and a half since the first attack, what would make them magically fix it in 1 month. Therefore, attacks like this one will happen, and leaks like this one will happen. It's not a one-time occurence.