Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dark Age of Camelot European Server Compromised

Posted by simoniker on from the some-implication-of-an-inside-job? dept.

Revz writes "The company in charge of the Dark Age of Camelot servers in Europe finally admitted they have been having security problems, after over a week of unusual happenings for the players of this PC MMORPG. Unknown people have been causing havoc with GM admin tools on live servers and have potentially gained access to account passwords. Sanya (the community relations manager from Mythic, who run the servers in the US) has commented on the whole thing in this thread on the DAoC Catacombs site, saying 'server security has never been compromised... there is an explanation for this that doesn't involve anybody breaking into databases or servers'. Pictures and videos of the situation on the European servers where multiple high level creatures were spawned can be found in this thread on an unofficial forum."

10 of 24 comments (clear)

  1. This was no hack by JFMulder · · Score: 2, Funny

    It was the god in the game, sending Behemoths to eliminate all the infidels!

  2. Sounds like the .Hack anime... by wickedj · · Score: 2, Interesting

    This is right out of .Hack where players in beginner areas are confronted with high-level creatures that shouldn't be there. I wonder if there is someone who isn't "bound" by the game rules, is not sitting in front of a pc while playing, and is currently in a comatose state. Of course, that last part could apply to a lot of people I know who play video games...

  3. Maybe someone was about to quit. by darkmayo · · Score: 3, Insightful

    Maybe an employee of GOA (the company running the european side of DAOC) was disgruntled logged in and used his GM toolset to spawn mobs and cause a bit of a ruckus before they quit.

    Seems the most plausible to me, since daoc has been the most stable and secure MMORPG release..(IMO) unlike a certain PVP centric one..

    --
    "I am a kernel in the linux army"
  4. Movie link by Lord_Dweomer · · Score: 2, Informative
    For those who didn't want to search through that massive thread to find the video link, here it is.....be gentle!

    Some poor sop's FTP

    Heh, I was smart, waited to post this AFTER I downloaded it.

    --
    Buy Steampunk Clothing Online!
  5. Lock and Key by August_zero · · Score: 3, Interesting

    I wonder if the security for the current crop of MMORPGs is that much more lax than the older generation or is it that more people are gunning for them? I suspect that its a little of both. I remember back when I was playing AC there were a few cases of people messing up the servers (someone actually worked out how to crash an entire server) but I seem to recall that these troubles were from exploits in the game itself and not the actual work of any hackers.

    With these types of games becoming more and more popular, and the fact that we are getting closer and closer to the day that items in game will carry real legally recognized value (lawsuits over lost items, are already starting to appear and even if you find it absurd, it is what things are moving towards) It may become really expensive for companies to put out games that are not perfectly secure (and what is perfectly secure anyway?) How many years will i get for hacking in my own LongSword of Holocaust?

    --
    On Wall Street they say "buy low, sell high" On the pad we say, "buy high, sell high" Isn't that somehow better?
  6. These guys don't understand "security" by tc · · Score: 4, Interesting
    These guys clearly don't understand the meaning of the word 'security'. Literally. They say that security has not been compromised because there was no server break-in, and yet all these game-wrecking events are happening. Sounds like a security problem to me.

    The deal here is that security is an end-to-end process. It's not a single lock that gets picked, or a server that gets hacked. It's a whole system, which may involve a large number of human factors. It doesn't matter how security was breached, but if the assets are compromised (in this case game integrity), then there has been a security failure. Even if this didn't involve a direct attack on the server, it's no less of a security failure.

  7. It's even worse by Yomar · · Score: 4, Interesting

    If you check out Barrysworld (http://forums.barrysworld.com/forumdisplay.php?s= b74713e616fe7316d4cbdc2f9963005d&forumid=160) you will notice that many users will never be able to retrieve their passwords, because they cannot update their e-mail addresses. After all, when RightNow (their customer support tool) will be up again they can't gain access to it, because the passwords have changed. So to get their password, these people need to change their profile. To gain access to their profile, they need to know the password. But they don't know the password, because the password was changed.

  8. In Mythic's defense... by wynterwynd · · Score: 3, Informative

    So far there have been no serious security compromises on the US DAOC servers, mostly just the occasional dupe item bug, player radar, or 'speed hack', which are almost always dealt with quickly. And they have always said their European servers were almost completely outsourced, which may not have been the best idea and I'm sure they regret to some degree now. So much of DAOC is server-side that I don't see how this could've happened unless a rebellious GM (or their account) was involved.

    --
    "Not all who wander are lost" -- JRR Tolkien
    1. Re:In Mythic's defense... by PainKilleR-CE · · Score: 4, Informative

      So far there have been no serious security compromises on the US DAOC servers, mostly just the occasional dupe item bug, player radar, or 'speed hack', which are almost always dealt with quickly

      I'm amazed they have problems with speed hacks after these were so well publicized in fps games (Half-Life, Quake 3, and other Quake-based games, UT managed to escape it due to player location synchronization and speed limitation being built into the server before the hacks even started). Radar and occasional dupe-item bugs are going to be problems for some time, but speed hacks, especially extreme cases, can be easily stopped.

      --
      -PainKilleR-[CE]
  9. CC details safe, they reckon by Scorchio · · Score: 3, Informative

    In a further news article on the DAoC site :

    Your billing information is not stocked on our servers. Everything related to your money is handled by a billing partner specialised in online transactions. Your billing information is totally safe and isolated from the platform targeted by the recent attacks.