Slashdot Mirror

← Back to Stories (view on slashdot.org)

Man Arrested For RuneScape MMORPG Online Robbery

Posted by CmdrTaco on from the doing-pretend-work-for-pretend-boots dept.

Unexpof writes "A man has been arrested by the British Police Central e-Crime Unit (PCeU), accused of stealing the usernames and passwords from players of the RuneScape MMORPG. Security experts report that this is one of the first occasions when a Brit has been apprehended for 'virtual robbery,' although incidents have happened in the past. For instance, the CEO of the sci-fi trading game EVE Online stole 200 billion 'kredits,' which he then used as a deposit on a real-world house, and in October last year a Japanese woman was arrested by police after allegedly hacking her virtual husband 'to death.'"

27 of 118 comments (clear)

  1. The difference is by jforr · · Score: 3, Interesting

    He hacked the logins which is pretty much equivalent to hacking an email account. The eve online thefts were all perpetuated via in-game mechanisms and since the game's terms state that all in-game items are property of the maker of the game, there was no actual IRL theft to prosecute.

    1. Re:The difference is by eldavojohn · · Score: 3, Informative

      It's not exactly the same as hacking someone's email account though, because if you do that you can potentially get hold of peoples bank/ebay etc accounts. I don't give a rat's arse about this or that game, and I'm a little annoyed about the idea of tax payer's money being wasted on non-crimes such as this.

      Well, I assume Runescape is paid for on a monthly payment and you're actually 'renting' something that the makers of Runescape technically own (if they have a ToS similar to WoW). We discussed this in August about whether or not virtual property should be under the same law as regular property.

      And really, you should be happy that your tax dollars are paying for this. The closest analogy I can think of is if you rented a moving truck and someone stole it from in front of your house and then anonymously returned it to the store at the end of your rental period. Now, you didn't get to move any of your stuff yet you were still charged for the truck. Basically you've entered into an agreement to use someone business's property in exchange for money and now a third party has not only obstructed that but prevented you from receiving use/enjoyment from your purchase. On a case by case basis, maybe not a big enough deal for $13 (or whatever Runescapes monthly payment is). On a mass scale (like this), call the authorities. The sad thing is that the emotional attachment and feelings of ownership that humans attach to accounts, items and characters are more than likely overlooked. And there's not a lot you can do about that, the law sticks to protecting things that are real and definite and measurable like your monthly payment.

      Now, if Runescape was a free game and there was no credit card information at risk then I would agree that the authorities should let the players appeal to the Runescape company to increase protection of their accounts.

      --
      My work here is dung.
    2. Re:The difference is by Afforess · · Score: 2, Informative

      Runescape accounts are already very secure.

      I'm sure I'll get mocked for this, but I did play the game for a long time as a member a few years ago.
      Accounts have a password, but in game, to access your bank, you also need to enter a 4-digit pin number, and it's not type-able with your keyboard, so no keylogger can get it, and the places where numbers are change with each click. Also, you can't trade items with other players in very unbalanced trades (to stop gold farming).

      I'm not sure what good it would do to rob or even steal another players account, seeing how Jagex (that's the company that runs Runescape) monitors accounts pretty closely, and you can't trade gold to another player, or even drop trade. (Drop trading is dropping items in the hope they will appear as loot to another player).

      Runescape, as far as MMO's go, is as secure as it can possibly be.

      Oh, and membership is only $6/month, not 13.

      --
      If our elected representatives no longer represent us, do we still live in a Democracy?
    3. Re:The difference is by eldavojohn · · Score: 4, Funny

      Runescape, as far as MMO's go, is as secure as it can possibly be.

      AP - Quebec - Another teen corpse missing fingers and eyes was found Saturday in the vicinity of Quebec's biggest internet cafe.

      "We are starting to see a lot of this," said Officer Bergeron, "now that Runescape has increased security. People watch who logs into Runescape with their retna scans and fingerprint devices ... at the cafe and then they lay in wait outside. When the person comes out, they beat them until they give up the password and then they take the other two things they need."

      Jagex, makers of Runescape, did not return calls to their offices.

      This marks the twentieth vicious slaying for Runescape items and virtual currency. An anonymous patron of the cafe said, "We've all been there. I mean, my good friend has twice the cash I do in game and I'm not denying it--I've had thoughts about how simple and quick it would be to asphyxiate him and then remove his eyeball with a pen or melon baller ... and you really just need one index finger for the fingerprints. And then just log in with his retna and finger kept fresh in my refrigerator. I wouldn't be a weirdo about it, I've seen those shady guys with the eye/finger keychains. It's so simple and all you're doing is stealing some stuff off their account ... I'm honestly shocked more gamers aren't doing it."

      The recent victim's mother said she knew that her son was involved with Runescape but that she wasn't aware of the risks associated with such a game. After identifying the eyeless corpse of her son, she spoke out against online gaming and implored regulators to think of the children and put a stop to all online gaming. She ended her statement with "Before parents make that first $6 payment for their kids ... they should realize what they are condemning them to."

      --
      My work here is dung.
  2. Misleading blogvertising by Revvy · · Score: 2, Insightful

    That's a terrible quote from a not-so-good blog post. It also appears that the submitter, Unexpof, only links to stories on Graham Cluley's blog at Sophos.

  3. Reality check by seniorcoder · · Score: 4, Funny

    I hope he doesn't take my slashdot karma points.

  4. Poster has it wrong... by Trracer · · Score: 5, Informative

    Uhm, it was not the CEO for CCP (makers of Eve Online) who stole isk (not "kredits") to buy a house. It was a CEO of a player-run banking corporation. Ingame Eve corporations are like clans, so there's a BIG difference.

    --
    English is not my first language, so cut me some slack -: Om du kan lasa det har sa kan du Svenska :-
    1. Re:Poster has it wrong... by Anonymous Coward · · Score: 3, Informative

      this needs to be moded up. EVE's 'dollar' is the isk and the guilds are 'corporations' in EVE. CCP is the maker of the game EVE... so it's entirely likely the poster might have mistaken the EVE online situation.

      More over, CCP hired a nobel prise winner for economics to manage the market in the EVE online game so I find the idea that the CEO of CCP somehow stealing from his company and buying a house a little suspect, especially given the lack of links to prove that.

      I would include links myself to further this information but i cannot from this location, as i post this.

    2. Re:Poster has it wrong... by NightRain · · Score: 3, Informative

      The reference to buying a house comes from the fact that Ricdic, the CEO of said (in game) bank that was stolen from, converted the isk he stole to real money via Real Money Trading. This part, whilst not hacking, was against the EULA of the game, and got his account banned.

      His stated reason for going the RMT route was a sick child, and a mortgage debt...

    3. Re:Poster has it wrong... by jmauro · · Score: 2, Insightful

      He also wasn't arrested, just banned from the game.

  5. user credential theft is not a virtual robbery. by Nickodeemus · · Score: 5, Informative

    someone needs to get a clue. stealing and using or selling a users credentials is not a virtual theft. virtual theft is stealing the users stuff inside the game. stealing thier credentials to get into the game is the same as stealing their credentials for thier bank account or for their computer. Using said stolen credentials amounts to unlawful access at the very least.

    1. Re:user credential theft is not a virtual robbery. by shentino · · Score: 2, Insightful

      Indeed.

      What is being stolen during a hack is the victim's access to the game that they DID pay for with real life money.

  6. Not Eve Online, Eve Bank by Amezick · · Score: 5, Informative

    The CEO of Eve Bank stole the online cash. The CEO of CCP (maker of eve) had nothing to do with this. Eve Bank is a player run financial institution inside the game. FACT CHECK!

    1. Re:Not Eve Online, Eve Bank by Game_Ender · · Score: 2, Informative

      Mod parent up: http://www.news.com.au/technology/story/0,28348,25727106-5014239,00.html

  7. Incorrect Summary by d3ac0n · · Score: 4, Informative

    There is no "CEO" of Eve Online. Eve Online is a game produced by CCP of Iceland.

    There ARE Virtual CEO's of Virtual corporations within the Space-based MMO EVE Online.

    I am also not aware of any corp CEO that has used EVE-O ISK to buy a real world house. Somehow I doubt any bank would accept a virtual money as collateral on a real house. Of course, If a private party was that foolish, then hey, more power to the corp CEO. Nevertheless that sounds like a fake story.

    --
    Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
  8. what kind of a bank... by Shanrak · · Score: 4, Funny

    Eve Online stole 200 billion "kredits", which he then used as a deposit on a real-world house

    What kind of a bank would take 'kredits' as deposit for a house and where can I sign up for an account? I have 500 billion ZWD to use as collateral for a loan.

    --
    This post may or may not contain cancer causing materials.
    1. Re:what kind of a bank... by Errtu76 · · Score: 3, Funny

      why, any bank that runs KDE on their desktops, of course!

  9. Not virtual robbery... by Richard_at_work · · Score: 4, Informative

    Try prosecution under the Misuse of Computers Act, specifically for unauthorised access to the accounts - which this fits perfectly. He stole and used usernames and passwords, nuff said.

    1. Re:Not virtual robbery... by drinkypoo · · Score: 2, Insightful

      Yes, this is ordinary robbery, but carried out on a computer. Virtual robbery is when you steal items off a player character through an approved game mechanism, which is not an illegal act. And in other non-news, slashdot editors don't edit.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  10. "virtual" robbery? by Errtu76 · · Score: 2, Insightful

    Seems to me the theft was real, not virtual. Ah, marketing terms ...

  11. Well done to all involved. by saintm · · Score: 4, Insightful

    This 'story' should be held up as an example of all that is wrong with the slashdot story submission process.

  12. There was no arrest for virtual killing by bickle · · Score: 5, Informative

    "in October last year a Japanese woman was arrested by police after allegedly hacking her virtual husband "to death""

    Ok, let's get this corrected. There was no arrest for virtual murder. Repeat: There was no arrest for virtual murder. The woman was arrested for hacking into someone else's account. What she did in game is irrelevant and has just been repeated and twisted over and over for the sake of a sensationalistic "news" story.

    http://www.wired.com/threatlevel/2008/10/woman-arrested/

  13. Horrible Summary by Anonymous Coward · · Score: 2, Informative
    Absolutely horrible summary but assuming that it's at least correct in saying that he stole login details for this online service then it's right to say he broke the law in regards to gaining unauthorised access to computer systems which exists in many different forms all throughout the world but would most likely be treated in the same way. I don't see why posters here don't seem understand that. Seeing as this appears to be in UK, the Computer Misuse Act states:

    1:1) A person is guilty of an offence if: a) he causes a computer to perform any function with intent to secure access to any program or data held in a computer; b) the access he intends to secure is unauthorized; and c) he knows at the time when he causes the computer to perform the function that this is the case.

    Not sure why people would somehow consider this out of the ordinary other then it happens to be that the criminal behaviour towards this type of service in question hasn't had much attention from law enforcement.

  14. I keep hearing Arnold Schwarzenegger by Errol+backfiring · · Score: 2, Funny

    "You have just been erased."

    --
    Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
  15. Re:EBank theft by Apatharch · · Score: 3, Insightful

    I think it's also worth emphasising that it was only the sale of in-game currency for cash which got Ricdic's account banned, not the actual theft. If he had kept the cash in-game, he wouldn't have been subject to sanctions from CCP at all.

    Referencing the original BBC News article:

    Ricdic has now been thrown out of the game as trading in-game cash for real money is against Eve Online's terms and conditions.

    The rules governing play within Eve would not have sanctioned Ricdic if he had simply stolen the cash and used it in the game, nor if he had bought kredits with real dollars.

    Of course the nature of this particular theft doesn't really relate to the RuneScape account theft since it occurred within the rules of the game in question; describing it as "similar illegal activity" is misleading at best.

  16. Identity theft is not virtual by Arancaytar · · Score: 3, Insightful

    Stealing virtual items in a MMORPG is not a crime, and at most a violation of the terms of service.

    Stealing identities by way of online passwords is not a virtual crime, it's a very normal, plain computer crime.

  17. MapleQuest story is accurate but misleading too. by Valdrax · · Score: 2, Informative

    [I]n October last year a Japanese woman was arrested by police after allegedly hacking her virtual husband "to death".

    It sounds like she performed some kind of violent action, but in truth she just logged into his account (using info from when they were in a relationship) and destroyed his character. This got billed as "virtual murder" a lot back when the story broke to make it more salacious, but it's just the equivalent of logging into someone's webmail who made the mistake of telling you their password and deleting the entire history and address book.

    Not much in the way of "hacking to death" in either sense, really.

    --
    If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").