Slashdot Mirror

← Back to Stories (view on slashdot.org)

$1.2 Million Worth of MS Points Taken After Hackers Figure Out Code Algorithm

Posted by Soulskill on from the going-for-the-gusto dept.

The Save and Quit blog reports that a group of hackers figured out the algorithm behind a set of promotional codes that were each redeemable for 160 MS points, the currency used on Xbox Live. Quoting: "A person would just have to sit back and refresh over and over and rack up the 160MSP codes. Not every code would work, but a majority would. The site started to 404 due to the heavy traffic. If you have closer ties to the pirating community, you could find a program to get the codes for you. ... This method took a little more work out of the user, but it was still simple enough for a 12 year old to figure out. ... Microsoft found out about this exploit and put a stop to it immediately, but internet pirates still had enough time to steal $1.2 million worth of Microsoft Points."

10 of 203 comments (clear)

  1. $1.2 million worth of Microsoft Points by elrous0 · · Score: 5, Funny

    Wow, that's almost a full tank of gas.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:$1.2 million worth of Microsoft Points by adamofgreyskull · · Score: 3, Funny

      Firstly, welcome to The Internet. Secondly, I believe elrous0 was using a rhetorical device, common in English, called "Hyperbole"

    2. Re:$1.2 million worth of Microsoft Points by semiotec · · Score: 4, Insightful

      In case you've never come across this before, it can also be used to point out when something is ridiculously low or worthless, as I believe is the intention of the original post, that at least in his/her opinions MS points are worthless, specifically that even though they are technically worth $1.2 million, there's very little you can buy with them.

  2. Re:They didn't steal anything. by BradleyUffner · · Score: 3, Insightful

    It's not like MS ran out of codes.

    Tell that to someone who legitimately had one of these codes that couldn't redeem it because someone else used it.

  3. Didn't hack the algorithm by russotto · · Score: 3, Informative

    It appears the algorithm wasn't actually determined. Rather, Microsoft essentially left a code generator which took unencrypted parameters available on a web page. Amateur mistake.

    1. Re:Didn't hack the algorithm by wbav · · Score: 3, Informative

      Microsoft has taken action already:
      http://kotaku.com/#!5780686

      --

      =================
      Unix is very user friendly, it's just picky about who its friends are.
  4. Re:Dumb kids by natehoy · · Score: 4, Funny

    why do you cower behind a chosen underwear based pseudonym? what are you afraid of?

    Perhaps he meant a striped, horse-like animal, and he has a lisp, you insensitive clod.

    --
    "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
  5. Re:Dumb kids by Anonymous Coward · · Score: 4, Funny

    you're an idiot.

    And you have the social graces and sense of humor of a striped, horse like animal with a lisp.

  6. Boggles the mind by TheSpoom · · Score: 4, Insightful

    Why weren't these codes completely random? Why don't they have a database of valid and used codes, where codes only get inserted when they're printed on cards that are then shipped to stores? Perhaps most importantly, why would you EVER have a public web-accessible interface to generate codes on the fly?

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
  7. Re:Dumb kids by Ohrion · · Score: 3, Insightful

    In this case, stolen bits doesn't == lost sale. In this case, stolen bits == sale for the publisher. Microsoft has to pay the publisher of the game with real money that was bought with stolen bits. Also, congratulations on your ethics, that allows you to rationalize your behavior to this degree.