Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Says a Chinese 'Gaming Service' Company Is Hacking Xbox Accounts (theverge.com)

Posted by msmash on from the security-woes dept.

An anonymous reader shares a report: Since 2015, a Chinese gaming website has been hacking Xbox accounts and selling the proceeds on the open market, according to a complaint filed by Microsoft in federal court on Friday. On its website, iGSKY presents itself as a gaming service company, offering players a way to pay for in-game credits and rare items -- but according to Microsoft, many of those credits were coming from someone else's wallet. The complaint alleges that the company made nearly $2 million in purchases through hacked accounts and their associated credit cards, using purchases as a way to launder the resulting cash. On the site, cheap in-game points are also available for the FIFA games, Forza Horizon 3, Grand Theft Auto V, and Pokemon Go, among others.

31 comments

  1. MacOS is not Linux by Anonymous Coward · · Score: -1

    MacOS can do more than Linux, like connect to WIFI or run Microsoft office.

    1. Re:MacOS is not Linux by BarbaraHudson · · Score: 1

      Hint: The OS wars are over. They died of boredom. It's just not interesting any more. Sorry, but the world has moved on, and an OS is just another boring commodity, easily replaced, with less and less to get excited over with each new iteration.

      Q: So who won the OS wars?
      A: Who gives a sh*t ...

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    2. Re: MacOS is not Linux by Anonymous Coward · · Score: 0

      Taco Bell will someday win the restaurant wars. And, we will all be forced to greet each other by waving our hands in little circles without touching and telling each other to "Be well".

    3. Re: MacOS is not Linux by JohnFavaloroJr. · · Score: 0

      You're a dumb cunt. Probably 22 years old. Doesnt know shit about life. Can't tell your ass from a hole in the ground. Never sudo. Never Debian. Always Ubuntu. Had to get someone else to load the ISO to your USB. Couldn't figure out how to apt-get update. Forgot your SSID and blamed it on Linux. Only GUI, never terminal. User name is 1337 hacker. Suck it bitch. Linux owned you.

    4. Re: MacOS is not Linux by kurkosdr · · Score: 1

      I wouldn't call the OS a commodity when it enforces tight vendor lock-ins.

    5. Re: MacOS is not Linux by Anonymous Coward · · Score: 0

      Pizza Hut here in Europe.

    6. Re: MacOS is not Linux by BarbaraHudson · · Score: 1

      I suspect that many of us will not use the 3 shells. Expect much profanity as people collect "bad language violation" tickets to wipe their asses.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    7. Re: MacOS is not Linux by BarbaraHudson · · Score: 1

      I wouldn't call the OS a commodity when it enforces tight vendor lock-ins.

      Lock-in has nothing to do with whether something is a commodity or not. Example: roundup-ready corn. Last I looked it was both tightly protected via patents and restrictive contracts, and a commodity. Ditto for books, music, movies, smartphones, etc.

      --
      "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    8. Re: MacOS is not Linux by Anonymous Coward · · Score: 0

      I suspect that the machine won't have enough paper for an ass as big as yours.

  2. New?? by rholtzjr · · Score: 1

    They have been doing this on WoW for about a decade. Two phase authentication? Access control list by device?

    1. Re:New?? by Cmdln+Daco · · Score: 1

      And it's a pain in the ass for us Casual WoW players.

      Blizzard acts like our accounts are valuable Fort Knoxlike entities.

      It's just a game, and you make it a hassle to get into the world, Blizzard.

      I would bet, though, that Blizzard makes millions of $$ from players who take it too seriously. Hence their authentication hassles.

    2. Re: New?? by Anonymous Coward · · Score: 0

      How is it inconvienant?

      You download the phone app, and the very first time you play on a computer, use a browser to connect, etc, it asks you for a code. I've used the app for about a year, and only had to input the authorization code a handful of times.

      Vs.

      The last time I quit WoW my account was hacked during my absence, all my items were sold to a vendor, and all my gold (a few hundred thousand) transferred to someone else. When I returned Blizzard have me 500g and some green armor, and told me there was nothing else they could do.

      Seems like a very few instances of having to get my phone to input a code is a better option than starting over again.

    3. Re: New?? by rholtzjr · · Score: 1

      The one and only time it happened to me they restored everything including guild bank and all toons. The only hassle was all items were restored to the mailbox so you spent a couple of days putting everything back where it was. Since an authenticator was added, zero hacks. None of my Blizzard games have been hacked since the authenticator, but that may change sometime in the future.

      Hassle?, very little compared to what happens when you get hacked. Really the only disconcerting experience was logging on naked in the middle of nowhere.

    4. Re: New?? by Anonymous Coward · · Score: 0

      Meanwhile at Valve; "You're logging in on a new computer, check your email for your auth code"

      Simple, and it works.

    5. Re: New?? by Anonymous Coward · · Score: 0

      Nope.

      Email is a bad two-factor authentication route because many services use your email as the primary key in their database. So when something you use (eg yahoo) gets hacked, the hackers now have access to all the passwords, password resets, and two-factor authentication bread crumbs needed to get into those other services and steal them before you get a chance to lock down the yahoo account.

      In my case when yahoo was hacked, I hadn't used it for anything in the last 8 years except to recover my license keys for Adobe software. Everything else had been moved to another email system, so yahoo was essentially all spam.

      SMS is the only good two-factor key, or an iOS app. I've seen so many idiots use the Android two factor key generator and the problem with that is that, is that people who don't have a compatible phone, are 'encouraged' to use an Android emulator to run the two-factor key program. Great, that's all you need is for the VM image to be downloaded off your computer and now the hackers have access to every single thing you do.

      If you use two-factor authentication with a mobile device, make sure your device is not rooted, jailbroken or out of date (and no longer being updated.)

  3. I love PokÃf©mon Go! by drinkypoo · · Score: 1, Funny

    Come on, Slashdot. What year is it?

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    1. Re: I love PokÃf©mon Go! by Anonymous Coward · · Score: 0

      2017

    2. Re:I love PokÃf©mon Go! by Anonymous Coward · · Score: 0

      Next week: Jon Katz returns!

    3. Re:I love PokÃf©mon Go! by Anonymous Coward · · Score: 0

      Why, it's , of course.

  4. The internet's still an 'experiment' by Anonymous Coward · · Score: 0

    This modern intranet is still the "wild west". Lot's of ways to steal, the safe's are all crack-able, just like the old bank thiefs using dynamite to open a safe. Humanity continues it's game of good vs. evil.

    1. Re: The internet's still an 'experiment' by Anonymous Coward · · Score: 0

      All real safes are crackable too you know? Don't even need to break anything either.

    2. Re: The internet's still an 'experiment' by Anonymous Coward · · Score: -1

      Someone cracked my ass open and siphoned out all that delicious fecal matter. Please be on the lookout for anyone with brown teeth and breath that smells like shitty hampsters.

  5. MAYBE TRUMP CAN PERSUADE THE NORKS by Anonymous Coward · · Score: 0

    To do something about these chinese perps. If not, there is no choice but to NUKE EM NOW!

  6. What's the Point of Playing by Captain+Ramage · · Score: 1

    What's the point of playing a game if you aren't going to try to beat it? I don't mean beat it by buying your way to success, I mean beat it by using your game skills to build what you need to beat it.

    1. Re:What's the Point of Playing by Xest · · Score: 1

      The same reason people cheat in video games. Some people are such desperate failures at life that they'll go to any extreme to try and convince themselves that they're not just a waste of oxygen.

      Meanwhile, everyone else knows the truth.

    2. Re:What's the Point of Playing by tlhIngan · · Score: 1

      What's the point of playing a game if you aren't going to try to beat it? I don't mean beat it by buying your way to success, I mean beat it by using your game skills to build what you need to beat it.

      Because games are supposed to be fun, not work. If some idiot level designer makes a boss battle so unfair that after a few attempts I give up in frustration, then it's likely I'll put the game away and never to play it again. Maybe there's a good reward, but I do have a lot of other things to do with my life that the urge to complete the game must battle with the frustration of dying at the same spot for the Nth time.

      And yes, I know I'm no good at games. I play on easy mode for that reason - it gives me the best chance of getting through the game. Especially since a lot of games seem to rely on "cheap deaths" or "if you don't hit the button at the exact millisecond, you're too late".

      And no, I don't give up easily, but when my time is limited, I expect to make progress. If you have a hard boss battle, OK, but I do expect to see some progress - perhaps I die a little later a few rounds later after figuring out the right moves, and maybe I get all the way so it's at 1% health and die. That's progress. But then if I get stuck at that 1% for the entire hour of my next session, then it's frustrating and I may decide to put it down and do something else - nothing sucks more than spending 5 minutes dodging around and all that only to get screwed over at the end and have to repeat the same old same old over and over again.

      Of course, I also find buying my way to victory distasteful and have ranked a lot of freemium games as "don't play as you MUST spend money". But luckily, there are a number of games where money is completely optional - if you have determination you can progress and earn your gold or diamonds and get your way through. Funny enough how the latter games generally are better and have added replay value.

    3. Re:What's the Point of Playing by Anonymous Coward · · Score: 0

      What's the point of playing a game if you aren't going to try to beat it? I don't mean beat it by buying your way to success, I mean beat it by using your game skills to build what you need to beat it.

      Actually I believe the answer is time. I know I can pick up 900 gems\herbs or whatever it is, it doesn't take skill to collect things it takes time, and I don't want to spend 1000 hours clicking to a point because I have other things to do. So you buy gold or whatever, which saves you time and actually do the difficult things that are fun. I never played world of warcraft, but I did do this for FIFA because playing 100 matches for a pack of cards that gave you nothing is the biggest let down because you're losing to RNG.

    4. Re:What's the Point of Playing by Anonymous Coward · · Score: 0

      Also I would never do this for an actual game, but for a game that's trying to suck you into an unstable market that relies on time rather then skill like starcraft, fighting games, fps.

  7. MFA by CimmerianX · · Score: 1

    Could we please get 2 factor on some of these services that are directly connected to our wallets......please....

    1. Re:MFA by Anonymous Coward · · Score: 0

      Or perhaps you could be a bit smarter in the meantime and not give your credit cards to such devices to begin with.

    2. Re:MFA by Anonymous Coward · · Score: 0

      2-factor authentication already exist on this.