Jump to content


Photo

Gmc Hacked Again.


  • This topic is locked This topic is locked
115 replies to this topic

#1 Mike.Dailly

Mike.Dailly

    Evil YoYo Games Employee

  • Administrators
  • 3019 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:20 PM

So it appears that we've once again been hacked. We've done what we can to help protect the forums, but we're all human, and no software is totally secure, and if someone really wants in, there's not a lot we can do about it. As a precaution  you should once again change your passwords, preferably using a unique one that you don't use anywhere else - just to be safe.

 

We're extremely sorry for the inconvenience, and will continue do try our best to keep things secure, but for now please change your passwords and accept our apologies.

 

Mike


  • 17

#2 Chrscool8

Chrscool8

    Call me Chris.

  • GMC Member
  • 2098 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:22 PM

It's understandable. I might not speak for everyone, but it's alright, Mike. Stuff happens.


  • 1

#3 MonkeyMaw

MonkeyMaw

    GMC Member

  • GMC Member
  • 296 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:24 PM

These people are idiots Mike, with nothing better to do, so no worries. Imagine if they put all that wasted time into something productive!


Edited by MonkeyMaw, 09 May 2013 - 05:24 PM.

  • 0

#4 legocjman

legocjman

    Soldier of Christ

  • GMC Member
  • 639 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:25 PM

Should send out an email to the affected members (everyone) and let them know. Depending on how it's handled, YYG has the opportunity to gain it's user's trust instead of losing it.

 

Still makes me laugh thinking about how long it's going to take to decrypt a 256-character password... :teehee:


  • 5

#5 Futhark

Futhark

  • GMC Member
  • 891 posts
  • Version:GM8.1

Posted 09 May 2013 - 05:27 PM

@Mike.Dailly

Will you guys be sending out emails or PMs to GMC forumites about the need to change passwords?


  • 1

#6 faissialoo

faissialoo

    I get high on orange

  • GMC Member
  • 1141 posts
  • Version:GM8

Posted 09 May 2013 - 05:30 PM

I have used a way more secure way to store my passwords, and they are millions of times stronger than my previous ones, here is a tip guys, use last pass


Edited by faissialoo, 09 May 2013 - 05:31 PM.

  • 0

#7 FatalSleep

FatalSleep

    FatalSheep?

  • GMC Member
  • 3129 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:32 PM

@Mike.Dailly

Will you guys be sending out emails or PMs to GMC forumites about the need to change passwords?

I believe this would help as not everyone might see this topic.


  • 2

#8 Futhark

Futhark

  • GMC Member
  • 891 posts
  • Version:GM8.1

Posted 09 May 2013 - 05:35 PM

 

@Mike.Dailly

Will you guys be sending out emails or PMs to GMC forumites about the need to change passwords?

I believe this would help as not everyone might see this topic.

 

 

If they feel it would be(come) a case of "spamming" users asking them to change their PW, then there must be some other work around.
Some forum-board software has a "blanket force", when set it asks the users to change their pw, or they can't log on.  Which might be the best thing, i.e. to force users to change their PW the first time they re-log on after a hack like this.


  • 0

#9 MissingNo.

MissingNo.

    Disco Inferno

  • GMC:Member
  • 354 posts
  • Version:GM8.1

Posted 09 May 2013 - 05:37 PM

Wait Nocturne's name was in green and it said he was yoyo staff? now his name is in red and it just says

he's an administrator. wtf is going on? 


Edited by MissingNo., 09 May 2013 - 05:45 PM.


#10 N-cubo

N-cubo

    GMC Member

  • GMC Member
  • 81 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:43 PM

Again?!  :verymad:

But if you don't change the forum software (IP.Board) can happen a third attack?


  • 0

#11 Lawsome

Lawsome

    Hail Ducks

  • GMC Member
  • 226 posts
  • Version:GM8

Posted 09 May 2013 - 05:48 PM

As I said in the other topic, when you've got a community filled with programmers, you're going to bump into a few immature ones. It's not anything about the security of the forum or YYG, all forums are like this, but some have a community of people surrounding them who are very good hackers.


  • 3

#12 legocjman

legocjman

    Soldier of Christ

  • GMC Member
  • 639 posts
  • Version:GM:Studio

Posted 09 May 2013 - 05:50 PM

but some have a community of people surrounding them who are very good hackers.

 

OR script kiddies who leach off of the really good hackers. ^


  • 0

#13 soccer99

soccer99

    Unschooled Developer

  • GMC Member
  • 524 posts

Posted 09 May 2013 - 06:00 PM

I haven't been to this forum in a long time but a few of my online accounts were just hacked today.  I've been using the same password (or slight variations) on all my online accounts for a long time and both my facebook and email were hacked.  Checking all my accounts to make sure there aren't more.  This was one of my accounts I was going to check and I guess I found the source!

 

My facebook account told me the unauthorized login came from Melbourne Australia, incase anyone was curious haha.  That may very well be where this hacker is from.


  • 0

#14 legocjman

legocjman

    Soldier of Christ

  • GMC Member
  • 639 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:02 PM

@soccer99

 

You should always use different passwords for your accounts, especially vital ones such as email. I would recommend changing all your passwords, then storing them in a program (I recommend Keepass) that will encrypt them. Most of them also have password generators as well.


  • 0

#15 DoubleD33D

DoubleD33D

    GMC Member

  • GMC Member
  • 114 posts
  • Version:GM8

Posted 09 May 2013 - 06:05 PM

Maybe if YoYoGames stopped using this ****ty board software, or learnt how to run a server


  • -20

#16 legocjman

legocjman

    Soldier of Christ

  • GMC Member
  • 639 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:17 PM

Maybe if YoYoGames stopped using this ****ty board software, or learnt how to run a server

 

Complete security is a lie, and anyone who has thought about the process of security knows it. There is always a vulnerability, and sometimes, there just isn't anything you can do about it besides damage control. You do what you can to prevent a breach, and you minimize the damage that would result from it. It doesn't have anything to do with learning how to run a web server, they know quite a bit about it. Seriously, the only thing you can criticize them about is if there was anything that could be done to prevent it, but didn't (note that this was a zero-day exploit, there wasn't anything they could do about it), or in the way they handled it, which is still too early to tell. Please, "learnt" more about what is going on (and read up on your spelling) before posting on something you don't know about.


  • 2

#17 MonkeyMaw

MonkeyMaw

    GMC Member

  • GMC Member
  • 296 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:18 PM

 

Maybe if YoYoGames stopped using this ****ty board software, or learnt how to run a server

 

Oh that's the spirit, really helpful.
 


  • 5

#18 Debels

Debels

    GMC Member

  • GMC Member
  • 2636 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:21 PM

Maybe if YoYoGames stopped using this ****ty board software, or learnt how to run a server

 

Every board/forum has its exploits, doesn't matter how many times you change it, its just finding where the exploit is, patching it and moving on. That is the only way you can fix them :P

 

Besides they have way better things to do than attend a few immature hackers trying to get some attention.


  • 4

#19 NakedPaulToast

NakedPaulToast

    GM Studio/Mac/Win

  • GMC Member
  • 8125 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:23 PM

Maybe if YoYoGames stopped using this ****ty board software, or learnt how to run a server

Maybe you could explain how to protect against a zero-day exploit?


Edited by NakedPaulToast, 09 May 2013 - 06:24 PM.

  • 3

#20 Arusiasotto

Arusiasotto

    GMC Member

  • GMC Member
  • 759 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:27 PM

It would also help if those in the community who are in contact with the individual reported him to authorities instead of relaxing in an IRC channel discussing how cool it is that he's going to sell all that information to Runescape RMTs.


  • 8

#21 Rusty

Rusty

    The Rustic One

  • GMC Member
  • 2687 posts
  • Version:GM8

Posted 09 May 2013 - 06:35 PM

 

Maybe if YoYoGames stopped using this ****ty board software, or learnt how to run a server

Maybe you could explain how to protect against a zero-day exploit?

You take down the forum immediately, repair the damage and put the forum back up.

 

Oh wait...


  • 1

#22 makerofthegames

makerofthegames

    Never you mind!

  • GMC Member
  • 7524 posts
  • Version:GM:Studio

Posted 09 May 2013 - 06:59 PM

It would also help if those in the community who are in contact with the individual reported him to authorities instead of relaxing in an IRC channel discussing how cool it is that he's going to sell all that information to Runescape RMTs.

Perhaps the Twitter people could help YYGs.
  • 0

#23 NakedPaulToast

NakedPaulToast

    GM Studio/Mac/Win

  • GMC Member
  • 8125 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:15 PM

It would also help if those in the community who are in contact with the individual reported him to authorities instead of relaxing in an IRC channel discussing how cool it is that he's going to sell all that information to Runescape RMTs.

Report to which authorities?

And what exactly are they going to report?

 

IRC user: I'd like to report a hacking.

Authorities: Do you have their name?

IRC user: No.

Authorities: Do you have their location?

IRC user: No.

Authorities: Do you have their IP address?

IRC user: No.

Authorities: Do you know anything about them?

IRC user: He's using the username rootinaboxxy.

Authorities: Anything else?

IRC user: He's on the Internet.

Authorities: We'll get right on that.


  • 4

#24 GameDevDan

GameDevDan

    YoYo Games Staff

  • Administrators
  • 1201 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:25 PM

Cheers for the heads up.

 

My password here is and always has been different to all other accounts, and important accounts all have different complex passwords, so I guess that makes me one of the people really relaxed about this XD


  • 0

#25 Futhark

Futhark

  • GMC Member
  • 891 posts
  • Version:GM8.1

Posted 09 May 2013 - 07:33 PM

 

It would also help if those in the community who are in contact with the individual reported him to authorities instead of relaxing in an IRC channel discussing how cool it is that he's going to sell all that information to Runescape RMTs.

Report to which authorities?

And what exactly are they going to report?

[...]

 

 

Good question that.

YYG could first of all contact Twitter and ask them to stop harbouring known hackers.

YYG might be able to at least get the rootboxwhatever Twataccount closed.

And contact some of the other companies the "hacker" has already listed.

 

Close the bast down,

hound him out of town.

He tries it again,

YYG cures the pain.

[word up to yo momma!]


  • 0

#26 commander of games

commander of games

    Kaos Kreator

  • GMC Member
  • 2883 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:38 PM

Well, this sucks. And this time the hacker seems to be using it for things other than hacking Runescape accounts.

You say he's bragging on IRC? Really?
  • 0

#27 gnysek

gnysek

    GMC Member

  • GMC Member
  • 511 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:40 PM

WHAT A SHAME. Was it again a server-side script uploaded to server?


  • 0

#28 commander of games

commander of games

    Kaos Kreator

  • GMC Member
  • 2883 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:44 PM

Hopefully my accounts on other sites are safe.

Edited by commander of games, 09 May 2013 - 08:27 PM.

  • 0

#29 Overloaded

Overloaded

    -*/ /*+

  • GMC Member
  • 914 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:48 PM

Hm... we need to change passwords again right?


  • 0

#30 Mailas

Mailas

    Send in the Mail

  • GMC Member
  • 5680 posts
  • Version:GM:Studio

Posted 09 May 2013 - 07:51 PM

Hm... we need to change passwords again right?

 

"As a precaution  you should once again change your passwords, preferably using a unique one that you don't use anywhere else - just to be safe."


  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users