KJzCrew 5. apr 2013 kl. 11:03am
BEWARE! User Passwords Exposed by Hacking!
I would think twice before purchasing this game solely due to the lack of internal security. Although this is not the first game/company to experience hacking (think Sony), the compromising of my user data is troublesome. If you do decide to purchase/play, I highly recommend you choose a password that is unique only to this game to limit further exposure.

http://arstechnica.com/security/2013/04/war-z-taken-offline-following-hack-that-exposed-user-passwords/

Don't support this game/company any further as it is riddled with problems and pending lawsuits. Until issues are addressed or an action plan established, steer clear.

Most likely... this post will be deleted or buried per 'strict posting guidelines' of this forum. Nonetheless, I found it necessary to share this information.
Sidst redigeret af KJzCrew; 5. apr 2013 kl. 9:53pm
Viser 1-13 af 13 kommentarer
< >
xjxason 5. apr 2013 kl. 11:05am 
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
3ff3x0r 5. apr 2013 kl. 11:06am 
Buy the game > Account is hacked > buy the game > Accout is hacked ... ad infinutum
Nice business model!
3ff3x0r 5. apr 2013 kl. 11:07am 
Oprindeligt skrevet af xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Fairy tale told so.
xjxason 5. apr 2013 kl. 11:11am 
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.
KJzCrew 5. apr 2013 kl. 11:15am 
Oprindeligt skrevet af xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.

I hope you realize that it is a common misconception/myth that encrypted data cannot be 'cracked'. Encryption does have methodology that can be reversed.

"Brute Force" cracking simply refers to trial and error. For example, If I tried every possible lock combination manually.

Decrypting encrypted data IS more time consuming and tedious, but granted potential financial data may be linked is enough incentive for some individuals. Simply because you can still log into your War-Z account doesnt mean your data has been NOT compromised. I highly doubt someone would dedicate the time and effort just to take your gear. The real prize would be your financial data.
Sidst redigeret af KJzCrew; 5. apr 2013 kl. 11:15am
3ff3x0r 5. apr 2013 kl. 11:15am 
Oprindeligt skrevet af xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.

That's why they hack, if you've not informed about hacking yet. Welcome to the internet.
Sidst redigeret af 3ff3x0r; 5. apr 2013 kl. 11:16am
KJzCrew 5. apr 2013 kl. 11:16am 
Oprindeligt skrevet af xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about..

Speak for yourself. You clearly dont know much about decryption. Again, It's a common myth that encrypted data cannot be reversed. Encryption simply makes the process more tedious and time consuming.

Real hackers aren't interested in your virtual cache of virtual items/gear for a virtual, intangible game; they want your money. Simply because you can still log into your account and everything seems untouched is by no means an indication that your account data is secure and not compromised.

Ever try fighting a fraudulent charge internationally? I have not, but I know for certain the same laws that protect you in America, UK or wherever may not always shelter you overseas.
Sidst redigeret af KJzCrew; 5. apr 2013 kl. 11:23am
3ff3x0r 5. apr 2013 kl. 11:27am 
Oprindeligt skrevet af KillJoy:
Oprindeligt skrevet af xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about..

Speak for yourself. You clearly dont know much about decryption. Again, It's a common myth that encrypted data cannot be reversed. Encryption simply makes the process more tedious and time consuming.

Real hackers aren't interested in your virtual cache of virtual items/gear for a virtual, intangible game; they want your money. Simply because you can still log into your account and everything seems untouched is by no means an indication that your account data is secure and not compromised.

Ever try fighting a fraudulent charge internationally? I have not, but I know for certain the same laws that protect you in America, UK or wherever may not always shelter you overseas.

That is why there do exist a huge market for this kind of information on East Europe.
Siresly 5. apr 2013 kl. 12:22pm 
Oprindeligt skrevet af xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Oprindeligt skrevet af xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.
What the....uuuuuggh.

I am far from an expert on the subject, but I at least know more about this stuff than you do. I know for instance that "encryption" doesn't necessarily mean anything, what a salt is, that people generally don't hack into stuff for no reason, account databases take time to sift through, have value to certain people, and that these people don't plan on using that information for good.

You really, really should not be giving anyone any sort of advice or information regarding online security.
Elazul 5. apr 2013 kl. 4:47pm 
Reading these forums is like watching the carnage from a train wreck. Lawsuits in 5... 4.. 3.. 2.. 1....
KJzCrew 5. apr 2013 kl. 4:50pm 
Oprindeligt skrevet af Elazul:
Reading these forums is like watching the carnage from a train wreck. Lawsuits in 5... 4.. 3.. 2.. 1....

For what? Reposting publically available news? Besides, they have a petition for a class action law suit to deal with;

http://www.thepetitionsite.com/531/555/583/petition-for-a-class-action-lawsuit-against-hammerpoint-interactive-creators-of-the-warz/
Sidst redigeret af KJzCrew; 5. apr 2013 kl. 4:54pm
Hannibal's Leftovers 5. apr 2013 kl. 6:19pm 
Oprindeligt skrevet af xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.

Doesnt matter, they placed an intercept trojan in the database. They intercepted your passwords before they were encrypted. Same way keyloggers work. And yes, they can hack encrypted passwords as the gent above stated. They used an intercept trojan to log your password as it was typed. Might want to do some research yourself. ;) But sure, keep your existing password, Im sure its safe.............. :D
Sidst redigeret af Hannibal's Leftovers; 5. apr 2013 kl. 6:20pm
KJzCrew 5. apr 2013 kl. 9:51pm 
Bump
Viser 1-13 af 13 kommentarer
< >
Per side: 15 30 50
Dato postet: 5. apr 2013 kl. 11:03am
Indlæg: 13