KJzCrew 5. Apr. 2013 um 11:03 Uhr
BEWARE! User Passwords Exposed by Hacking!
I would think twice before purchasing this game solely due to the lack of internal security. Although this is not the first game/company to experience hacking (think Sony), the compromising of my user data is troublesome. If you do decide to purchase/play, I highly recommend you choose a password that is unique only to this game to limit further exposure.

http://arstechnica.com/security/2013/04/war-z-taken-offline-following-hack-that-exposed-user-passwords/

Don't support this game/company any further as it is riddled with problems and pending lawsuits. Until issues are addressed or an action plan established, steer clear.

Most likely... this post will be deleted or buried per 'strict posting guidelines' of this forum. Nonetheless, I found it necessary to share this information.
Zuletzt bearbeitet von KJzCrew; 5. Apr. 2013 um 21:53 Uhr
Beiträge 1-13 von 13
< >
xjxason 5. Apr. 2013 um 11:05 Uhr 
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Desyrel 5. Apr. 2013 um 11:06 Uhr 
Buy the game > Account is hacked > buy the game > Accout is hacked ... ad infinutum
Nice business model!
Desyrel 5. Apr. 2013 um 11:07 Uhr 
Ursprünglich geschrieben von xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Fairy tale told so.
xjxason 5. Apr. 2013 um 11:11 Uhr 
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.
KJzCrew 5. Apr. 2013 um 11:15 Uhr 
Ursprünglich geschrieben von xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.

I hope you realize that it is a common misconception/myth that encrypted data cannot be 'cracked'. Encryption does have methodology that can be reversed.

"Brute Force" cracking simply refers to trial and error. For example, If I tried every possible lock combination manually.

Decrypting encrypted data IS more time consuming and tedious, but granted potential financial data may be linked is enough incentive for some individuals. Simply because you can still log into your War-Z account doesnt mean your data has been NOT compromised. I highly doubt someone would dedicate the time and effort just to take your gear. The real prize would be your financial data.
Zuletzt bearbeitet von KJzCrew; 5. Apr. 2013 um 11:15 Uhr
Desyrel 5. Apr. 2013 um 11:15 Uhr 
Ursprünglich geschrieben von xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.

That's why they hack, if you've not informed about hacking yet. Welcome to the internet.
Zuletzt bearbeitet von Desyrel; 5. Apr. 2013 um 11:16 Uhr
KJzCrew 5. Apr. 2013 um 11:16 Uhr 
Ursprünglich geschrieben von xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about..

Speak for yourself. You clearly dont know much about decryption. Again, It's a common myth that encrypted data cannot be reversed. Encryption simply makes the process more tedious and time consuming.

Real hackers aren't interested in your virtual cache of virtual items/gear for a virtual, intangible game; they want your money. Simply because you can still log into your account and everything seems untouched is by no means an indication that your account data is secure and not compromised.

Ever try fighting a fraudulent charge internationally? I have not, but I know for certain the same laws that protect you in America, UK or wherever may not always shelter you overseas.
Zuletzt bearbeitet von KJzCrew; 5. Apr. 2013 um 11:23 Uhr
Desyrel 5. Apr. 2013 um 11:27 Uhr 
Ursprünglich geschrieben von KillJoy:
Ursprünglich geschrieben von xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about..

Speak for yourself. You clearly dont know much about decryption. Again, It's a common myth that encrypted data cannot be reversed. Encryption simply makes the process more tedious and time consuming.

Real hackers aren't interested in your virtual cache of virtual items/gear for a virtual, intangible game; they want your money. Simply because you can still log into your account and everything seems untouched is by no means an indication that your account data is secure and not compromised.

Ever try fighting a fraudulent charge internationally? I have not, but I know for certain the same laws that protect you in America, UK or wherever may not always shelter you overseas.

That is why there do exist a huge market for this kind of information on East Europe.
Siresly 5. Apr. 2013 um 12:22 Uhr 
Ursprünglich geschrieben von xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.
Ursprünglich geschrieben von xjxason:
Don't talk ♥♥♥♥ unless you know what you're talking about. I STILL haven't changed my password since the hack and my account STILL hasn't been broken into. Only idiots with passwords like abc123 password wordpass or people that try downloading fake hacks will get their accounts broken into. The hackers obviously only hacked the war z just because they could, not because they wanted to steal peoples accounts.
What the....uuuuuggh.

I am far from an expert on the subject, but I at least know more about this stuff than you do. I know for instance that "encryption" doesn't necessarily mean anything, what a salt is, that people generally don't hack into stuff for no reason, account databases take time to sift through, have value to certain people, and that these people don't plan on using that information for good.

You really, really should not be giving anyone any sort of advice or information regarding online security.
Elazul 5. Apr. 2013 um 16:47 Uhr 
Reading these forums is like watching the carnage from a train wreck. Lawsuits in 5... 4.. 3.. 2.. 1....
KJzCrew 5. Apr. 2013 um 16:50 Uhr 
Ursprünglich geschrieben von Elazul:
Reading these forums is like watching the carnage from a train wreck. Lawsuits in 5... 4.. 3.. 2.. 1....

For what? Reposting publically available news? Besides, they have a petition for a class action law suit to deal with;

http://www.thepetitionsite.com/531/555/583/petition-for-a-class-action-lawsuit-against-hammerpoint-interactive-creators-of-the-warz/
Zuletzt bearbeitet von KJzCrew; 5. Apr. 2013 um 16:54 Uhr
Hannibal's Leftovers 5. Apr. 2013 um 18:19 Uhr 
Ursprünglich geschrieben von xjxason:
ALL the passwords were encrypted. The only real passwords that were compromised were easy to figure out/common passwords that could be solved with a brute force crack.

Doesnt matter, they placed an intercept trojan in the database. They intercepted your passwords before they were encrypted. Same way keyloggers work. And yes, they can hack encrypted passwords as the gent above stated. They used an intercept trojan to log your password as it was typed. Might want to do some research yourself. ;) But sure, keep your existing password, Im sure its safe.............. :D
Zuletzt bearbeitet von Hannibal's Leftovers; 5. Apr. 2013 um 18:20 Uhr
KJzCrew 5. Apr. 2013 um 21:51 Uhr 
Bump
Beiträge 1-13 von 13
< >
Pro Seite: 15 30 50
Geschrieben am: 5. Apr. 2013 um 11:03 Uhr
Beiträge: 13