The coin-lock system in Rift is, as I mentioned, a substandard method of stopping account theft because it doesn’t impact what Trion has referred to as the cause of 80% of all hacked accounts: Keyloggers. With what Trion has referred to as a nonstop attack on the account databases and servers, it was only a matter of time before one of the parasites made it through, as shown just this past week when a player managed to log into another player’s account with their details.
If this were, say, Runes of Magic, the person who found the vulnerability might put thousands of accounts as hostage until the company fulfills a list of demands that could only come from a frothing-mouthed disenfranchised fanboy, but rather than setting himself up for a bunkmate, Mr. ManWitDaPlan alerted Trion to the exploit, and the team has managed to fix it.
The vulnerability existed deep in the server code, dealing with the error checking of the login validations. If this is Greek to you, just feel safe that it’s been fixed.
An important lesson to be taken from this is a reminder that bugs will always occur, and sometimes they have a much larger implication than others. In this case, I have to hand it to Trion for their fast response and willingness to work with the guy who discovered the exploit. As Trion put it:
We do block them as they are detected, but the fact that they are using distributed botnets (compromised computers from across the globe) means that this will remain something that we will continue keeping an eye on, forever.
So score one for Rift, and for Trion’s ability to recover from a setback.
MMO Fallout 