exploit – Page 5 – MMO Fallout

Perfect World Responds To Recent Neverwinter Exploit

The Astral Diamond Exchange and Auction House are temporarily offline after a bug allowing players to duplicate astral diamonds was discovered and exploited by players. Perfect World has posted a notice on the forums that they are currently compiling data to see how widespread the effects of the exploit are, and will be using that data to determine the appropriate action to take place in response. Right now it appears Perfect World will be running character-specific rollbacks.

We are still investigating the situation. There is a high likelihood that we will be performing character-specific rollbacks on any accounts that were found to be utilizing the exploit. Additionally, we are investigating the extent of what can additional steps can be taken to remove any illegitimately obtained Astral Diamonds that have entered into the economy. At this stage, the possibility of performing a shard-wide is unlikely.

You can read the rest of the ongoing updates to the situation at the link below.

(Source: Neverwinter)

Auction House Exploit Tears Through Neverwinter

You’d best put seat belts on your ears, because I’m going to take them for the ride of their life. Perfect World Entertainment are in the midst of some very heavy damage control after an exploit popped up in Neverwinter and threw the game’s economy into turmoil. I won’t go into details about the exploit itself, partially because I would probably butcher the explanation, but the exploit involves the auction house and players duplicating mass quantities of astral diamonds and converting them into Zen.

According to MMO Fallout’s men on the field, the gateway has been shut down, and the ability to buy Zen with astral diamonds has been disabled. Some of those services may be turned back on by the time you read this. Perfect World has posted the following update on their forums:

We currently are in the process of taking action against a subset of accounts that were confirmed to have utilized exploits that affected the game balance or economy.

These accounts may be banned, temporarily or permanently, depending on the severity of exploit utilization. Anyone who is affected by this will receive notification via email.

While we have taken all precautions necessary to ensure that no false positives made it into our final list of accounts to take action against, we do acknowledge that some players who were banned may wish to follow up with us. If you had an account banned and wish to escalate the issue to our support team, please create a ticket at support.perfectworld.com or send an email to customerservice@perfectworld.com

Please note that forum discussions about specific accounts being banned is against our forum guidelines, thus any threads on the topic may be closed. Thank you in advance for your understanding.

Thank you for your patience and support while we continue to do everything in our power to ensure that Neverwinter remains a fair and balanced game experience.

-Dezstravus and the Neverwinter Team

(Source: Neverwinter)

Path of Exile Patch Removes Login Exploit

Donde los yikes! The good news is that Path of Exile is proving itself to be quite popular with the dungeon crawling gamers, bringing the server down yesterday with a peak of almost seventy thousand concurrently. Even better, as often happens when the server is overloaded, Grinding Gear Games was able to patch a bug that had not yet exposed itself prior: In very rare cases, players randomly logged into accounts other than their own.

In addition, there is a very rare bug that caused some players to log in to accounts from other players. The scope of this bug is very limited (and in almost all cases, the players logged out without disturbing anything). Fixes for both are being worked on at the moment. Because the game experience is compromised and people are disconnected due to the crashes, we have turned the game servers off until they can be brought up in a more stable state.

Happily, a patch was deployed quickly fixing the bug and the servers were brought back up, with the number of affected accounts reportedly very small. This isn’t the first time we’ve seen an account system go nuts and start giving people access to places they shouldn’t be going, NCSoft’s account service did this back in January 2010, to approximately ten people before the exploit was fixed. Similar fast action from the GGG was responsible for keeping this bug from getting any bigger than it needed to be.

(Source: Path of Exile forums)

Less Than 200 Banned For Guild Wars 2 Snowflake Exploit

I hate writing articles on bans related to exploits, they just serve to confuse players and just those who found some interest in the article. Terms like “mass ban” and “widely exploited” are thrown around when the actual numbers of how many people were using the exploit, and consequently how many were banned for it, is much less impressive than the terminology surrounding the announcement. So let’s dive in and try to not confuse those of us who haven’t been playing Guild Wars 2 recently. I’m going to try to explain this the best I can, but don’t take the description of events below as 100% accurate. Ultimately all you need to know is what is quoted by Arenanet.

Wintersday is the event Arenanet holds in place of Christmas, and just like its real life counterpart, we can’t get through the holidays without someone getting stabbed (unless that’s just my family). According to what I’ve seen in news reports and from players, an exploit surfaced early on in the event which allowed players to use snowflakes from the event to convert several absurdly cheap items along with a black lion salvage kit, to generate endless amounts of ectoplasm, which is used in creating many of the high-level items. The exploit was closed and when Arenanet came back from holiday vacation, the team set off banning the worst of the offenders.

As I’ve already said, less than 200 were banned according to Arenanet. According to the North American Community Team Lead Regina Buenaobra, the banned players knew exactly what they were doing:

The number of accounts terminated as a result of this exploitative activity is actually very small—fewer than 200. However, these people are the very worst offenders, and engaged in this exploit to egregious levels—hundreds and even thousands of times. They knew exactly what they were doing and they knew that their activities would damage the economy.

Gaile Grey, Arenanet Support Liason, posted to explain why the exploit should have been obvious to anyone making use of it:

Any time you take one thing and can make two, and then four, and then sixteen… ya gotta know that’s just wrong. (I won’t quibble on the odds, but overall, that form of doubling was not outside the realm of possibility.) And to perform that action hundreds and hundreds of times? That’s call “exploitation,” and that’s against the User Agreement, the Rules of Conduct, and all that is holy.

(Source: GW2 Forums – Number banned)
(Source: GW2 Forums – Understanding Exploits)

World of Warcraft Exploit Leads To City Massacre

In some MMOs, the idea of players being able to engage in PvP combat outside of designated areas can be horrifying. Someone gaining the ability to engage in combat where they shouldn’t could go on a rampage and make use of the full loot systems in games like RuneScape, and make the lives of many players miserable before they are eventually banned. In MMOs like World of Warcraft, the threat is slightly less present. Death is little more than a time setback, the penalty paid in a moderate fee to repair armor.

And speaking of World of Warcraft, everyone is dying. In the streets, in the houses, but mostly in the main cities. For several hours yesterday, on multiple servers, a kill exploit ran rampant through the major cities of Azeroth, with low level characters mowing down players and NPCs without a second thought. The exploit was hotfixed by Blizzard, and the perpetrators have presumably been banned. Eurogamer tracked down the source of the exploit, and found quite an interesting justification for the action:

“We had to. The first account ban for using the kill hack was issued around 30 minutes before we started nuking cities. We did so because we knew it was going to be fixed,”

Now might be a good time to explain that just because you can do something, doesn’t mean you are obligated to.

(Source: Eurogamer)

Security Warning: Massive Exploit In Ubisoft UPlay Games

[UPDATE] The exploit has been patched.

“We have made a forced patch to correct the flaw in the browser plug-in for the Uplay PC application that was brought to our attention earlier today. We recommend that all Uplay users update their Uplay PC application without a Web browser open. This will allow the plug-in to update correctly. An updated version of the Uplay PC installer with the patch also is available from Uplay.com.

Ubisoft takes security issues very seriously, and we will continue to monitor all reports of vulnerabilities within our software and take swift action to resolve such issues.”

[Original Story] What does this have to do with MMO Fallout? Nothing, admittedly. Rock Paper Shotgun is currently reporting on an extremely dangerous exploit in a handful of Ubisoft titles, specifically those that make use of the Uplay DRM. While the exploit has not been 100% confirmed, a vulnerability has been discovered which allows a website to pull up the Uplay window and install anything to its hearts content. Essentially a hijacked website could load up a user’s computer with viruses, key loggers, trojan horses, or other destructive software. According to the article, this exploit can also be accomplished via a simple email.

As the article also points out, this is not a rootkit, the exploit is in the browser plugin. If you want to lean on the side of extra security, you may want to uninstall the games completely. The (incomplete) list of affected games is below:

Assassin’s Creed II
Assassin’s Creed: Brotherhood
Assassin’s Creed: Project Legacy
Assassin’s Creed Revelations
Assassin’s Creed III
Beowulf: The Game
Brothers in Arms: Furious 4
Call of Juarez: The Cartel
Driver: San Francisco
Heroes of Might and Magic VI
Just Dance 3
Prince of Persia: The Forgotten Sands
Pure Football
R.U.S.E.
Shaun White Skateboarding
Silent Hunter 5: Battle of the Atlantic
The Settlers 7: Paths to a Kingdom
Tom Clancy’s H.A.W.X. 2
Tom Clancy’s Ghost Recon: Future Soldier
Tom Clancy’s Splinter Cell: Conviction
Your Shape: Fitness Evolved

(Source: Rock Paper Shotgun)

Picture of the ____: The Old Republic /breakdown

Leave it up to the internet to find even more humor in an already humorous bug. In The Old Republic, players discovered that using the emote /getdown causes your enemies to be unable to target you properly. Bioware has stated that no one has been banned or warned for this, so dance to your heart’s content!

If you can’t read the signature, this was made by Nikolai Trashev, who you can find here and see his other work at Minicrit.com. Check it out, his art is well drawn and hilarious to boot.

The Old Republic: Banned For Unbalancing The Economy?

Color me intrigued. There’s a bit of a hubbub going on around The Old Republic over an issue I can’t quite wrap my head around. If you haven’t been following the blogosphere, a few players pointed out to the press that they were temporarily banned from The Old Republic for looting chests on high level planets with a low level character. Patiently, I opted to wait for more information to come out before writing a story. For starters, the emails were shady looking, there was no true confirmation to their authenticity, and even then there was likely more to the story than we had been told.

There is, but not in the manner you would have assumed (glitches). Stephen Reid (of the Bioware Reids) went on the forums to discuss the bans:

To be completely clear, while players may choose to travel to Ilum earlier than the recommended level (40+) and may loot containers if they can get to them, in the cases of those customers that were warned or temporarily suspended, they were systematically and repeatedly looting containers in very high numbers resulting in the game economy becoming unbalanced.

From extensively reading Reddit and the thread linked above, I’ve sussed out that two categories of accounts were targeted: Gold farmers and exploiters. The former, permanently banned, were using throwaway characters to exploit the somewhat sparse grounds of Ilum and gather vast quantities of credits (and crafting materials?) to sell. The latter, who had received temporary bans, were “systematically and repeatedly” looting containers.

The issue here is that there is no mention by Stephen Reid of an existing bug, but the offenders are described as exploiting the system, and this is what is confusing people because it paints the picture as Bioware banning players for spending too much time camping, and in Reid’s case, being rude by taking all the loot for themselves. The discussion by Reid goes on to reference this as outside what Bioware considers “normal gameplay,” and is thus punishable.

The actions taken by these accounts – and again, this is a relatively low number – were not ‘normal gameplay’. Everything you have listed above is what we’d consider ‘normal gameplay’.

After twenty four odd pages on the linked thread above, someone finally pointed out the exact nature of the exploit: In Ilum, when control moves from Republic to Empire and vice versa, the loot boxes respawn immediately. Seeing the potential for profit, players have set up a system on servers where they simply trade control back and forth with guild members out on the field to collect the boxes. This is what Bioware is referring to by banning players for exploiting the treasure chests, and in that case I would support the temporary suspensions as long as Bioware is warning the players beforehand, which they appear to be doing, or if the activity is truly as impossible for a legitimate player to stumble upon as is being claimed.

The issue here isn’t that Bioware is slapping offenders on the wrist, but that their explanation for the offense itself is painting an inaccurate picture in player’s minds, one that is not endearing to Bioware’s case. In any case, this exploit needs to be patched out.

Turbine: Change Your Passwords

Number one question coming into MMO Fallout over the past few days: Has username and password information been stolen from Turbine’s forums? The answer, until something official can be confirmed, should be taken as a probably. While not confirming that any data was stolen, Turbine posted a news bulletin of the forum maintenance with the added note that polayers should change their passwords.

As an additional precaution we recommend that all players change their passwords by visiting http://myaccount.turbine.com. Please remember to use unique, hard-to guess passwords that are not associated with other online services or sites, and always look for and report unusual activity in your account to Turbine customer support.

I recommend changing your password proactively.

Well ****, More PSN Accounts Stolen…

Note: The above video contains strong language, not safe for work.

I imagine the above video pretty accurately describes how Playstation users are feeling today. In case you hadn’t heard, Sony has shut down the ability to log in outside of your playstation following an exploit that popped up allowing players to reset an account’s password knowing only the email and birth date of the user.

You can still log in from your Playstation and play online, and if you are affected you’ll know because you’ll receive an email thanking you for changing your password, which you obviously will not have done. There is no word at this time when the ability to log in via Playstation.com or Qriocity’s website will return.

To the best of my knowledge, this does not affect Sony Online Entertainment users.

Spread It:

Spread It:

Spread It:

Spread It:

Spread It:

Spread It:

Spread It:

Spread It:

Spread It:

Spread It: