The saga of NCsoft account security continues with the confirmation that an existent exploit in NCsoft’s systems. Not too long ago, I reported on Scayth, an Aion player whose account was compromised while it was inactive. The account was looted, and one or more of the characters may have been used for gold farming purposes.
Thanks to Scayth’s ongoing updates over at Aionsource, he was able to procure a reply (finally) from NCsoft over the account issues. The full image is below, but I will summarize:
- The majority of accounts compromised have been through social engineering, viruses, fansites, and keyloggers.
- The account was never hacked, the individual characters were. The account itself was not in any danger.
- The hacker was able to use packet manipulation to access different characters at whim. The process is “very complicated” and did not give them full access.
- Few characters can be accessed in this fashion, Scayth just happened to be one of the unlucky few, among 10 others who were also restored.
- The process tricked the system into believing that the character belonged to that account.
- The servers were hotfixed to prevent this that same day.
What will come next in the NCsoft security saga? MMO Fallout will certainly be here to cover the events.
MMO Fallout 