Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rift concerns


  • Please log in to reply
4 replies to this topic

#1 Shivers

Shivers

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:18 AM

Posted 09 March 2011 - 12:54 PM

Hi

First a note for legal reasons: There is no attempt to place any blame on Trion Worlds or any other party and any concerns raised are quite possibly based on paranoia. I am merely pointing out some concerning facts that are likely to be coincidence so that people with more security knowledge than myself are aware of them. I AM NOT A SECURITY EXPERT AND DO NOT CLAIM ANY SUPERIOR KNOWLEDGE. and advice is welcome.

Rift is a new MMO from Trion Worlds (a relatively new company). I actually like it and would very much like to play it. If it is safe. I played it in Beta and headstart but due to some concerns have not picked up my pre-order. Headstart was on the 24th Feb, US release was 1st March, UK release was 4th March.

1. The patcher behaved oddly. It attempted to connect to the internet while already patching (I noticed this on the 1st of March)... I blocked this second attempt and it nad NO EFFECT on the patching or running of the game. So why was it doing it? Additionally that was the last time that my previous laptop was working. I have so far put this down to coincidance. I had it checked out and it appears to be a motherboard problem. It had been running hot and the fan was quite dirty.

2. There have been a lot of hacked accounts reported on the Rift forums. Unusually high in my opinion. I have played MMOs at release before and have never seen anything like it. Many of the people hacked claim to have been playing MMOs for many years without difficulty, some had multiple layers of security including noscript on Firefox (this is relevent as most MMO compromised accounts are due to keyloggers.) At least one I recall reported System Tool. I don't have any figures but from the number of complaints it appears to be outside of what I would expect is the standard deviation for these attacks. It doesn't seem fair to just put it down to user error. (to the best of my knowledge my account was not compromised)

3. Headstart was on the 24th of Feb. I noticed something on the bleeping computer front page about a massive increase in System Tool infections from the 25th of Feb onwards.

4. Trion World's security doesn't seem to handle brute force attacks too well (there doesn't appear to be a limit on number of login attempts). They are working on increasing security. Additionally if a player is kicked out due to another login they can reconnect without putting in a password. This obvioulsy applies to hackers too. so even changing password while being hacked and disconecting the hacker by logging in doesn't work. (and wouldn't be effective if you had a keylogger anyway).

So is there a link between System Tool and all these 'hacks'? I don't know anything about System Tool other than it spoofs a security alert.

Is there any chance that there is a security issue with the game itself? Chances of a patch having been infected? Chances of an inside man...? (Ok, getting into conspiracy theory territories with that one :P) Some people a blaming the forums for having the same login details as the game account and that the username is the linked email address.

Are all the hacks just from brute force attacks? Or are they just from some new worm slipping a keylogger past everyones security (or however these things are implanted)? Any recomendations on securing accounts/computers? People have suggested things like copy pasting passwords but as I understand it that doesn't actually work against a keylogger. I'm not too good at remembering my passwords at the moment so having a huge list of unintelligable passwords doesn't seem like a good idea either (unless I want to reset my password evertime I log in anywhere).

I have said, my previous computer is dead so I have a new one. I really can't afford to take risks with my computer. I would like to play Rift. (I also just don't like not knowing... so would like answers just for curiosity's sake.)

Any comments on my comments or advice would be appreciated. I'm hoping someone knows more than I do about this.

ps. I do not and have not had Rift installed on any currently working computer so can not provide further details on the actions that its components take.

BC AdBot (Login to Remove)

 


#2 the_patriot11

the_patriot11

    High Tech Redneck


  • BC Advisor
  • 6,755 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wyoming USA
  • Local time:10:18 PM

Posted 09 March 2011 - 07:15 PM

off hand, any of the above scenarios are definetly possible, but I have no real experience with that game to say for certain.

picard5.jpg

 

Primary system: Motherboard: ASUS M4A89GTD PRO/USB3, Processor: AMD Phenom II x4 945, Memory: 16 gigs of Patriot G2 DDR3 1600, Video: AMD Sapphire Nitro R9 380, Storage: 1 WD 500 gig HD, 1 Hitachi 500 gig HD, and Power supply: Coolermaster 750 watt, OS: Windows 10 64 bit. 

Media Center: Motherboard: Gigabyte mp61p-S3, Processor: AMD Athlon 64 x2 6000+, Memory: 6 gigs Patriot DDR2 800, Video: Gigabyte GeForce GT730, Storage: 500 gig Hitachi, PSU: Seasonic M1211 620W full modular, OS: Windows 10.

If I don't reply within 24 hours of your reply, feel free to send me a pm.


#3 Cpt Fetta

Cpt Fetta

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:18 AM

Posted 16 April 2011 - 03:00 AM

RIFT community has been rocked by a seemingly endless onslaught of accounts being compromised. Account security is an incredibly touchy subject with MMO players, and once it became apparent that this was an epidemic rather than a handful of occurrences.

They just released authenticator, and fixed the security issues they started out with.

#4 aarondfong

aarondfong

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:18 AM

Posted 19 April 2011 - 01:50 PM

There has been some rumors that the damage meters have key loggers in it. Some of my guildes have it and their accounts were hacked. I haven't used it and my account hasn't been compromised at all. Also people have been sending out emails claiming to be Trion worlds, asking for you to login an fix something.

#5 easyrider2

easyrider2

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:18 AM

Posted 24 June 2011 - 05:17 PM

I haven't played it yet but it seems I am going to wait now ;)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users