Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Role Playing (Games) Entertainment Games

Ragnarok Online Hacked, User Data Leaked 28

Thanks to GameSpot for their article indicating a major hacking incident on the PC MMORPG Ragnarok Online. According to the piece, developers Gravity initially "..reacted by rolling back the game's data a day, as a number of users had created items with game-master privileges", but then the problem worsened and revealed an apparent server-side hack, as opposed to the client-side hacking of Shadowbane, as "...a full list of user IDs and passwords was leaked to the general public... allowing anybody to gain access to any user account." There's also a very informative post on the GameFAQs messageboards detailing the spread of the 'user.txt' file around messageboards and P2P networks. The official Ragnarok site currently only has a form for players to reconfirm their identities via email, and has offered no official statement.
This discussion has been archived. No new comments can be posted.

Ragnarok Online Hacked, User Data Leaked

Comments Filter:
  • eh? (Score:3, Funny)

    by The J Kid ( 266953 ) on Tuesday June 24, 2003 @07:56AM (#6283179) Homepage Journal
    What no link to the user.txt?

    Is this the same Slashdot that linked to the DoomIII Alpha, that we know and love?

    =P

  • This will get worse until it will be sufficiently resolved. Not this particular incident, but virtual entertainment centers getting hit with the old "in-out, in-out" trick.

    Now, will game industry take the lead in security development like it has taken in hardware limit pushing?
  • wtf? why?! (Score:5, Insightful)

    by Lord Bitman ( 95493 ) on Tuesday June 24, 2003 @08:05AM (#6283231)
    Uhm.. excuse me, but why would the passwords be storedin plain text? Is there something I'm missing here, or are MD5 and crypt's weaknesses so completely crippling that it's better to just store passwords as they are typed in?
    • by DrSkwid ( 118965 ) on Tuesday June 24, 2003 @08:16AM (#6283327) Journal
      why would the passwords be storedin plain text?

      because paging a sysop to give you a new password is too much trouble
    • That's the first thing I wondered myself. How could they be so completely amateur as to store plaintext passwords in a database that was apparently not secured from outside access. A database like this should have NO REASON for any kind of outside world contact, ESPECIALLY with the sensitive content stored within. And the fact that they AREN'T SURE whether credit card info was compromised or not is even more amazing. Sounds like someone needs to teach these guys what log files are. Don't think I'd ever trus
    • ? Is there something I'm missing here, or are MD5 and crypt's weaknesses so completely crippling that it's better to just store passwords as they are typed in?

      Dude, MD5 is, like, so 90's.

      All the cool kids use SHA.
  • Id be triple checking my credit card statements for the next couple weeks just in case. I wonder how damaging this is for the company's business itself... how many customers will pack up and leave?
  • Ha! (Score:4, Interesting)

    by Schezar ( 249629 ) on Tuesday June 24, 2003 @08:36AM (#6283547) Homepage Journal
    I used to play this back when they first put up an English server. The game is absolutely beautiful, both graphically and musically.

    Playing the game, however, was worthless. You know most MMORPGs, where you hit the rats with your little stick until you get enough XP to use the bigger stick to hit the bigger rats until you get enough XP to get the...

    Rag is just like that, only with -nothing- else to do. The chat interface was practically useless, and party system didn't work so well. The only reason I played it as long as I did (about two weeks) was the fact that the game itself is pretty enough to distract you from the fact that the gameplay is.. well, useless. Not fun.

    On another note, I have a few friends who still play the game off and on. Funny how I remember their usernames... If -only- I knew their passwords....
  • Actually (Score:3, Interesting)

    by dr ttol ( 674155 ) on Tuesday June 24, 2003 @09:45AM (#6284298)
    The RO server is 31MB. I know this because I know someone that got into their system using the SQL exploit (this was a month before Slammer used the same technique). He retrieved the actual server software and released this on the net so that anyone could emulate the server (if you had 1GB+ ram). He has done a lot to the RO folks, and I wouldn't be surprised if it was him that did it.
  • What an incredible story. I'd say somebody will lose their job over this but it seems EVERYBODY will likely lose their job over this. I can't see Gravity surviving the legal action and loss of business that will occur, and rightfully so if their security was as weak as it appears. This is a fuckup of epic proportions and the company's silence is telling.
  • I played this game during one of the free betas, and the thing that entertained me the most was the god awful Engrish statements that the company issued with some frequency. Even the EULA was hilariously mis-translated. All i could do was wonder, why would a company that is intending on making money with a product, not even expend the minimal effort to properly localize a game to another country before releasing it there?

    I let it pass for a while but it was obvious that they are just of their league. The
  • Does anyone actually pay to play this Ragnarok?? I saw it last time in Thailand but thats it.. Go play a real MMORPG like Everquest or DAoC instead.
    • Everquest is crap.

      More to the point, the MMORPG genre as a whole is, currently, crap. They're glorified chat rooms that let you click on monsters in order to obtain the power to click on bigger monsters.

      The underlying problem is the whole "leveling" concept. MMORPGers for some reason feel the need to be rewarded based on how long they've been playing. "I'm 76th level you 75th level n00b. My member is larger than yours."

      Just look at the outcry whenever someone out there is caught using a bot to level.
      • Really the same things could be said for most all activities. What do you do in your daily life that isn't a repetative menial task that could probably be done better by a machine?

        Some people enjoy these types of games (I am not one of them) for any number of reasons, whatever.
        • What do you do in your daily life that isn't a repetative menial task that could probably be done better by a machine?

          Aside from masturbation, almost nothing. A machine does the dishes, a machine washes my clothes. A machine takes me to and from work.

          I:

          1. Read. Unless you read the same book over and over again, it's not menial.

          2. Mountain bike. Different terrain every time, very difficult, couldn't be automated.

          3. Carpentry. Machines do all the menial stuff. I do the unique and interesting work.

          4
          • Lets break it down:

            Reading: menial, sure the images of the story and such in your head and the imagination you pair up with the literature is nice, but the task it self is a basic mechanical eye motion followed by information that is for the most part automatic and requires no special effort from you the reader. You read automaticially, there are countless experiments that have been conducted on this area of cognition, the old red colored "blue" word type stuff.

            Mountain Bike: In the same way, lifting up b
            • Now please explain why your past times, are conducted for any better reason?

              Aside from reading, the rest of those activities either make my body stronger/faster/not fat, or they leave me with a physical, tangible object in the real world. Physical benefit. ^_^

              I suppose my whole point was really just that the whole levelling thing in MMORPGs exists solely to keep people around paying their monies longer.

              I played an MMORPG once. The Realm, by sierra. It was a long time ago, but I had fun. I had fun be
              • Nethack? Please, that game is far more interesting and faster paced then all available MMORPGs combined. I have played Nethack and Hack for the better part of the last 20 years. (not Rogue though, thats going back a bit too far for me) and in that length of time, I still find new things everytime I play it. Thats a game!

                I used to play Ultima Online, way back when it launched, and the only reason I played it for as long as I did, was because while the ingame content was a joke (only 8 dungeons, no quests,

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Working...