Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
February 24, 2017
arrowPress Releases

If you enjoy reading this site, you might also want to check out these UBM Tech sites:

White-Hat Hacker Helps Solve  Rift  Security Exploit
White-Hat Hacker Helps Solve Rift Security Exploit
March 21, 2011 | By Kyle Orland

A player of Trion Worlds' Rift MMO has helped the development team identify and patch a security hole that opened many user accounts to hijacking and griefing.

Reports of compromised accounts started spreading through the Rift community last week, leading developer Trion Worlds to implement a Coin Lock feature to prevent item and money sales when a user logs in from a significantly different location than they had previously.

But grief-causing hackers were reportedly still able to gain unauthorized access to accounts and delete characters with impunity.

A programmer and Rift player going by the handle ManWitDaPlan was one of these victims, and used the occasion to investigate the security hole that was causing the rash of reported account theft. He eventually identified an account-control exploit and reported his findings to the Rift forums on Friday afternoon.

Trion's response was immediate and impressive, ManWitDaPlan said in an interview with MMO community site ZAM. "Steve Chamberlin, the dev lead for Rift, was on the phone with me within five minutes of my sending the technicals on the exploit, and while I was talking to him, the engineering team was likely already editing and recompiling code," he said.

"A patch was deployed just over two hours after the exploit was revealed," he continued. "The phrase 'epic win' is cliched from its overuse as a meme, but it nevertheless certainly fits here."

Rift executive producer Scott Hartsman offered his "heartfelt thanks" to ManWitDaPlan for his help with the fix, and said that less than 1 percent of accounts had been impacted by the problem. "However, 1 percent of a surprisingly large number is still very noticeable," he acknowledged (the game reached 1 million registered account last month).

Hartsman said Trion continues to hire more employees to handle these and other issues with the game, and will soon be rolling out a two-factor authentication scheme that should help foil account hackers.

Related Jobs

Warner Bros. Entertainment Inc.
Warner Bros. Entertainment Inc. — Burbank, California, United States

Executive Producer - WBIE (supporting WB Games Montreal)
Deluxe Entertainment Services Group
Deluxe Entertainment Services Group — Los Angeles, California, United States

CG Supervisor
Imbellus — Los Angeles, California, United States

UI Designer
Akili Interactive
Akili Interactive — Larkspur, California, United States

Gameplay Engineer

Loading Comments

loader image