Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
October 21, 2017
arrowPress Releases

If you enjoy reading this site, you might also want to check out these UBM Tech sites:

White-Hat Hacker Helps Solve  Rift  Security Exploit

White-Hat Hacker Helps Solve Rift Security Exploit

March 21, 2011 | By Kyle Orland

A player of Trion Worlds' Rift MMO has helped the development team identify and patch a security hole that opened many user accounts to hijacking and griefing.

Reports of compromised accounts started spreading through the Rift community last week, leading developer Trion Worlds to implement a Coin Lock feature to prevent item and money sales when a user logs in from a significantly different location than they had previously.

But grief-causing hackers were reportedly still able to gain unauthorized access to accounts and delete characters with impunity.

A programmer and Rift player going by the handle ManWitDaPlan was one of these victims, and used the occasion to investigate the security hole that was causing the rash of reported account theft. He eventually identified an account-control exploit and reported his findings to the Rift forums on Friday afternoon.

Trion's response was immediate and impressive, ManWitDaPlan said in an interview with MMO community site ZAM. "Steve Chamberlin, the dev lead for Rift, was on the phone with me within five minutes of my sending the technicals on the exploit, and while I was talking to him, the engineering team was likely already editing and recompiling code," he said.

"A patch was deployed just over two hours after the exploit was revealed," he continued. "The phrase 'epic win' is cliched from its overuse as a meme, but it nevertheless certainly fits here."

Rift executive producer Scott Hartsman offered his "heartfelt thanks" to ManWitDaPlan for his help with the fix, and said that less than 1 percent of accounts had been impacted by the problem. "However, 1 percent of a surprisingly large number is still very noticeable," he acknowledged (the game reached 1 million registered account last month).

Hartsman said Trion continues to hire more employees to handle these and other issues with the game, and will soon be rolling out a two-factor authentication scheme that should help foil account hackers.

Related Jobs

iGotcha Studios
iGotcha Studios — Stockholm, Sweden

Tools Developer
iGotcha Studios
iGotcha Studios — Stockholm, Sweden

Senior Game Design Lead
iGotcha Studios
iGotcha Studios — Stockholm, Sweden

Senior Producer
Infinity Ward / Activision
Infinity Ward / Activision — Woodland Hills, California, United States

Senior Lighting Artist

Loading Comments

loader image