The growing string of hacking attacks : Othor Games

» Mon Jun 13, 2011 10:06 pm

In the past few months we've seen attacks on http://uk.reuters.com/article/2011/06/09/citigroup-breach-idUKN0912047920110609, http://www.bbc.co.uk/news/technology-12416580, the http://www.bbc.co.uk/news/world-us-canada-13740591, http://www.bbc.co.uk/news/world-us-canada-13587785, http://www.bbc.co.uk/news/technology-13394968, http://www.bbc.co.uk/news/business-13663814, and http://www.bbc.co.uk/news/technology-13642145. This doesn't even cover the fact that email accounts for high profile officials are http://www.bbc.co.uk/news/technology-13626104.

You might want to make sure that your Email password is different from the passwords you use on other websites, and in some cases it might help just to use a different user name on every website. Without an account name hackers who do have your password won't be able to log in very easily. You're still better off just using a different password every time though, and it doesn't need to be too complex. Just avoid words, and try to jumble the characters.

And we can now add Bethesda to that list.

Discuss.

» Tue Jun 14, 2011 2:21 pm

Exorince and I are about to have that file...will report on what's in there.

» Tue Jun 14, 2011 7:04 am

Here's the "press statement" for the beth leak:

This is a story all about how we made Bethesda Softworks, ZeniMax
Media, and everything they own, our [censored] for life.

As you should know, The Lulz Boat stores vast amounts of booty;
much of this booty we don't release as it's simply too shiny and/or
delicious. As of late, certain inferior sailing boats have discovered
flaws in Brink (brinkthegame.com), thinking themselves exciting and new.

Too late. The Lulz Boat controls this ocean, chumps.

Some weeks ago, we smashed into Brink with our heavy artillery Lulz
Cannons and decided to switch to ninja mode. From our LFI entry point,
we acquired command execution via local file inclusion of enemy fleet
Apache vessel. We then found that the HTTPD had SSH auth keys, which
let our ship SSH into other servers. See where this is going?

We then switched to root ammunition rounds.
And we rooted... and rooted... and rooted...

After mapping their internal network and thoroughly pillaging all of
their servers, we grabbed all their source code and database passwords,
which we proceeded to shift silently back to our storage deck.

Please find enclosed everything we took, excluding one thing -
200,000+ Brink users. We actually like this company and would
like for them to speed up the production of Skyrim, so we'll
give them one less thing to worry about. You're welcome!

Please keep making awesome games, guys, and you should
totally add an official LulzSec top hat to new releases.

But anyway, bwahahaha... >:]

» Tue Jun 14, 2011 5:46 am

Why the need for a new thread ? In my honest opinion I believe that the hacking string thread was good enough.

oh, my bad.

» Tue Jun 14, 2011 6:56 am

Forum passwords have not been compromised

Bethblog usernames + password hashes were released along with admin configurations and server logs.

» Tue Jun 14, 2011 5:20 am

Exorince and I are about to have that file...will report on what's in there.

I just want to know if my email got leaked, as I don't think I had the same password anywhere else. Not sure though.

So what exactly does this mean for us Exorince?

» Tue Jun 14, 2011 1:09 pm

Why the need for a new thread ? In my honest opinion I believe that the hacking string thread was good enough.

Its an old forum thing. 200 posts is the limit.

» Tue Jun 14, 2011 9:39 am

Its out-of control! For everyone who has been complaining that this is all Sony's fault. We'll you're wrong. Sony is the only company doing anything about it. 35 suspected hackers have been arrested in Europe, even the FBI got hacked and they are the ones who are supposed to prevent this. BTW change your Bethesda related passwords.

» Tue Jun 14, 2011 12:58 am

I was using an old password here, which I dont use anywhere else. I changed mine though. Though it didnt look like they got the forum information.

Also, odd .rar name. "Bethesda Booty Storage"

» Tue Jun 14, 2011 12:32 am

But Bethesda Games Studios didn't develop Brink. Bethesda Softworks published it.

» Mon Jun 13, 2011 10:55 pm

I just want to know if my email got leaked, as I don't think I had the same password anywhere else. Not sure though.

So what exactly does this mean for us Exorince?

Nope, ours don't seem to be in there.

Basically, only people who really know what they're doing can really make much of the info that's in here...

EDIT: Changed 'their' to 'there'

» Tue Jun 14, 2011 2:50 am

WTF they are hacking Bethesda to pressure them for Skyrim info?

This is ridiculous!

"Bethesda, give everyone more info on Skyrim and we'll keep the user database to ourselves. However we are going to embarrass you anyway," the group wrote. They then asked for a LulzSec top hat to be added to Skyrim.

http://arstechnica.com/gaming/news/2011/06/hacker-group-lulzsec-demands-hats-threatens-release-of-brink-user-data.ars

» Tue Jun 14, 2011 1:16 pm

I just want to know if my email got leaked, as I don't think I had the same password anywhere else. Not sure though.

So what exactly does this mean for us Exorince?

It means our information wasn't leaked, so see this as an eye-opener that really any site can be potentially compromised. Don't use your important email address unless you need to, keep your passwords different for all sites, and consider using a password manager

(sorry, but this is too perfect for me to pass up a security plug)

» Tue Jun 14, 2011 12:49 pm

It means our information wasn't leaked, so see this as an eye-opener that really any site can be potentially compromised. Don't use your important email address unless you need to, keep your passwords different for all sites, and consider using a password manager

(sorry, but this is too perfect for me to pass up a security plug)

Ugh, makes me want to quit the Internet altogether, sometimes. :dead:

» Mon Jun 13, 2011 11:24 pm

What happened to the other 12 pages of this thread?

» Tue Jun 14, 2011 12:32 am

What happened to the other 12 pages of this thread?

Different thread mate...mods lock the threads at 200 posts (around 10 pages) to help with server load (they can prune old threads that are closed).

» Tue Jun 14, 2011 3:22 am

Hacking Pandemic 2011! When will it end??????

» Tue Jun 14, 2011 1:39 pm

I just want to know if my email got leaked, as I don't think I had the same password anywhere else. Not sure though.

So what exactly does this mean for us Exorince?

to be safe, you may want to change the password for your email acct associated with this forum as well.

» Tue Jun 14, 2011 9:50 am

I changed my facebook password as thats how I log in..

LulSec are behind it,I like those guys,even with this latest attack...still....

"@LulzSec: We're going to release lots of Bethesda/ZeniMax data today - however we might not release their 200,000+ users as we love Call of Cthulhu."

Oh,as of 22mins ago via they released what they have,If they have posted your emails and passwords,and it's the same for your Facebook,others in their hundreds will try to access your account,so changeyour passwords asap.

Also facebook blocked access to facebook accounts two days ago of people who signed up to pron sites with emails etc matching F.B,so If you can't log in,it maybe facebook taking steps...

» Mon Jun 13, 2011 11:59 pm

Hey all

If you want to discuss the hack itself, how it happened, and what you should do, that's fine. If you're pointing folks to where they can find the information or discussing it, that's not okay for these forums.

Thanks for understanding.

» Tue Jun 14, 2011 12:47 pm

Good god. I hate the internet. There is no real "law". I think I have more respect for petty thieves than I do for hackers. At least they have to stones to do what they do in person.

» Tue Jun 14, 2011 12:04 pm

Files uploaded by LulzSec:

Jobs Database Mapped.txt

Does this mean they have info from people who've submitted job applications to Bethesda? That's frankly more worrying than emails and username/passwords, since applications typically contain work history, phone numbers, home addresses and so on. :unsure:

» Tue Jun 14, 2011 2:19 pm

Forum passwords have not been compromised

Just as I'd finished changing all my passwords

I guess I'll be extra safe for the future.

» Tue Jun 14, 2011 5:24 am

Does this mean they have info from people who've submitted job applications to Bethesda? That's frankly more worrying than emails and username/passwords, since applications typically contain work history, phone numbers, home addresses and so on. :unsure:

There are job applications in that file, but they don't include email addresses or real names as far as I can tell.