The War Z Developers Investigate Hacking Of Forums & Database
The War Z has been surrounded by controversy since its release but this time it’s not about stolen features, bugged mechanics or copyright issues. The company were recently a target of a hacking campaign that shed light on the inadequacies of the games security structure. Below is the email sent out from the developers, attempting to convince players that there was no serious data stolen.
We’ve concluded our preliminary investigation of the attack by hackers on our forum and game. This Security Update is being issued to advise our players and forum participant on the preliminary results of our investigation. We will continue to work with security experts and our internal team to improve our game network and are cooperating with authorities in their investigation.
What we have learned.
1) Our Investigation. As soon as we learned that hackers had obtained access to our forums we began a thorough investigation, calling on our internal team as well as outside experts. For purposes of the investigation we assumed the worst, that the hackers gained access to the entire system, and reviewed the entire system for evidence of access, security vulnerability and other tampering. With the preliminary investigation completed, we have learned that the attack was concentrated on the forums. We did not find definitive evidence that our game account database was accessed.
2) Our Forums were accessed by hackers. Hackers were able to access certain administrator accounts on our forums using previously installed backdoors. Using these accounts they were able to access and delete the forums database which contains all forum messages, as well as forum participant account information.
3) Information that was accessed. The forums database contained unencrypted email addresses used to log-in to the forum, forum passwords which were encrypted, as well as IP addresses from which players log into the forum. The database did not contain player names (unless identified in their email address) and did not contain payment information, which we do not receive or retain. Forum passwords were encrypted, but our investigation indicated that many participants use weak passwords that could be guessed using brute force.
4) Access to the game. Forums are hosted independently from the game. They are not connected to the game itself. By accessing the administrator accounts the hackers were able to obtain the administrators’ passwords used for their game accounts. With these passwords the hackers were also able to access certain “dev” level game accounts and play the game using those accounts. They were able to ban up to several dozens of players randomly. We disabled the hacked accounts, identified the wrongly banned players and reversed those bans within hours of the attack.
5) No definitive proof of access to Game Accounts Database. We have not found definitive proof that hackers were able to access the game accounts database. Because we value the security of the game data and the privacy of our players we took an aggressive and comprehensive approach in our investigation. Better to be safe than sorry. Out of an abundance of caution we advised all players to change their passwords, and, if they used the same email and password for other accounts, to change those passwords as well. We suggested using longer and stronger passwords with a combination of numbers, upper and lower case letters and special characters. Although there was no evidence of access to player game accounts, we believe taking this cautious approach will help improve our game security. We are proud that our players have followed our recommendation and changed their passwords.
What we doing ?
1) As a result of our investigation, we have taken steps to improve security of the forums and the game. We took forums offline, completely wiped the forums servers and reinstalled new software. We have installed several layers of hardware and software security. Players may see some of these measures, but most are behind the scenes. In addition we have made changes for aesthetic purposes, such as switching to IPB. We are confident that the changes we have made will make our forums more secure as well as will increase usability.
2) In order to enhance game security, we took the game offline on for half a day on April 1 and 2 to completely reinstall all software we’re using, install additional hardware protection against possible attacks, and install additional third party services to help us check and monitor security of the whole system. We are continuing to invest significant resources to make our system even more secure
3) We continue actively working with several third party security experts and are giving our full cooperation to authorities in their ongoing investigations into the attack, it’s origin and methods used.
We all know that the online world is never 100% secure against aggressive and sophisticated hackers. This experience has been a humbling one for your War Z Team. We have recommitted ourselves to providing a secure and enjoyable game for our players. We will keep working to improve our game and our security in keeping with that commitment. We are sincerely sorry that this incident occurred and greatly appreciate the loyalty of our players. We will keep the firstname.lastname@example.org email account open so that we can address any questions, concerns or suggestions you may have.
The servers have come under attack before in the form of a DDOS attack but the developers claimed that they updated the security shortly after. They appears to be more lies on top of lies in the middle of a giant lie cake.