In Memoriam - Discussion Forum: LOTRO HACK

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site,
or upgrade to a Web browser that does support JavaScript; Firefox, Safari, Opera, Chrome or a version of Internet Explorer newer then version 6.

View Thread

In Memoriam » General » Nexus

LOTRO HACK
Mith	#1 Posted on 14-10-2011 11:15
Super Administrator Posts: 214 Joined: 22/09/2006 00:03	http://lotrocommu...eitslucke/ da sehr viele accounts gehackt worden sind dachte ich mir ich gucke mich mal ein bischen auf lotro.com um ich hab dort eine sicherheitsluecke gefunden, wodurch man zugriff auf die db hat /auch das offizielle forum/ BITTE ALLE SOFORT PASSWORT ÄNDERN ich hab die luecke bereits an turbine geschickt. wenn ein admin hier einen beweis braucht um das zu verifizieren kann er mir bitte eine pm schicken. ICH habe weder eure daten oder sonst was ausgespäht! ich kann nicht genau sagen auf welche daten man genau zugriff hatte (auf die offiziellen foren daten zu 100%), weil ich nicht die komplette datenbank durchsucht habe und dieses auch nicht in meinem anliegen war. BITTE VERTEILT ES, ICH HABE BEREITS EIN POSTING IM OFIZIELLEN FORUM GETÄTIGT UND DER FRED WURDE SOFORT IN EINEN NICHT SICHTBAREN BEREICH VERSCHOBEN! gruss freundlich edit: die sicherheitsluecke hat mit der migration von codemasters zu turbine zu tun, da wurde wieder schnell schnell eine lösung programmiert und nicht auf sicherheit geachtet Traducción de Google por un usuario: turbine was from me by Sunday night ticket information. no response on Monday, so I wrote a thread in the forum of the turbine has been deleted. no reaction. I then wrote an email to until yesterday, no response. I had even told the exact url turbine. as more and more people have been hacked, which I know to some, I have given the warning I get out of here. I'm here with three names and email passwordhashs (without salt) to the published evidence. (one probably was not right of me) then probably valandir told by twitter and immediately draufhin sapience what was checked and the forum is closed since * facepalm * what was missing since the migration from CodeMaster of turbine (because it was only possible) each and everyone could actually access the data. date on which banks can access exactly knows I had not, because I have not analyzed everything. The fact is. they had access to over 1 million the data related to the Forum. there were addresses, according to columns, payment, email, passwords etc stored. Aquí Screenshots y pruebas: http://tweakers.n...ikers.html Edited by Mith on 14-10-2011 11:31


Mith	#2 Posted on 15-10-2011 02:02
Super Administrator Posts: 214 Joined: 22/09/2006 00:03	Han actualizado el mensaje, a buenas horas.... Recently, we were made aware of an issue with the security of our LOTRO community web applications. Protecting player accounts is a top priority and we take any potential issues seriously. As a result, we closed all of our forums as we investigate the situation. We are continuing to investigate and the forums will not reopen until this work is complete. As an additional precaution we recommend that all players change their passwords by visiting http://myaccount.... Please remember to use unique, hard-to guess passwords that are not associated with other online services or sites, and always look for and report unusual activity in your account to Turbine customer support. Thank you for your patience. We look forward to restoring all community features as soon as possible.

Jump to Forum: