by

The War Against Runes Of Magic

DATELINE: January 11, 2011. The following image is posted to the German home page of Frogster’s “Runes of Magic”, one of the most popular free-to-play MMOs with over 4 million users.

The image was quickly removed, and the Frogster community team posted the following to their forum (along with the pic):

Liebe Runes of Magic Spieler,

wie viele von euch bemerkt haben, wurde einer unserer Frösche schmerzhaft von einem Auto angefahren. Ihr müsst euch keine Sorgen machen, von diesem Frosch abgesehen waren alle angeschnallt.

Er wurde sofort auf die Rettungsstation gebracht und hüpft auch schon wieder.

Hier eine kleine Aufnahme seines momentanen Zustandes:

Eure Accounts sind von dem Unfall nicht betroffen. Es gab einen unbefugten Zugriff auf unser Content Management System. Betroffen sind damit nur die Zugänge der maßgeblich an der Webseitengestaltung Beteiligten, insbesondere also dem Community Management Team.

Die Straße zu dem Unfallort ist vorerst gesperrt worden, wir wünschen dem Frosch eine gute Besserung.

Euer Runes of Magic Team

(Bad machine-assisted translation:)

Dear Runes of Magic players:

As many of you have noticed, one of our frogs was painfully hit by a car. You have nothing to worry about, apart from this frog everyone is fine.

He was immediately taken to the medical station and now jumps again.

Here is a small review of his current condition:

Your accounts are not affected by the accident. There was an unauthorized access to our content management system. The only parties affected were ones working with the website design, ie in particular the Community Management Team.

The road to the accident site has been blocked for the time being, we want the frog to have a good recovery.

Your Runes of Magic Team

DATELINE: Several hours later, Runes of Magic official forums (click for full size image:)

The post concludes with a long list of usernames and passwords for the forum.

DATELINE: January 13, 2011. The Runes of Magic community team responds, a bit more seriously.

An anonymous attacker has threatened to release log-in data unless his terms are met. He is demanding that forum communication practices and technical aspects of Runes of Magic operation be changed. To support his claim, the attacker has already posted the log-in details of approx. 2,100 accounts to the forum. To protect the affected players, the posts in question were naturally removed immediately and secured as evidence. The attack constitutes a serious criminal offence, and we immediately informed the German State Office of Criminal Investigation and pressed charges.

It is important to note that the data released was outdated log-in data from 2007, long before our comprehensive password reset initiative. Nevertheless, we immediately blocked the relevant accounts (account management, forum, and game access) of the affected players for their protection. Accounts changed by you after the password reset have not been affected thus far.

We promptly assembled a task force and are of course making every effort to get to the bottom of this incident. We are utilising every means at our disposal to minimise the damage and to prevent such threats in the future. We have already implemented additional security measures today. As soon as all the necessary steps have been taken with regard to operational and criminal processes, we will inform you of further developments on this matter.

This incident is very distressing to all of us. It is targeted not only at Frogster as a company, but also at Runes of Magic as a virtual biosphere and at you as players. We are always open to constructive suggestions. However, giving your opinion on blackmail and extortion is surely not the correct approach.

DATELINE: Today. The hacker, calling himself “cptz3r0”, uploads an Anonymous-style video to Youtube with new threats.

Right now we have more than 3 Million and 5 hundred thousand accounts. 5 hundred thousand of them are already hacked and verified. Your other Games like Bounty Bay Online and Tera are affected too. So you better dont mess with us. Take this serious. Change your mind. Become a valued member of the community and stop abusing them.

After two weeks we will coming back.

For any MMO, this is, in terms of security, the worst case scenario.

Discuss: Implications?