Feeds

AMD Steam-game offer suspended after keys pilfered

DiRTy snatch leaves gamers worried

Securing Web Applications Made Simple and Scalable

Data security problems have led to the suspension of a free-videogame-with-every-Radeon-graphics-card offer from AMD and Codemasters.

Three million activation codes that allowed gamers to play a free copy of DiRT 3 on Steam have leaked. AMD's redemption site, AMD4u, was left vulnerable to a .htaccess exploit. This website security flaw allowed the activation codes for the rally driving game to be extracted from a database on the site.

In a statement, AMD said that valid game vouchers would still be honoured while admitting this process is likely to be delayed, Eurogamer reports.

"Activation keys associated with free DiRT 3 game vouchers shipping with select AMD products were compromised," the statement explained. "These activation keys were hosted on a third party fulfillment agency website, www.AMD4u.com, and did not reside on AMD's website. Neither the AMD nor Codemasters servers were involved.

"We are working closely with Steam, Codemasters, and our fulfillment agency to address the situation. AMD will continue to honour all valid game vouchers, however the current situation may result in a short delay before the vouchers can be redeemed."

Steam is likely to block the codes leading to fears that anyone who innocently uses the codes as part of the promo will end up with a blocked account as a result. Chris Boyd (AKA Paperghost), a keen gamer who works as a security researcher for GFI Software, said Steam is trying to prevent such collateral damage.

"The biggest concern on the mind of a gamer would be if their PC gaming accounts – such as those utilising the Steam platform, which may be tied to hundreds of pounds worth of gaming titles – could be suspended due to using one of the stolen keys to activate DiRT 3 on their account," Boyd told El Reg. "The official Steam Support Twitter account has addressed this issue, so hopefully that will set their minds at ease for the time being."

The DiRT 3 incident caps a miserable summer for information security at games developer Codemasters. In an apparently unrelated recent incident, Codemasters was forced to pull its website offline and get users to change their passwords following a hack attack back in June. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.