Feeds

AMD Steam-game offer suspended after keys pilfered

DiRTy snatch leaves gamers worried

The essential guide to IT transformation

Data security problems have led to the suspension of a free-videogame-with-every-Radeon-graphics-card offer from AMD and Codemasters.

Three million activation codes that allowed gamers to play a free copy of DiRT 3 on Steam have leaked. AMD's redemption site, AMD4u, was left vulnerable to a .htaccess exploit. This website security flaw allowed the activation codes for the rally driving game to be extracted from a database on the site.

In a statement, AMD said that valid game vouchers would still be honoured while admitting this process is likely to be delayed, Eurogamer reports.

"Activation keys associated with free DiRT 3 game vouchers shipping with select AMD products were compromised," the statement explained. "These activation keys were hosted on a third party fulfillment agency website, www.AMD4u.com, and did not reside on AMD's website. Neither the AMD nor Codemasters servers were involved.

"We are working closely with Steam, Codemasters, and our fulfillment agency to address the situation. AMD will continue to honour all valid game vouchers, however the current situation may result in a short delay before the vouchers can be redeemed."

Steam is likely to block the codes leading to fears that anyone who innocently uses the codes as part of the promo will end up with a blocked account as a result. Chris Boyd (AKA Paperghost), a keen gamer who works as a security researcher for GFI Software, said Steam is trying to prevent such collateral damage.

"The biggest concern on the mind of a gamer would be if their PC gaming accounts – such as those utilising the Steam platform, which may be tied to hundreds of pounds worth of gaming titles – could be suspended due to using one of the stolen keys to activate DiRT 3 on their account," Boyd told El Reg. "The official Steam Support Twitter account has addressed this issue, so hopefully that will set their minds at ease for the time being."

The DiRT 3 incident caps a miserable summer for information security at games developer Codemasters. In an apparently unrelated recent incident, Codemasters was forced to pull its website offline and get users to change their passwords following a hack attack back in June. ®

Next gen security for virtualised datacentres

More from The Register

next story
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.