Feeds

Zombie apocalypse survivors frozen in terror by hacker raid

The War Z's horrific hash haemorrhage

Business security measures using SSL

Controversial online zombie-blasting video game The War Z is on pause after hackers raided its forum and its database of players.

Publisher OP Productions has advised survivors - what it calls its 600,000 or so gamers - to change their passwords: the as-yet unidentified infiltrators of its computer systems accessed players' email addresses and obfuscated passwords, but not their banking card details for the pay-to-play shooter.

In a statement, the company said it has suspended the game and its forum for an unspecified period in order to carry out an investigation into the hack. It did not disclose the hashing algorithm used to "encrypt" the passwords nor whether the hashes were salted. It stated:

We are sorry to report that we have discovered that hackers gained access to our forum and game databases and the player data in those databases. We have launched a thorough investigation covering our entire system to determine the scope of the intrusion. This investigation is ongoing and is our top priority. As part of the remediation and security enhancement process we will be taking the game and forums down temporarily.

OP Productions called in external consultants to investigate the digital break-in, which it described as a "humbling experience". The games outfit also apologised for any inconvenience.

The War Z is a multiplayer zombie survival horror fest that has attracted criticism since its release in December.

Christopher Boyd (AKA Paperghost), an avid gamer and senior researcher for ThreatTrack Security, said the hack may have been carried out by a gamer who felt let down by OP Productions and wanted revenge.

"The War Z is itself a rather controversial title - it was pulled from [Valve's online software store] Steam a while ago due to allegations regarding its marketing and promotional claims of in-game features which didn't actually exist in the game," Boyd told El Reg.

"It's entirely possible that somebody felt short-changed amid the furore over the game and decided to take action into their own hands, especially as the game has recently reappeared on Steam. While it's a little odd that the developers don't collect names and addresses, that may be a blessing in disguise given the player data it seems the hackers had access to," he added.

A blog post by Boyd notes that screenshots showing what looks like compromised developer accounts spamming players in-game have been doing the rounds in the run-up to this week's announcement of a security breach. Boyd advises gamers to look for updates via the official Steam Community forum rather than the compromised The War Z forum. ®

Bootnote

Thanks to reader Vin K for forwarding OP Productions' statement on the data raid.

Providing a secure and efficient Helpdesk

More from The Register

next story
SCREW YOU, Russia! NASA lobs $6.8bn at Boeing AND SpaceX to run space station taxis
Musk charging nearly half as much as Boeing for crew trips
PORTAL TO ELSEWHERE scried in small galaxy far, far away
Supermassive black hole dominates titchy star formation
Boffins say they've got Lithium batteries the wrong way around
Surprises at the nano-scale mean our ideas about how they charge could be all wrong
Edge Research Lab to tackle chilly LOHAN's final test flight
Our US allies to probe potential Vulture 2 servo freeze
Europe prepares to INVADE comet: Rosetta landing site chosen
No word yet on whether backup site is labelled 'K'
Cracked it - Vulture 2 power podule fires servos for 4 HOURS
Pixhawk avionics juice issue sorted, onwards to Spaceport America
City hidden beneath England's Stonehenge had HUMAN ABATTOIR. And a pub
Boozed-up ancients drank beer before tearing corpses apart
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.