Feeds

Wurm turns! DDoSed online game universe offers €10,000 bounty for the hacker's head

Swedish games duo ask players to go hunting for spoilsport

Application security programs and practises

Wurm Online, a popular massively multiplayer online role-playing game (MMORPG), has been taken offline in a troublesome distributed denial of service (DDoS) attack shortly after updating its software.

Now the founders have put up a €10,000 ($13,743) reward for the conviction of those responsible.

"Shortly after today's update we were the target of a DDOS attack and our hosting provider had to pull us off the grid for now," Wurm's co-creator Rolf Janssonon said on Wednesday.

"We will be back as soon as possible but things are out of our hands since their other customers are affected. As we wrote in a previous news post we are planning on changing hosting anyways which should improve things for the future. We can offer 10 000 Euro for any tips or evidence leading to a conviction of the person responsible for this attack."

The game, built by Swedish developers Code Club AB, is still down after being hit by the attack, but the company said that Wurm's servers were backed up to a point just before the first floods of data swamped their connections, so players won’t lose their gaming progress when service is eventually restored.

Wurm has attracted a devoted following who put up with its fairly basic graphics because it's one of the purest MMORPGs out there. Players are dropped into a landscape with no skills and everything in the game has to be made and learned one step at a time, with the landscape being totally terraformable.

Janssonon created the Wurm universe with Minecraft creator Markus "Notch" Persson, and it bears many similarities with its more popular cousin. Players can rearchitect large sections of the gaming environment and group together in villages and townships for protection and profit, but that's all on hold until the game's servers can be transferred to a hardier provider.

The Wurm team said on Wednesday that that process is going to take at least another day, although premium users will be refunded time lost, and the company reaffirmed that its backups are secure. In the meantime users in the game's forums have been baying for the blood of those who launched the attack.

"You sir, are an arse," wrote one user – presumably of British extraction – on the Wurm "Dear DDOS Attacker" thread. "I cannot speak to your motive or to what you hoped to achieve. I can only speak from my own experience and this reeks of a teens tanty when his toys are taken away… That does not change the fact that you are an arse."

It's unusual to see bounties being offered for those who take down sites, and there are some in the industry who feel that they are ineffective. But Brit security watcher Graham Cluley said there was no harm in trying.

"I guess if they rarely work there's nothing to lose in sites (particularly those with fervent followings like an online game) offering them," he told El Reg. "The cost of ongoing DDoS attacks is likely to outweigh the money they may have to pay out if anyone is ever convicted." ®

The Power of One Infographic

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.