We say "it would appear" because we didn't witness the hack for ourselves; rather than allow a hacking site to advertise itself prominently, Valve has taken the forums down "for maintenance."
We say "it would appear" because we didn't witness the hack for ourselves; rather than allow a hacking site to advertise itself prominently, Valve has taken the forums down "for maintenance."
Reader Comments (51)
Posted: Nov 7th 2011 10:44AM Cavall said
I see hackers continue to suck....
Posted: Nov 7th 2011 1:12PM drunkingamebar said
@Cavall Maybe, on the bright side though, this just shows how unprepared gaming is for digital only. The greedy dicks on top, just can't wait to ream our asses for digitally rented games that have zero value to anyone who buys them. I've never had anyone hack my Atari, NES or Master System, and I had never heard of pirating or used game sales killing them either.
Stop making shit games, stop punishing customers, and stop making systems that play burn media - problem solved. - lol maybe....
I still love my plastic.
Reply
Stop making shit games, stop punishing customers, and stop making systems that play burn media - problem solved. - lol maybe....
I still love my plastic.
Posted: Nov 7th 2011 10:52AM foxhound said
If only they would use their powers for good instead of evil... 9_9
Posted: Nov 7th 2011 10:57AM Copybass Ah jeez zombies said
@foxhound
White Hat hackers are the only cool hackers. Despite popular belief, there ARE hackers out there that do a good job of things. Even Lulzsec at one point conveyed a message of "You're not secure, please fix that", before they decided to become complete douchebags.
Every story would be a lot different if people had a "I can get into your stuff, but I shouldn't be able to, don't worry, I didn't touch anything" attitude, instead of an FPS induced "LOL I PWNED UR SYSTEM" attitude.
Reply
White Hat hackers are the only cool hackers. Despite popular belief, there ARE hackers out there that do a good job of things. Even Lulzsec at one point conveyed a message of "You're not secure, please fix that", before they decided to become complete douchebags.
Every story would be a lot different if people had a "I can get into your stuff, but I shouldn't be able to, don't worry, I didn't touch anything" attitude, instead of an FPS induced "LOL I PWNED UR SYSTEM" attitude.
Posted: Nov 7th 2011 11:10AM foxhound said
@Copybass Ah jeez zombies
Agreed, hence my earlier comment. I don't mind a person/group working for and/or notifying businesses of security lapses or functionality issues... but in this case, they were trying to insert free advertising and site amenities that I'm fairly certain Valve wouldn't have condoned.
Reply
Agreed, hence my earlier comment. I don't mind a person/group working for and/or notifying businesses of security lapses or functionality issues... but in this case, they were trying to insert free advertising and site amenities that I'm fairly certain Valve wouldn't have condoned.
Posted: Nov 7th 2011 11:22AM Faceless Troll said
@foxhound Contrary to popular belief there is no hacker Illuminati. Hackers are not a monolithic organization.
Reply
Posted: Nov 7th 2011 11:33AM foxhound said
@Faceless Troll
I never assumed there was...? -confused-
Though in addition to my original comment, if I had such "skills to pay the bills", I personally wouldn't bother risking a felonious act over being paid obscene amounts of money in this day and economy.
Reply
I never assumed there was...? -confused-
Though in addition to my original comment, if I had such "skills to pay the bills", I personally wouldn't bother risking a felonious act over being paid obscene amounts of money in this day and economy.
Posted: Nov 7th 2011 12:27PM Rubbishy Me said
@foxhound
There is a group of Scottish hackers that force down child porn sites, that's about as much as I know of "good hackers".
Reply
There is a group of Scottish hackers that force down child porn sites, that's about as much as I know of "good hackers".
Posted: Nov 7th 2011 1:12PM Copybass Ah jeez zombies said
@Midnitte
There was a student at my high school, got arrested one day for hacking into the school system and changing multiple grades, permanently locking out the sysadmin and some disliked teachers, yadda yadda, was put from grade 10 in high school, straight into a technical college in the city, paid for by his future employers at a security firm.
Reply
There was a student at my high school, got arrested one day for hacking into the school system and changing multiple grades, permanently locking out the sysadmin and some disliked teachers, yadda yadda, was put from grade 10 in high school, straight into a technical college in the city, paid for by his future employers at a security firm.
Posted: Nov 7th 2011 10:54AM Jameseh said
FknArseholes
Posted: Nov 7th 2011 10:55AM Trenta27 said
Sadly, all this is doing is advertising for them even more.
Posted: Nov 7th 2011 10:56AM Timjoy said
What the hell....
Why would they offer porn?
Why would they offer porn?
Posted: Nov 7th 2011 11:01AM Oli Hanshi said
Why valve? they had proved themselves to be decent human beings!
Posted: Nov 7th 2011 11:03AM Author X said
Apparently FknOwned denied responsibility, FYI
Posted: Nov 7th 2011 11:08AM houstons85 said
You get what you pay for.
Posted: Nov 7th 2011 11:35AM Copybass Ah jeez zombies said
@houstons85
It's funny, because looking at your comment history, you bash Microsoft, PC gamers, and Nintendo... And praise Sony.
The same Sony that lost user information during a hack this year.
I am boggled by you.
Reply
It's funny, because looking at your comment history, you bash Microsoft, PC gamers, and Nintendo... And praise Sony.
The same Sony that lost user information during a hack this year.
I am boggled by you.
Posted: Nov 7th 2011 12:09PM Faceless Troll said
@houstons85 I guess it's a good thing they only took down the forums, and not anything actually important.
Reply
Posted: Nov 7th 2011 11:19AM w00ties said
Does this form of hacking expose users passwords? I was logged in as the forum was hacked and received an e-mail from a "Steam Webmaster" promoting the hacking website. Did everyone receive these e-mails or should I be worried?
Posted: Nov 7th 2011 11:28AM Faceless Troll said
@w00ties Chances are they hacked an admin account and then did a mass send of admin emails. So if your account is enabled to receive emails from the admin that might be what you got.
Reply
Posted: Nov 7th 2011 11:23AM Fire Walk With Me said
lol they covered all the nerddom bases
Posted: Nov 7th 2011 11:28AM CaptainProtonX said
Somebody say "Porn"?
Posted: Nov 7th 2011 11:54AM Greyze said
Concur with this, After the forum was hacked I was sent an email from these guys, it appears that every user had their emails taken and received emails from FknOwned.
Posted: Nov 7th 2011 12:08PM Faceless Troll said
@Greyze Or they just hacked an admin account and sent admin emails to everyone who checked "receive emails from admin" on their settings.
Reply
Posted: Nov 7th 2011 8:08PM xxxsam said
@Faceless Troll
If they got an admin account, they can probably access everyone's email addresses anyway, as admins can generally see email addresses in most forum software. (Not saying they did - why bother, emails are worth about nothing for a zillion - probably just used the 'send bulk email' function and forgot about it, as you say.)
Provided the forum software doesn't have totally broken security, then they cannot obtain all the passwords because those will be stored using a one-way hash. In that case they can obtain (if they can be bothered) only the passwords of (a) anyone who logs in during the period from when the site is hacked until the hack is detected, and probably also (b) anyone who has a password which is crackable (dictionary words or up to about 9 characters of any alphanumeric).
This assumes the password login is managed by the software they hacked. If it's hosted by a separate single-sign-on mechanism on another server that wasn't hacked, then everyone is probably safe.
Of course, provided you use different passwords for every site like anyone sensible does these days, you're safe anyhow.
Reply
If they got an admin account, they can probably access everyone's email addresses anyway, as admins can generally see email addresses in most forum software. (Not saying they did - why bother, emails are worth about nothing for a zillion - probably just used the 'send bulk email' function and forgot about it, as you say.)
Provided the forum software doesn't have totally broken security, then they cannot obtain all the passwords because those will be stored using a one-way hash. In that case they can obtain (if they can be bothered) only the passwords of (a) anyone who logs in during the period from when the site is hacked until the hack is detected, and probably also (b) anyone who has a password which is crackable (dictionary words or up to about 9 characters of any alphanumeric).
This assumes the password login is managed by the software they hacked. If it's hosted by a separate single-sign-on mechanism on another server that wasn't hacked, then everyone is probably safe.
Of course, provided you use different passwords for every site like anyone sensible does these days, you're safe anyhow.
Posted: Nov 9th 2011 2:47PM djnforce9 said
@xxxsam: The Steam forums use vBulletin as their forum software which I can confirm from setting it up in the past that it DOES have one way hashes for passwords with salt for extra security. All passwords should be safe since all anyone could see is the resulting hash.
Reply
Posted: Nov 7th 2011 12:40PM Undulation said
That's not cool.
Posted: Nov 7th 2011 12:40PM Bardbarian said
A generally technically proficient and devout fanbase that one should not anger I would think.
Posted: Nov 7th 2011 12:55PM liquidsoap89 said
I didn't get an email, but I'm just glad Valve got the Steam Guard up. That should help to make sure no accounts are being stolen.
Posted: Nov 7th 2011 3:11PM Gibbeynator said
@liquidsoap89
Steam forum accounts are seperate from Steam client accounts.
Reply
Steam forum accounts are seperate from Steam client accounts.
Posted: Nov 7th 2011 1:22PM KillaPat said
I got the email from webmaster@steampowered.com, so I went to look on the forums to see what was going on, but the forums were already down.
Posted: Nov 7th 2011 3:17PM Cave Johnson said
This can't be much of an achievement. SPUF is down with database errors probably 20% of the time. It's annoying though, since I like to lurk the forums while at work.
| 1 | 2 |
