News

Steam forums hacked, Valve claims site "offline for maintenance"
Posted: 07.11.2011 13:10 by Simon Priest Comments: 10
The Steam forums have been hacked with the discussion board forced to advertise a website domain for "secure and undetected" online videogame exploits and cheats.

The official word from Valve is simply that it's "temporarily offline for maintenance," with no additional statement from the studio. Naturally users are concerned about their accounts.

The Steam store is big business and any successful attack against Valve will concern a lot of PC gamers who spend their money. Website owners of 'FknOwned.com' were behind the hack.

"Ever wanted to dominate the servers you play on with guaranteed results, but you were too afraid to cheat because of ban risks?" read spam email messages to Steam forum users. "It's safe, secure and undetected." I'm sure it's no coincidence that these 'untraceable online exploits' are thrown in gamer faces on the eve of Modern Warfare 3.

"Along with hacks, we've also got some general discussion sections, hacking tutorials and tools, porn, free giveaways and much more. This site has been conditioned to meet all your needs in terms of resources so be sure to take a look and tell us what you think," continued the group's junk email message. "Thanks again, the fkn0wned team."

There's nothing to suggest for the time being that user accounts themselves have been compromised, only the main vbulletin board code for the discussion forums. Valve is yet to offer comment. Now why can't groups like Anonymous and LulzSec target these nuisance vendors and do everyone a tremendous favour?
Source: Eurogamer

Comments

By noobst3R (SI Core) on Nov 07, 2011
noobst3R
That sucks. But luckily the vBulletin System and the user accounts are not connected in a way that they exchange user info.
By nocutius (SI Elite) on Nov 07, 2011
nocutius
I don't care if it's just the forums, as long the accounts are safe.

On another note, why does this news (unintentionally) advertise the hackers?
All it should say that there was a hack without spreading the hacker's message to the letter, seems kinda counterproductive.
By djole381 (SI Elite) on Nov 07, 2011
djole381
Meh...
By nocutius (SI Elite) on Nov 07, 2011
nocutius
...specially considering the fact that this site also had hacker problems of it's own over the weekend.
By SirRoderick (SI Elite) on Nov 07, 2011
SirRoderick
Could have blurred the site's name maybe? *facepalm*
By herodotus (SI Herodotus) on Nov 08, 2011
herodotus
So much for gamers having confidence in a Steam Wallet now. I'm interested to know what the motivation is behind this, besides anarchy and general mischief making.
By SirRoderick (SI Elite) on Nov 09, 2011
SirRoderick
The only place I trust with my money is my bank!...Oh hang on...damn.
By noobst3R (SI Core) on Nov 09, 2011
noobst3R
There is no one I trust with my money, not even my self. That's why I spend it on games.

>.
By herodotus (SI Herodotus) on Nov 10, 2011
herodotus
Just posted on the Steam Forums:

"Dear Steam Users and Steam Forum Users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe."
By nocutius (SI Elite) on Nov 11, 2011
nocutius
Ouch, this is a lot more serious than it looked.
Let's see if they'll get the same amount of flak as Sony for this.