After being a victim of account theft, “White Hat” hacker ManWitDaPlan started to investigate the security holes in RIFT, a new MMORPG available for PC. What he found was an exploit that allowed one to log on to any player’s account without even needing their username (or, in this case, email address) or password. While this exploit did trigger the Coin Lock, which makes it so that the character cannot sell destroy or trade his or her own items (but can still buy items normally, save for at the Auction House), it left many other features perfectly usable, including the “delete character” button.
Upon discovering this, ManWitDaPlan posted his findings on the game’s forums. Soon after, he was contacted by none other than Steve Chamberlin, the dev lead for Rift. Together, the two of them plus the engineering team fixed the exploit in little more than two hours of the exploit being revealed. Apparently, these attacks had been a constant problem and the team was eager to get rid of them.
As it stands now, the exploit has been fixed and the dev team is very grateful for ManWitDaPlan’s help. Hartsman, an executive, had this to say: “we’d definitely like to thank Mr. ManWitDaPlan for the well-timed assist. Sir, we salute you and offer our most heartfelt thanks.”
Follow us on Twitter @gamersinquest