In what is becoming a routine occurrence, the official GameMaker community forums have been hacked yet again. The forum’s homepage was defaced, and other parts of the forum were rendered completely inaccessible.
It appears as if YoYo Games, the company who are developing the GameMaker program, quickly closed the forum to limit further damage, though as the attack is reportedly a zero-day exploit it may be difficult for them to isolate the vulnerability and prevent additional defacement.
Game Maker Blog recently interviewed the hacker who was responsible for a prior attack which compromised the usernames, emails, and plain text passwords of over 200,000 forum members. We’ve confirmed that the same hacker is responsible for today’s attack, and he has claimed that he has (again) downloaded the forum’s database.
Just checked: The hacker is a she, not a he.
I find this kinda funny. Don’t get me wrong this is horrible, but a company that gets hack twice within one month makes me laugh. TV, I know it’s not your fault, “You’ll see if they notice” could mean anything. YoYo Games must be getting a real kick to the face, realizing that their security has a flaw somewhere. Maybe they can rebuild the forums? Or something, because things like this could continue.
Maybe that’s why you can’t download Game Maker Studio right now?
I hope all of the CC data is with another company?
All credit card data is reportedly safe with payment processors, and is not stored on YoYo Games servers.
damn i just signed up on their forums.
What is it with these implications that TV should or could have done something to prevent the hacking?
He is not the scape goat.
I couldn’t agree more. Mods don’t exactly have the power to lock down the site, and getting staff that has such powers online isn’t exactly a quick process. Sometimes you have to just wait these things out and clean up afterwords.
I don’t hold him responsible for preventing the attack, but he apparently is in contact with the person who carries them out, and could be outing said individual.
Here, you are now in contact with him as well: @rootinabox
YYG really needs to get their shit together. These are not complicated hacks. Maybe they should spend some of that money they’re getting on a security expert.
Let me clarify that the hacker only hinted to me that something was happening just a few minutes before the hack actually went live. If you think there was anything I could do to stop this you are very wrong. Don’t shoot the messenger.
Don’t hide the source, either. YYG needs to properly harden their web site, but the individual who is responsible for hacking the forums needs to be outed.
Inevitable that a big website will suffer these kinds of attacks and there isn’t much they can do about it…
Did you attempt to warn someone at YYG when you found out it was going to happen?
Please refer to comments above/below.
“Nothing,” would have been a more concise answer. Thanks.
Yeah I must say this is very messed up.. talk about manufacturing news.
“You’ll see if they notice.” is exactly what I was told. It wasn’t “I’m going to hack this website again.” so there was nothing I could do. The hacker posted something similar on Twitter so it wasn’t exclusive knowledge that something was coming.
TV, what did you do when you learned this was going to happen?
I was only told something was happening about 10 minutes before it did. I asked about it, but wasn’t told anything specific. Then he messaged me when the hack was live, so I took the screenshot above and we spoke a bit then about it then.
First! – To talk to the hacker via Skype. (and to post)
TV: Personally, I like the old website better. 🙁