Home
Games
Media
Reverse Engineering/Private Servers
Wanna help?
Discord
Upload file
Recent changes
Page
Discussion
Edit source
View history
English
Not logged in
Talk
Contributions
Log in
Request account
Editing
June 20, 2003 Ragnarok US Hack
(section)
From RO Wiki
Jump to:
navigation
,
search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Background === On June 20, 2003, several users had created in-game items, presumably a lot of them, using Game Master accounts, which led to Gravity Interactive (US) which had been formed in January of the same year, to revert the data back 2 days to data from 18 June 2003. At the time, Gravity did not explain the reason for the rollback, but by means of compensation, they provided users with extra experience points to compensate for the 2 days they had lost. The incident continued on, when on June 22, 2003, a file titled '''user.txt''' appeared on several messageboards and P2P applications.<ref name=":0">Gamespot (2003) ''Ragnarok Online hacked, user data leaks''. Available at: https://archive.ph/lGiHU<nowiki/>(Accessed: 29 October 2023).</ref> The usernames and passwords stored by Gravity at the time were unencrypted, meaning that the file '''user.txt''' was simply shared as it was, rather than decrypted and shared. The data related to people who had pre-registered for the beta test. As a result of this file being shared, several people logged into other accounts on the service, with legitimate users noting that their account had been logged into when accessing their account. Gravity then responded to this by sending out emails to everyone effected, requesting them to change their passwords and verify themselves -- but by this time the damage had already been done as some users who had mail accounts with the same password were unable to access their email to reset their passwords. As a result, Gravity temporarily shut down servers to mitigate damage, and did not respond when asked if this leak also could potentially relate to credit card information.<ref name=":0" /> ==== Interesting asides ==== In the research for this article, a comment was found<ref>https://web.archive.org/web/20210213213859/https://games.slashdot.org/story/03/06/24/0531236/ragnarok-online-hacked-user-data-leaked</ref> from a Slashdot user which indicated that the previous (or current) attack utilised the SQL Slammer injection vulnerability, which was widely used by the Slammer Worm, a piece of malware which also abused this vulnerability. The RO server is 31MB. I know this because I know someone that got into their system using the SQL exploit (this was a month before Slammer used the same technique). He retrieved the actual server software and released this on the net so that anyone could emulate the server (if you had 1GB+ ram). He has done a lot to the RO folks, and I wouldn't be surprised if it was him that did it.
Summary:
Please note that all contributions to RO Wiki are considered to be released under the GNU Free Documentation License 1.3 or later (see
Ragnarok Wiki:Copyrights
for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource.
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:
Cancel
Editing help
(opens in new window)
Tools
What links here
Related changes
Special pages
Page information