Last Sunday, S2 Games informed Heroes of Newerth players of a security breach that occurred and urged players to change passwords of accounts used, like e-mail accounts, for their HoN account but stated not to change their HoN passwords. They took everything down to fix the security breach immediately. All HoN passwords were expired which resulted in players having to create new passwords to access their accounts. If players changed their passwords on Monday, before 3PM EST (8PM GMT), they needed to create a new password again.
As to who was responsible for the security breach, that falls in the hands of one Ryan_HTP who bragged on Reddit how easily he was able to hack into HoN, acquire passwords, usernames, and e-mail addresses, and even sell it to other players, but claimed that her never kept the money he got from selling the HoN accounts.
The forum on Reddit had a lot of people calling him a noob when it came to hacking since SQL injections is the easiest form of hacking and stated that he just got lucky he stumbled upon the security vulnerabilities of S2.
Hacker Ryan isn’t fazed with all the people saying he lacked skills as he even stated that he could hack Valve, since it “run an old and vulnerable version of mailman” and compromising it wouldn’t be too hard, or Riot Games’ League of Legends because he found hacking HoN quite funny and he actually enjoyed that. He stated that he would release details of how he hacked HoN but he would only release that information if the vulnerabilities were already patched.
S2 stated in their latest update, that they’ve fixed the security flaw; but according to Ryan’s latest post, S2 did not patch the vulnerability.
Last year, Steam, the online gaming network ran by Valve, was hacked and warned users to keep a close watch of their credit card statements even though they stated that there was no evidence that encrypted credit card numbers or personally identifying information were taken by the hackers.
“Entertainment and where people play games is a place where people are extremely vulnerable,” says HackANGLE editor Kyt Dotson. “Many times, casual gamers who play these games have reused their passwords elsewhere–and while ordinarily these hacks don’t extend to financial details, this opens users up to having their credentials used by the hackers to attempt to get into other services. So, as always, the mantra of don’t use the same username/password combination between sites can be reiterated here. Although it’s more true that online games are a larger target because of the likelihood of actionable financial information connected to accounts, as always, also choose a strong password.”
If you’re not a gamer and wondering why people would be interested in hacking online games, then you’re probably not aware of how generous gamers could be. Some serious gamers spend thousands of dollars to buy special items, stronger weapons, tougher armors and some even trade rare items for cold, hard cash. Yes, online gaming is a gold mine, if you have a little brother, a boyfriend, male or female friends that are seriously into HoN, ask them how much they would pay for a rare skin, a bunch or runes, or what if it was possible to start every game with a Doom Bringer, how much would a gamer pay for that?