Metin2Us Został Złamany! Hakerzy Robią Co Chcą!

[Edek Skarpeta]

Oficjalny cytat z oficjalnego forum Metin2US, baza MySQL została złamana! Czy to koniec metina? Wypowiadajcie się!

Hacks have always existed for Metin2 in some degree or another, but these have almost always been client side hacks. They worked by altering the way the client behaved on the player's computer. However, we are receiving reports and confirmation from staff of various Metin2 servers that a whole new (and much more dangerous) exploit is now in use.

 

Such an exploit is this time server side. This means that the Metin2 server software itself has been compromised. In the screenshot above, hackers have been able to notify players with gold site spam.

 

Don't take this news lightly - with the server itself being compromised, this makes many things possible for hackers that should not be. Metin2 [GM]s have varying levels of power, and via this exploit, hackers can achieve the highest level of [GM] power. Some of the things that have already occurred on various servers:

 

* Character Creation - One server has reported new characters being created via unauthorized commands. They were within minutes level 80+.

* GM - As is visible above, actions that are normally locked down and only available to [GM]s can be exploited by spammers. This includes notices, and likely the summoning of monsters, teleportation and various server settings.

* Item Mall Vulnerabilities - This will quickly become a nightmare for server operators. The hackers can control all aspects of the item mall - giving themselves however much item mall points as they want, or directly depositing items.

* Skill, Item and Gold Modification - Servers that have had accounts created have also found them kitted out with billions in gold, and godly statted / leveled items.

 

 

At the moment, servers that have suffered confirmed attacks include Metin2 DEMetin2 DE, Metin2 ESMetin2 ES and Metin2 PLMetin2 PL. Servers that have not been confirmed exploited by their staff, but have likely also suffered from this security hole likely include pretty much every Gameforge server, Metin2 SGMetin2 SG, as well as G4BOX's Metin2 USMetin2 US.

 

This is a serious new threat for all official Metin2 servers. So far, many illegitimate characters have been created. Thousands of illegal items have been created, and a staggering amount of mall points (or mall points' worth of items) have been disseminated. Think hundreds of thousands, possibly going into the millions as this exploit remains unpatched.

 

Metin2 SGMetin2 SG's website is down for various planned upgrades of core systems, including security enhancement. Multiple non-critical Gameforge servers have also been shut down, though forums and so on should remain up. Registration has also been disabled for many servers.

 

YMIR, the creator and developer of Metin2, is already aware of the issue, and has acknowledged its existence. Worryingly, their English speaking contact revealed that currently YMIR's team is still not sure as to exactly how this is possible.

 

For now, the best thing for players to do is take screenshots of all of their precious items, and play carefully. As always, do not visit or attempt to use gold/yang or item/account selling services. This exploit can give attackers partial access to the server's database also, so we would recommend that players change their passwords to something unique (we aren't sure what encryption is used, if it is even the same for all servers), and currently do not make any new payments for mall points.

 

Hopefully, this vulnerability can be quickly discovered and patched before more damage is done. Staff of more popular servers will surely have a lot of cleanup to do.

 

Update 4:30 PM UTC: One particular popular server's staff have so far discovered over 25 million illegitimate mall points. The number is continuously increasing.

Update 5:00 PM UTC: Metin2 USMetin2 US staff have started tests and investigations to see if their server has been affected.

 

 

I took this news from a special metin site.

Further more i think all people need to read this Thread and watchout carefully.

Hope i could help u.

 

 

Informacja została zaczerpnięta z facemetin.pl

Czekam na wsze wypowiedzi. Według mnie szykuje się chuczny koniec Metin2 ; (

[Dementor67]

Przecież to jest od Z8GAMES to nie jest GAMERORGE i oni różnią się kompletnie zabezpieczeniami do tej gry... Napewno team GAMEFORGE by nie pozwolił na takie rzeczy które dzieją sie na US...

[Seba xdd ^^]

@UP

Z twej wypowiedzi mogę ztwierdzić, że uważasz, że admini w metin2us z8g nie starają się?

 

Mam nadzieję że tak nie twierdzisz.

[Edek Skarpeta]

Istnieją dowody na to że na Metin2PL się wkradli. Również w w.w tekscie pisze "Metin2PL", nie zastanawiało was dlaczego po miastach można znaleść marmur RED SMOKA?? ;D Albo niedawno zmieniono IP 3 (o ile się nie mylę) serwerów. To mówi samo za siebie

[maly10011]

Ten tekst co dałeś jest w sieci od dobrych 2 miesięcy i do tego nie jest napisany przez nikogo z administracji tylko przez normalnego gracza.

Przestanicie na siłę szukać sensacji , bo serwery postoją jeszcze pare lat jak napisał kolega wyżej. Jak coś powaznego będzie się działo to wyłączą serwery na kilka dni i naprawią problem. Ot co...

[MuttlyeTools]

Metin 0 - Hakerzy +100 HAKERZY WIN!!: )))

[Gaw3l]

Ta informacja jest stara jak świat, ponadto została ona zamieszczona przez zwykłego użytkownika - a nie przez obsługę Z8GAMES..

[Duchowy]

Po 1 silniki gameforge z8games ymir są niemal identyczne zabezpieczenia te same a ogólnie chyba us pochodzi bardziej za bezpiecznego serwa niż taki Pl ;/

[Brasai]

Ciekawy jestem jak możliwe jest takie włamanie.