It appears as though there was a substantial quantity of information stolen from Valve by infamous "hacker" MaddoxX, but nothing nearly as grand as originally believed. What was stated as being stolen were the means to create Valve Cyber Cafe certificates, the Cyber Cafe customer directory, customer's credit card information, the multi-core tech demo, financial information on Valve, and other such items.
The facts as they are right now: Valve was hacked, sort of. One of their servers that hosts the Cyber Cafe information was compromised. Technically, this should mean that only Cyber Cafe customers should be worried about this situation, though all details are still a little fuzzy at this time.
The gaming site, 1up.com, managed to shed a little light on the situation.
The facts as they are right now: Valve was hacked, sort of. One of their servers that hosts the Cyber Cafe information was compromised. Technically, this should mean that only Cyber Cafe customers should be worried about this situation, though all details are still a little fuzzy at this time.
The gaming site, 1up.com, managed to shed a little light on the situation.
How did he do it? And is this even for real? According to him, "it's not a hack on the Steam application itself; there are flaws/bugs on their servers." Thanks to these flaws, there are all sorts of exploits he claims to have pulled off: "People with a little bit experience can create their own 'fake' but working Café certificates."Further on down the page is the following:
We ran all of MaddoxX's proof by a software security expert who requested anonymity. "This looks real to me. He found a way into [Valve's] Cyber Café software," the security expert confirms, "but what I've seen — the files pulled down — don't indicate whether or not he breached Valve itself."
Doug Lombardi, director of marketing at Valve, says, "There has been no security breach of Steam." However, he does confirm our expert's findings by adding, "The alleged hacker gained access to a third-party site that Valve uses to manage the commercial partners in its Cyber Café program. This Cyber Café billing system is not connected to Steam. We are working with law enforcement agencies on this matter, and encourage anyone with more information to e-mail us at Catch_A_Thief@valvesoftware.com.
Isn't he concerned about jail time? Nope. "Nothing will happen. I work through remote PCs to do my job." However, they did ban some of his secure proxies — so clearly someone is paying attention to what is happening and, no doubt, a larger case is in the works against MaddoxX.Apparently he's had access to this sort of information, or at least the means to obtain this information, since January. He supposedly contacted numerous persons from Valve to plug up the security holes, but his mails have gone unanswered. Due to his being ignored, he took it upon himself to basically force Valve to stop ignoring him. As noted in the quoted section, if you have any information, feel free to email Valve at Catch_A_Thief@valvesoftware.com.
Comment