Battlefront site hacked

[Josh]

The site is down; here's what I got:

Battlefront.com
This site is down for maintenance.
We will be back momentarily.
Please check back again soon.


So that's the reason some of us got spam in their mailbox. Chilling.

[Prince of Eckmühl]

Wow, that kinda blows up my licenses for the games that require them to initialize. [:(]

[Titanwarrior89]

I was wondering what was going on.......[&:]

[gunny]

Odd too you get the option to log-in when that cryptic notice is displayed.

[NefariousKoel]

Someone hacked Battlefront a few days ago and got their email list.  And who knows what else.

I got an email out of the blue from "Battlefront", in obvious Chinese Engrish, with a link to their "new update every battlefront game program".  It stunk of virus so bad it was deleted immediately. 

Not long after, there was a warning thread on Wargamer about it:

http://www.wargamer.com/forums/tm.aspx?m=419501

[Princessjj1]

I don't give a flying !@#!@ about their security problems.  I don't believe they didn't have some kind of backup plan.

So paying customers get screwed until they manage to get their act back together?  Screw them.

[NefariousKoel]

ORIGINAL: Darkstar One

I don't give a flying !@#!@ about their security problems.  I don't believe they didn't have some kind of backup plan.

So paying customers get screwed until they manage to get their act back together?  Screw them.

Easy, Trigger. I haven't liked Battlefront's turn for the worse in the last couple years with their DRM, so I'm no fan. The forums there don't exactly have a good rep either.

[ilovestrategy]

I've never dealt with BattleFront. Are they the same as Steam?

[TheReal_Pak40]

ORIGINAL: Darkstar One

I don't give a flying !@#!@ about their security problems.  I don't believe they didn't have some kind of backup plan.

So paying customers get screwed until they manage to get their act back together?  Screw them.

real mature pal. You should give !@#$ about their security problems. Their site was hacked, apparently taken over, and their email list was taken and used to send out malicious programs. One guy over at wargamer actually got his whole computer wiped. There's talk that credit card numbers could be hacked also, hopefully not. So you should give a @#$@.

[Phatguy]

ORIGINAL: ilovestrategy

I've never dealt with BattleFront. Are they the same as Steam?

No, just more..."evil" in my opinion... They have some very restrictive DRM's on thier games.Plus they run thier forums like a gulag.At least that is my opinion......Steam is only a service......

[Phatguy]

ORIGINAL: TheReal_Pak40

ORIGINAL: Darkstar One

I don't give a flying !@#!@ about their security problems.  I don't believe they didn't have some kind of backup plan.

So paying customers get screwed until they manage to get their act back together?  Screw them.

real mature pal. You should give !@#$ about their security problems. Their site was hacked, apparently taken over, and their email list was taken and used to send out malicious programs. One guy over at wargamer actually got his whole computer wiped. There's talk that credit card numbers could be hacked also, hopefully not. So you should give a @#$@.

While I agree that Darkstar one is acting like a 3 year old whose candy got taken away he does have a point about a backup plan and customers getting screwed

[ilovestrategy]

ORIGINAL: apathetic lurker

ORIGINAL: ilovestrategy

I've never dealt with BattleFront. Are they the same as Steam?

No, just more..."evil" in my opinion... They have some very restrictive DRM's on thier games.Plus they run thier forums like a gulag.At least that is my opinion......Steam is only a service......

Oh, they are a company like Matrix?

[vonRocko]

ORIGINAL: ilovestrategy

They have some very restrictive DRM's on thier games.

Can you explain? The only drm I have from their games is a serial number,like Matrix?
This is the perfect arguement for physical game copies over downloads only. I always buy the disc.
Thanks
p.s. battlefronts email yesterday has a trojan in it.

[E]

If you love strategy, you might've heard of their games... Combat Mission: Beyond Overlord (CMBO), Combat Mission: Barbarossa to Berlin (CMBB), Combat Mission: Afrika Korps (CMAK),  Combat Mission: Shock Force (CMSF). (The latter game is when the deal-breaking DRM was put into effect). 

You might've known them in another lifetime as "Big Time Software," when they were published by Avalon Hill... Flight Commander II, Over The Reich, Achtung Spitfire.

FWIW, all of the above still reside on my HD. Except for Combat Mission Shock Force (didn't grab me, so I tried to preserve my DRM-limited installs for the future).

They also distribute other small company's games. But I've been wary of that since they got on the outs with one such company many years ago and basically disowned the game I bought from/via Battlefront (aka: BFC).

[E]

ORIGINAL: vonRocko

ORIGINAL: ilovestrategy

They have some very restrictive DRM's on thier games.

Can you explain? The only drm I have from their games is a serial number,like Matrix?
This is the perfect arguement for physical game copies over downloads only. I always buy the disc.
Thanks
p.s. battlefronts email yesterday has a trojan in it.

Since CMSF, their DRM is limited installs (as in TWO installs total) after online verification for each install. This applies to physical copies AND downloads.

Now this gets screwy... if you bought the game from a company other than Battlefront, you probably have the disk copy protection, which doesn't include the aforementioned DRM. But I believe the DRM gets installed in a later patch for those non-direct-from-Battlefront versions of the game. I could easily be wrong on the DRM, but you definitely need later patches to make CMSF playable.

[Phatguy]

ORIGINAL: ilovestrategy

ORIGINAL: apathetic lurker

ORIGINAL: ilovestrategy

I've never dealt with BattleFront. Are they the same as Steam?

No, just more..."evil" in my opinion... They have some very restrictive DRM's on thier games.Plus they run thier forums like a gulag.At least that is my opinion......Steam is only a service......

Oh, they are a company like Matrix?

hehehe..while battlefront is a company,there is no way I would ever equate Battlefront with Matrix...

[Peter Fisla]

ORIGINAL: Darkstar One

I don't give a flying !@#!@ about their security problems.  I don't believe they didn't have some kind of backup plan.

So paying customers get screwed until they manage to get their act back together?  Screw them.

So much for their eLicense DRM...I never was a fan of that crappy DRM. If the hackers hacked their eLicense database every customer is screwed (including me, as I bought long time ago the original TOW).

[ilovestrategy]

ORIGINAL: vonRocko

ORIGINAL: ilovestrategy

They have some very restrictive DRM's on thier games.

Can you explain? The only drm I have from their games is a serial number,like Matrix?
This is the perfect arguement for physical game copies over downloads only. I always buy the disc.
Thanks
p.s. battlefronts email yesterday has a trojan in it.

Uh dude. That's not my quote. I know nothing about Battlefront. [:-]

[Josh]

And... it's still down, serious stuff.

The forum is open again, and here's what I found:

"As many of you already know, our server got hacked. It's not the first time, unfortunately. However, this is the first time someone tried to blackmail us into paying them money to make them go away. Since blackmailers are by their very nature untrustworthy, the thought of paying these criminals never entered our minds.

Ironically we were already preparing to move to a new server when the first attack happened. The breach was isolated within an hour or so of happening, blocked, and additional steps taken to make sure a future hack couldn't spill out of the area he got into. For a while it appeared we were keeping him out (there were many subsequent attacks that were deflected) and it was buying us time to complete setting up our new server which was already partially complete prior to the first attack.

Yesterday (March 23, 2010) the lowlife hacker got in again to the same place he got into before. He attempted to send an email to all our customers using the "newsletter" feature of our storefront software. The email contained a link to a virus of some sort, which we removed from our server very quickly. A large percentage of the emails were still in the outgoing email queue and were deleted before they were sent.

At this point the server was shut down completely and we switched the DNS (Internet directory) over to our new server so we could start the transition. This had the negative side effect of preventing us from alerting you all about what was going on. Especially because the DNS change over took about twice as long as it should have due to a backlog of requests at our server host.

For the last two days we have been moving over hundreds of GB of data between the old server and the new, purging any suspicious files, and reconfiguring the website to function with MacOS Snow Leopard Server instead of the previous Windows Server. The superior stability and security of MacOS Server is one of the reasons we were making the change anyway.

The short of it is the hacker did not do much of any significance. At no time did the hacker have any access to sensitive customer data. More importantly the hacker could NEVER have gained access to customer credit card information because that information is only used virtually in the SSL (secured connection) when the order is placed. What that means is that it is NEVER saved to our server's disk. NEVER. Passwords and other critical account information are stored in encrypted files, so even that information was inaccessible to the hacker.

Our new server has many security features that will prevent the same kind of attacks we just experienced on our old server. While no security system is foolproof, we are confident that we are overall much better protected than we were before.

We are going to take most of the rest of Thursday (March 25, 2010) to double check the reconfiguration of the webpage services and storefront before opening it back up to the public. There may be small outages in the days to come for additional reconfigurations due to the necessity of rushing the migration process. Once this is done we can get back to work bringing great wargames to you instead of spending our time and energy dealing with a cyber terrorist.

We apologize for the inconvenience and thank you for your understanding."


Sooo, they got blackmailed!

(Hope Matrix is prepared.)

[VicKevlar]

Back in the day Matrix was threatened a few times with lawsuits and such. [8|]
 
Usually from users (some still around) on this forum claiming mistreatment in one form or another. [:D]