True old news, video was made in december 2007 when there was a hacker on tibet that found an exploit and started to hack all the high level account on tibet.
Then about a week after that rev6 released public the '
MASSIVE security flaw in JM's new website' exploit.
To hack an account the only information you need was the account name. With someone else account name, you where able to change he's password and then login to the account. You could also change he's e-mail and secured email address using the new joymax e-mail security preventing people from changing there password with the secret answer.
There a silkroadforums post about it in the news section:
viewtopic.php?f=1&t=69081The part in the video where you see a website and the accountname = huh hoo
That was the basic principle of the exploit.
Pointless to ask, this exploit doesn't work anymore and Joymax hasn't done any rollback for people to get there account back.
Joymax claimed: You have been hacked, it was your fault. Our TOS stipulate that we do not help people get there account back if they are being hacked.
Kind of funny since the source of the hack was caused by bad security on Joymax part...
Oh wait I screwed up, 24-48 hours after the exploit was made public, Joymax fixed part of the exploit, new method came out, 12-24 hours after 2nd exploit was fixed but no news on Silkroadonline.net, 24 hours later silkroadonline.net added a news claiming:
Recently, user have been contacting us about an exploit on our website. Please note that such an exploit doesn't exist.
It was funny how they never mentioned that there was an exploit, they only said that right now there is no exploit and misleading people by not even claiming that they fixed it.
As soon as this news came out, Joymax + some unrelated company affiliated with Joymax got e-mail spammed + phone spammed by wow, many people. I remember looking and the forum and people where leaking information about joymax phone number and affiliated company to Joymax. This actually made Joymax shake, I think it the first time I saw Joymax shaking like that. They removed the news and added a new news claiming that they released a method for people to get there account back which at 95% of the account wasn't working and the spam started to go down and a few weeks later everything was forgotten.
But in the end, every single forum knew about the exploit and confirmed that the exploit was working.
I wonder what would of happen if rev6 haven't of put it front page...
Many people lost there account when rev6 put it front news, some people where able to get there account back using the exploit.
Anyway with Joymax showing a 0% customer service, I can't blame rev6. Yet no roll back after the exploit...
So the video you are looking at, reflect most of everything said in my post.
Not like you care, but it a let not forget what happen during December 2007.
but still funny
