[ISN] Hacking of Web game EverQuest linked to local teen

From: InfoSec News (isnat_private)
Date: Fri Sep 07 2001 - 00:01:32 PDT

  • Next message: InfoSec News: "[ISN] FBI under fire for Code Red response"

    By Mike Carter
    Seattle Times staff reporter
    August 31, 2001 
    Federal agents have seized 10 computers and other computer gear from
    the home of a Snoqualmie teen suspected of hacking into Sony's
    extremely popular online game "EverQuest."
    The hacking would have given him access to personal information on
    hundreds of thousands of players and Sony employees.
    Agents also say the hacker, who was 17 at the time, was able to access
    the home computer of the company's vice president of product
    development, Brad McQuaid, and downloaded documents for an
    as-yet-unreleased version of the popular role-playing fantasy game.
    Sony, which declined comment on the investigation, says the game is
    played by as many as 400,000 people worldwide and reaps more than $50
    million a year in revenue.
    No arrests have been made, and no charges have been filed, said
    Deborah Hartman, a spokeswoman for the U.S. Attorney's Office in San
    Diego, where Sony Online is based.
    A search warrant filed recently in U.S. District Court in Seattle
    shows that FBI computer-crime agents seized 10 computers and dozens of
    computer drives and disks from the home two weeks ago. Agents are also
    investigating a Mobile, Ala., man over the intrusions.
    The warrant says the U.S. Attorney's Office suspects the men of crimes
    that could put them in federal prison for up to five years.
    Last October, authorities say, the men broke into one of the 40
    servers Sony Online uses to operate the game and gained access to a
    powerful "superuser" account.
    Through that account, they gained access to the private accounts of
    Sony employees, a password-protected messaging board and "all other
    customer accounts."
    "Access to these accounts gives the superuser an individual's name,
    date of birth, work and home telephone numbers, Internet protocol
    address and other information," including home addresses, according to
    an affidavit filed with the warrant.
    Moreover, superuser status also "enables the user to have complete
    administrative controls over the game, including the suspension,
    banning and unbanning of accounts."
    Sony Online officials told agents several accounts were tampered with
    during this time period, including one belonging to the Alabama
    The hacking provided the intruder with information that allowed him to
    surreptitiously access the home computers of McQuaid an icon among
    Internet gaming enthusiasts and the producer of "EverQuest,"
    considered the most popular online role-playing game ever and two Sony
    "game masters," responsible for the operation of "EverQuest," the
    affidavit says.
    In McQuaid's computer, the hacker copied a voluminous file containing
    the blueprint for the release of the game's next version,
    "EverQuest2," scheduled for release next year. Other personal and
    proprietary information was also accessed.
    For reasons unexplained, the hacker sent all of the proprietary files
    that were hacked to a Sony executive, "making it evident that (he) had
    illegally obtained the files." Until then, Sony Online Entertainment
    was unaware of the extent of the intrusion.
    Sony Online had experienced a series of security problems they now
    attribute to the two suspects.
    A private, password-protected "guide board," used by "EverQuest"
    operators to communicate with one another, was posted on HackerQuest,
    an Internet bulletin board frequented by game players.
    Later, a Sony game master, Alan Crosby, was contacted anonymously
    through a private e-mail system by one of the hackers.
    Sony Online officials were able to trace the contact to the teenager
    in Snoqualmie.
    Mike Carter can be reached at 206-464-3706 or
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 02:22:56 PDT