Gabe Newell I need the assistance of the community Update
Posted by: Newsfactory on: 10/04/2003 04:47 PM [ Print | 7 comment(s) ] · 2883 views
Shacknews have an update from Gabe Newell on the Half-Life 2 Source Leak situation!
1) We've taken our network connection down to pretty much a minimum. We're still finding machines internally that have been compromised.
2) The suite of tools that the attacker was using included the modified version of RemotelyAnywhere (basically a Remote Desktop-style remote admin tool), Haxker Defender (a process, registry key and file hiding tool), the key logger, and various networking utilities that allowed them to transfer files (compressors, NetCat, and FTP). We also are pretty sure they were sniffing our network to gather passwords and other information. Haxker Defender includes a file system driver that allows an attacker to have stuff on your machine that is invisible, unless you do something like mount the drive under another OS that has NTFS support.
We have determined one way of detecting some infected machines, which is using a connection viewer to detect connections to anomalous hosts external to our network.
We still don't know their entry method.
3) In general, the community has been remarkably swift at tracking down the sources of the leak. What would be most helpful now are IP addresses of the people who were responsible for the intrusion or for the denial of service attacks.
4) Also, please continue to send in URLs of websites hosting the source code. We've been contacting people and asking them to take it down.
5) There's anecdotal evidence that other game developers have been targeted by whoever attacked us. This hasn't been confirmed. We've been providing other game developers with more detailed information about the exploits and evidence of infiltration.
6) We're running a little bit blind with our network shut down, but it seems like some of the press has picked up the story. I've been fielding calls from the mainstream non-games, non-technical press.all day. Hopefully they will get to report shortly what a mistake it is to piss off a whole bunch of gamers and get them hunting you around the Internet.
For any information related to this, please send it to helpvalve@valvesoftware.com, or you can always send to gaben@valvesoftware.com as well.
For those of you that are interested in who done it ... Click Here
1) We've taken our network connection down to pretty much a minimum. We're still finding machines internally that have been compromised.
2) The suite of tools that the attacker was using included the modified version of RemotelyAnywhere (basically a Remote Desktop-style remote admin tool), Haxker Defender (a process, registry key and file hiding tool), the key logger, and various networking utilities that allowed them to transfer files (compressors, NetCat, and FTP). We also are pretty sure they were sniffing our network to gather passwords and other information. Haxker Defender includes a file system driver that allows an attacker to have stuff on your machine that is invisible, unless you do something like mount the drive under another OS that has NTFS support.
We have determined one way of detecting some infected machines, which is using a connection viewer to detect connections to anomalous hosts external to our network.
We still don't know their entry method.
3) In general, the community has been remarkably swift at tracking down the sources of the leak. What would be most helpful now are IP addresses of the people who were responsible for the intrusion or for the denial of service attacks.
4) Also, please continue to send in URLs of websites hosting the source code. We've been contacting people and asking them to take it down.
5) There's anecdotal evidence that other game developers have been targeted by whoever attacked us. This hasn't been confirmed. We've been providing other game developers with more detailed information about the exploits and evidence of infiltration.
6) We're running a little bit blind with our network shut down, but it seems like some of the press has picked up the story. I've been fielding calls from the mainstream non-games, non-technical press.all day. Hopefully they will get to report shortly what a mistake it is to piss off a whole bunch of gamers and get them hunting you around the Internet.
For any information related to this, please send it to helpvalve@valvesoftware.com, or you can always send to gaben@valvesoftware.com as well.
For those of you that are interested in who done it ... Click Here
« October 2003: Cumulative Patch for Internet Explorer (828750) · Gabe Newell I need the assistance of the community Update
· OpenGL Extension Viewer 2.05 »
Comment
|
Devourer Unregistered |
#47919 Posted on: 10/04/2003 05:25 PM
"Hopefully they will get to report shortly what a mistake it is to piss off a whole bunch of gamers and get them hunting you around the Internet." LOL!!! Wonder if any of this is due to HL2 & steam? |
Comment
|
digitalwonderer Unregistered |
#47920 Posted on: 10/04/2003 05:30 PM
No matter how upset people are about Steam or any HL2 news it is NO excuse for what happened. 
Valve did nothing to deserve this except to bust their nuts trying to make a great game, and it really sickens me to see this happen to a good company like that. Regardless of if they had proper security and all other kinds of finger-pointing aside, this flat-out sucks for Valve and the community as a whole...this kind of thing should just never happen! |
Comment
|
sandstorm Unregistered |
#47921 Posted on: 10/04/2003 06:32 PM
I'm just curious, have you guys ever thought of using proper grammar/spelling? You guys murder headlines sometimes and this is a great example "Gabe Newell I need the assistance of the community Update" What the hell is this supposed to mean? Perhaps a colon, a comma, or some quotes are in order. |
Comment
|
Stimpy Unregistered |
#47923 Posted on: 10/04/2003 07:26 PM
OK, I'm going to throw something wild in to the mix... This all happend because of a security problem with Microsoft Outlook. OK, why is it that some of the most intelligent, and tallented programmers work for these people right? Why don't they just write there own email application? It would take them about a month to do, so why not develop critical software themselfs? |
Comment
|
PhrostyMcByte Unregistered |
#47937 Posted on: 10/05/2003 02:12 AM
basic email software to read through POP3 and send through SMTP wouldn't take more than a day to make using Win32 C/C++. Using C# would more than halve the time. |
Comment
|
digitalwanderer Unregistered Posts: 3 Joined: 2004-02-22 |
#47941 Posted on: 10/05/2003 05:03 AM
I totally concur.  |
Comment
|
shaderboy Unregistered |
#47952 Posted on: 10/05/2003 10:55 AM
I do wonder about the morals of some people on here and at other sites (like nvnews and rage3d). There is no good reason to hack anyone. Its not 'deserved' just because the game was delayed. Remember, to you guys its just a game, you will play it a few times and forget it, to the valve guys its been 5 years of their lives. |
