Town of Salem Game Forums

We have found and removed 3 different php files from our webserver that allowed the hacker to have a backdoor into the server. Rackspace is also running a malware check on all of our servers. We believe we have stopped their ability to continue gathering data but we are in the process of contacting security auditing firms and potentially discussing reinstalling all of our servers from scratch just to be 100% sure.

We are in the process of starting to email users but as you can imagine it takes some time to process and send out 8 million emails.

The community and mods have been helping us look into websites that have the data to see what is being done with it. Passwords were stored as a salted MD5 hash and not plaintext, but it appears that these hashes can still be brute forced to get the plain text password if it wasn't a very secure password. We have seen passwords as long as 10 characters being cracked.

If your Town of Salem password was the same on any other site you should change your passwords immediately to be safe.

No credit card/payment info or personal identifying information outside of your email/IP was stored.

As long as users who had a shared password update it on other sites they should be safe. Emails are starting to go out soon so that everyone will know about this.

We are making plans to replace phpbb with a more secure forum such as vanilla and moving to a more secure hashing algorithm. Since we didn't store plaintext passwords we can't easily update everyones hashes to a new algorithm but we are investigating our options.

Thank y'all so much for taking action when you did.

Hi, I just want to update you regarding the payment information statement.

From some of my sources, it appears that the Payment informations leakead includes :

Email, Full Names, Billing & Shipping addresses, IP Information, payment amount, and other details. No Credit Card numbers.

ChocoMousse wrote:Hi, I just want to update you regarding the payment information statement.

From some of my sources, it appears that the Payment informations leakead includes :

Email, Full Names, Billing & Shipping addresses, IP Information, payment amount, and other details. No Credit Card numbers.

Phew, at least my ssn and dna sequence are safe, for now.

ObiWanCumnobi wrote:
Phew, at least my ssn and dna sequence are safe, for now.

Equifax July 2017. Cough cough.

I don't think it takes very long to send out 8 million emails, especially if they all essentially say the same thing

10 KB message multiplied by eight million is 80 GB. At 100 megabytes (800 megabits per second) per second, it'll take 800 seconds to send 80 GB, in theory. If we assume they're sending at 20% the maximum capacity because of slow-running code or something, then it'll still take only about one hour.

Also, 10 KB is a pretty large email, especially considering the usual payload of the forum emails they send.

I bought the game on Steam but I haven't made any in-game purchases (Town Points, skins etc).

Is my information (Email, Full Names, Billing & Shipping addresses, IP Information, payment amount etc)included in the hacked data?

NateNate60 wrote:I don't think it takes very long to send out 8 million emails, especially if they all essentially say the same thing

10 KB message multiplied by eight million is 80 GB. At 100 megabytes (800 megabits per second) per second, it'll take 800 seconds to send 80 GB, in theory. If we assume they're sending at 20% the maximum capacity because of slow-running code or something, then it'll still take only about one hour.

Also, 10 KB is a pretty large email, especially considering the usual payload of the forum emails they send.

This doesn't account for the time it will take to write the email (deciding what to say and how to say it, especially since this message is kinda critical) which may add hours or more to the ETA.

Dehashed stated that some of the passwords were in phpass and others in MD5. Is this correct or were they all in MD5?

Also, it's clear from reading the other thread that a lot of people don't know what they're talking about.

While it is true that the idiots running this country have, for some unfathomable reason, given a bunch of foreign countries the power to regulate US businesses, the GDPR only applies to businesses that target EU markets. Unless Turkey joins the EU (which is unlikely for a number of reasons at this point), BMG doesn't have to worry about it.

Of course BMG still needs to promptly notify everyone, but since few (if any) US states consider passwords and email addresses to be protected data, it's unlikely that BMG could face legal ramifications.

we can't easily update everyones hashes to a new algorithm

What about changing the algorithm and then forcing a password reset on every single user? Two birds with one stone right there: you'd move to a more secure algorithm and users would change their passwords, which they should after a security breach.

>We have seen passwords as long as 10 characters being cracked.

Holy smuck. Thats is some hard-cracking they got in their minds to even get that

Too bad mine is very long.

4DEATH wrote:

Achilles wrote:Passwords were stored as a salted MD5 hash and not plaintext, but it appears that these hashes can still be brute forced to get the plain text password if it wasn't a very secure password.

Just in two clicks i have found some info about MD5.

Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities.

MD5 and SHA-1 are emphatically poor choices for storing passwords.

But you guys used "SALTED MD5" so i spent another click. You know, internet is full of how MD5 can be brute forced and such. BUT YOU GUYS USED SALTED MD5 HASH! That must be more secure than MD5, right, you guys wouldnt just plainly use unsecure cryptography.

There is, in fact, no such thing as "salted MD5" or "salted SHA-1". MD5 and SHA-1 are well-defined hash functions, which take as input a sequence of bits of (almost) arbitrary length, and output a sequence of bits of fixed length (128 and 160 bits, respectively). There is no salt anywhere in the definitions of MD5 and SHA-1; no password either, for that matter.

I know nothing about coding, hacking or all of that stuff...but the fact that 4DEATH is starting to use memes against Achilles's statements is now starting to worry me. ;u;

4Death, memes make no sense. For me the pikachu's face is shocked, so when you use that meme i think you're schocked, but i don't think it's actually what you mean.

Dudes, do i have to change my password again?

I have no idea why MD5 was used, as been pointed out by many other users. It was already known to be a bad way of storing passwords by the time the game came out. It sucks that there's been so much hurled at the game recently, first the botting thing, then this, and I saw on the other thread about this someone said there might be DDOSing too? But I don't know if there really is DDOSing or if that was just an assumption.

Also, I don't mean to victim blame since it really isn't any of the users' faults, but it's common knowledge by now that people shouldn't be using the same password on multiple accounts (and if it's hard to remember all the different ones, write them down). I recommend everyone use 2-step authentication on their email. As long as you don't have the same password on anything else and your email has 2-step authentication, you should be fine. I mean, even without the 2-step authentication, your email should be fine, but it's just another precaution you can take. Another tip I have for other users is to stay updated on this, or at least start getting in the habit of changing your password for Town of Salem frequently - in case the breachers leak data again.

I'm pretty sure someone's already said this on the last thread about this but there really should be a large warning at the top of the login screen for the game itself, if there isn't one already, for the people who don't check their email a lot.

VoidRuler wrote:I'm pretty sure someone's already said this on the last thread about this but there really should be a large warning at the top of the login screen for the game itself, if there isn't one already, for the people who don't check their email a lot.

Or never check their spam folder, like some people.

bkyblyat wrote:James that is completely false, GDPR applies to any business that stores EU citizen data, no matter where the business is residing.

According to Forbes, there needs to be some sort of attempt to target an EU market for a non-EU company (with no physical presence) to be subject to the law.

https://www.forbes.com/sites/forbestech ... 567c726ff2

In any case, BMG is already non-compliant with GDPR on a number of fronts. Hopefully, if it ever came to it, a US court would reject the theory that simply having a web presence makes one a subject of the EU.

For those asking why, the simplest explanation I can think of for why BMG continued to use the MD5 hashing is because that’s probably the hashing system that was already in place when they made/last updated the forum, and they just never changed it for some reason. Maybe they thought “we have better shit to do” and so changing the hashing wasn’t a priority to them, maybe they were hoping there wouldn’t be a problem like this, maybe they thought MD5 was good enough, whatever. That kind of thing happens all the time.

TheRetroPionner wrote:Is anybody else having problems? My forum password changed, but my in-game password is the same

Are you using the same username on the forums as you are ingame?

TheRetroPionner wrote:Is anybody else having problems? My forum password changed, but my in-game password is the same

This is because you aren't using your ingame account login to the forums. You haven't played a single match with the current account of yours.

4DEATH wrote:But you guys used "SALTED MD5" so i spent another click. You know, internet is full of how MD5 can be brute forced and such. BUT YOU GUYS USED SALTED MD5 HASH! That must be more secure than MD5, right, you guys wouldnt just plainly use unsecure cryptography.

There is, in fact, no such thing as "salted MD5" or "salted SHA-1". MD5 and SHA-1 are well-defined hash functions, which take as input a sequence of bits of (almost) arbitrary length, and output a sequence of bits of fixed length (128 and 160 bits, respectively). There is no salt anywhere in the definitions of MD5 and SHA-1; no password either, for that matter.

This might be the stupidest thing I’ve ever read, and the fact that you coincidentally cut off the rest of what your source said leads me to believe you said it out of malice rather than ignorance.

For anyone genuinely concerned, what I’m sure the devs mean when they said they salted your passwords is that they add a random string of characters somewhere in your password every time it’s entered and then hashes that modified version.

For example, password might turn into pass7$&@-word and then be hashed. You can find MD5’s algorithm online and enter that into it to see what it turns into from there.

But this won’t save you if you have a weak password because it’s always in the same spot for everyone and it’s always the same random characters. So if whoever breached the data knows the token, your password will be cracked in the same amount of time as it would be if there was no salt.

And this doesn’t excuse using such a mediocre hashing algorithm and failing to secure the data in the first place.

You still haven't addressed the hashing issue.
I assume you're gonna immediately switch to a different algorithm, like bcrypt and not use the old and insecure md5, right?

hope64 wrote:

4DEATH wrote:But you guys used "SALTED MD5" so i spent another click. You know, internet is full of how MD5 can be brute forced and such. BUT YOU GUYS USED SALTED MD5 HASH! That must be more secure than MD5, right, you guys wouldnt just plainly use unsecure cryptography.

There is, in fact, no such thing as "salted MD5" or "salted SHA-1". MD5 and SHA-1 are well-defined hash functions, which take as input a sequence of bits of (almost) arbitrary length, and output a sequence of bits of fixed length (128 and 160 bits, respectively). There is no salt anywhere in the definitions of MD5 and SHA-1; no password either, for that matter.

This might be the stupidest thing I’ve ever read, and the fact that you coincidentally cut off the rest of what your source said leads me to believe you said it out of malice rather than ignorance.

For anyone genuinely concerned, what I’m sure the devs mean when they said they salted your passwords is that they add a random string of characters somewhere in your password every time it’s entered and then hashes that modified version.

For example, password might turn into pass7$&@-word and then be hashed. You can find MD5’s algorithm online and enter that into it to see what it turns into from there.

But this won’t save you if you have a weak password because it’s always in the same spot for everyone and it’s always the same random characters. So if whoever breached the data knows the token, your password will be cracked in the same amount of time as it would be if there was no salt.

And this doesn’t excuse using such a mediocre hashing algorithm and failing to secure the data in the first place.

Salting isn't bad, it is very useful in fact. It provides immunity towards rainbow tables and it is especially useful for secure algorithms. However, it is pretty pointless in this case since they're using a very insecure algorithm.

HellnoRO wrote:You still haven't addressed the hashing issue.
I assume you're gonna immediately switch to a different algorithm, like bcrypt and not use the old and insecure md5, right?

That, I think, is one of the things they're trying to figure out how to do, since they don't have the plaintext passwords available to convert.

Kudos for you for emailing the user base immediately and ethically reporting the attack!
It would be a good idea to include a password change function in the front end gaming client.