Gamers Warned After Grand Theft Auto Forum is Hacked

Grand Theft Auto fans have become the latest to be targeted by hackers after the personal details of an estimated 200,000 gamers were discovered being traded online.

Fan site GTAGaming admitted in a post yesterday that its forum database had been compromised and email addresses, hashed passwords and “any other details you may have saved in your profile” could be in the hands of the hackers.

The site admin is now forcing a password reset and urged all users to change any credentials on sites which they share the same password with.

The site is just the latest compromise in recent weeks involving under fire forum software vBulletin.

In July an SQL injection flaw led to a security breach on the Ubuntu Forums site. Then just weeks ago Disney was forced to notify users of its Playdom Forum that hackers had breached the site.

What's more, this week, Epic Games revealed sensitive information on over 800,000 user accounts had been stolen after a forum breach.

Have I Been Pwned site owner Troy Hunt claimed that administrators have been slow to patch vBulletin, leading to the problems.

“When GTAGaming was hacked, they were two major releases behind the current generation and four and a half years behind in their patches for the major version they were running. And this is the real story with vBulletin - installations going unloved,” he argued in a blog post.

“When you look at the history of vBulletin sites being hacked, it's rarely zero-day vulnerabilities so we're usually not looking at an attack and saying ‘Wow, we've never seen that before!’.”

GTAGaming has now closed the forums permanently and said it will delete any accounts not updated within the next couple of weeks from its database.

Deepak Patel, director of security strategy at Imperva, recommended firms install a web application firewall to filter out SQLi and other online threats.

“WAF typically relies on a large, and constantly updated, list of meticulously crafted signatures that allow it to surgically weed out malicious SQL queries,” he added.

“Usually, such a list holds signatures to address specific attack vectors, and is regularly patched to introduce blocking rules for newly discovered vulnerabilities.”

What’s Hot on Infosecurity Magazine?