Hacker exploited loophole to cart away inventories of over 500 Fallout 76 players
December 26, 2019
A hacker recently exploited a loophole in Bethesda Game Studios' Fallout 76 real-time action game to empty inventories, such as weapons and armour, owned by over five hundred players. Bethesda had to take the PC version of the game offline to fix the vulnerability.
On Tuesday, Forbes' senior contributor Paul Tassi reported how a hacker had exploited a loophole in Bethesda Game Studios' Fallout 76 to empty inventories owned by over five hundred players. The loophole existed in a feature that allowed players to swap weapons and armour with each other during live gameplay.
Here's what he wrote:
"This exploit allows players who use it to strip entire other players’ unwitting characters clean of all their gear and inventory in an instant. There’s a video making the rounds from a hacker who has reportedly stolen everything from 500+ players in the game. You can watch it and literally see him stripping players straight down to their underwear in seconds as he moves from player to player in the wasteland.
"Needless to say this has thrown the entire community into turmoil, as getting the best gear and loot is the entire purpose of the game, and now hundreds of the game’s most dedicated players have now lost all their gear, and if you log in on PC, the potential is there for you to lose all your stuff there too if one of these hackers descends upon you. As such, players are asking for the servers to flat-out be shut down, or for everyone to be given access to the “premium” private server feature as a temporary fix for this."
Here's a video of hackers exploiting the loophole and stealing every piece of weapon and armour owned by active players:
The news about a hacker maliciously exploiting the well-intentioned feature in Fallout 76 to empty players' inventories spread like wildfire on the players' forum on Reddit. A number of players feared that the fallout of the exploit could be much greater as Bethesda may have closed down for Christmas.
Bethesda took the PC version of Fallout 76 offline to fix the vulnerability
However, Bethesda issued an update on the security incident on Monday, stating that it was investigating the exploit and may have to take the PC version of Fallout 76 offline to address the issue.
"We are investigating reports of a PC-only exploit that could be abused by cheaters, which may have resulted in a few players losing items that their characters had equipped. We have been actively working toward a solution for this and have a fix that we are currently evaluating for release today.
"While we’ve determined that only a small number of characters have been negatively affected, we are taking this very seriously and resolving this is currently our top priority.
"We would like to apologize to those of you who were impacted by this exploit. We want to make this right, and we are currently looking into ways we may be able to compensate you. If you believe you have been affected, please let us know by submitting a ticket to our Customer Support team.
"As mentioned above, this issue only affects PC, and we are currently planning to bring the PC version of the game offline today to release a fix. We will let you know as soon as we are ready to begin maintenance," the company said.
The company issued another update later in the day, stating that it had completed PC maintenance to address the exploit even though investigation into the exploit was still underway.
"Thank you but I do think saying it's just a few is an understatement and this 'Hack' was warned about happening some days ago, 'we the players knew' it was possibly coming just from reading these forums and Reddit, why didn't Bethesda know about this???" a player asked on the company's online community forum.
"Speaking for myself as a player. I would view adequate compensation as a strict restoration of exact items lost. I can understand loss of play time, or ability to enjoy the 'holiday event'. I could easily have accepted the closure of the servers to prevent the issue. You could shut them down for a week and I wouldn't be asking for 'compensation' of lost time. But, the loss that occurred was the loss of unique, legendary, items. Those are replaceable by their exact restoration," said another.
Jay Jay is a freelance technology writer for teiss. He has previously written news articles, device reviews and features for Mobile Choice UK website and magazine, as well as writing extensively for SC Magazine UK, Tech Radar, Indian Express, and Android Headlines.
German blue-chip companies BASF, Siemens, Henkel <HNKG_p.DE> along with a host of others said on Wednesday they had been victims of cyber attacks, confirming a German media report which said the likely …