Hacked by a player with no ID

[AndrewsRG 22]

nothing unexpected

the BIS_fnc_MP https://community.bistudio.com/wiki/BIS_fnc_MP

is evolution of TOH's replacement https://community.bistudio.com/wiki/BIS_fnc_MP_(Take_On_Helicopters)

of A2/OA old MPF (multiplayer framework) https://community.bistudio.com/wiki/Multiplayer_framework

as Alpha has no security yet, cheating or exploiting ingame scripting and functions is bound to happen

The game is bought and paid for, many of us have been supporting bohemia for several years. Get your best men on the job it and get it sorted, do you want to kill off your entire ARMA 3 following before the game is even fully released? Exploits that allow hacks once discovered should be priority and dealt with asap!

Edited April 24, 2013 by Andrews

[dave_beastttt 135]

We (MGT) run a high ranked heavily populated Arma 3 Wasteland server and have been hit by this script, we've passworded our server now and given instructions for players to restart Arma 3 before joining and it seems to be working.

Edited April 24, 2013 by dave_beastttt

[Richie 330]

Made worse by the fact this was forseen :(

It's all mentioned here > http://forums.bistudio.com/showthread.php?153168-How-to-disable-the-BIS-scripting-library

The devs could of been working on this 8 days ago before it got so out of hand.

[dave_beastttt 135]

We (MGT) run a high ranked heavily populated Arma 3 Wasteland server and have been hit by this script, we've passworded our server now and given instructions for players to restart Arma 3 before joining and it seems to be working, all be it with on.

How to join our server and play and not spread the vulnerability http://mgt.enjin.com/home/m/12045570/article/1439072

[h20pt 10]

The game is bought and paid for, many of us have been supporting bohemia for several years. Get your best men on the job it and get it sorted, do you want to kill off your entire ARMA 3 following before the game is even fully released? Exploits that allow hacks once discovered should be priority and dealt with asap!

I'm pretty sure they're trying to fix it as soon as possible.. Until then, just chill ;)

[zimms 22]

Pls everybody stop posting screenshots of "new messages" from the hacker. There's no new information in it and basically this thread has run its course. We got an official statement from BIS, is will be worked on, that's all for now. We can't do anything and BIS will do their part when it's done.

Don't do those script kiddies the favor and give them your attention.

Edited April 24, 2013 by zimms

[Predator.v2 10]

I hope, it is not "illegitimate" to post this, but this line will "hide" your server from the game browser and let's you solely connect via IP. Tested with several clan mates.

//reportingIP = "arma3pc.master.gamespy.com";

reportingIP = "www.google.de";

[dave_beastttt 135]

I hope, it is not "illegitimate" to post this, but this line will "hide" your server from the game browser and let's you solely connect via IP. Tested with several clan mates.

Isn't it more important to make sure clients restart Arma 3 before joining though?

[Alo Keen 7]

Correct, but this will prevent random players from joining, thus enabling the host to control who joins, to a certain extent.

[Arucardo 10]

If you can be absolutely certain about who's doing it there's definitely one thing you can do, get in touch with Steam Support.

For example the guy mentioned in the first post of this thread wasn't exactly hard to track down (steam account and all) BUT I have to stress this, don't start reporting anything just yet because he could've been spreading it unknowingly after getting infected on a previous server. If multiple server admins start seeing this guy appearing and the server getting hacked shortly after then it might be worth looking in to. I highly doubt Valve is just going to turn a blind eye to a steamworks supported game getting griefed/hacked in such a way. If nothing else the person responsible has a good chance of losing his entire Steam account.

Again, please don't start a witch hunt if you're not absolutely certain about the person responsible.

[dave_beastttt 135]

We have 7 players now and restart client and password seems to be working.

Filter MGT in the mp browser for ours

[Mattar_Tharkari 10]

Is the script on a delay? I locked myself in the server alone, didn't restart client, everything was fine until T~20mins and my 3rd/4th respawn. Hack started immediately upon that respawn. So don't think it's the guy that just joined.

[izen 10]

Alright guys, let's think about this. Trying to fix the symptoms isn't possible.

-It is NOT possible to reach every last player and tell him to restart after he's received the "virus".

Even then, it would be utterly annoying to restart the game ever so often.

-It is not really that important to find out "who that player is and ban/sue/whatever him". He can, after all, still get a new game at a discount and furthermore, he is not the only hacker in the world. Finding the guy won't help anybody.

The only solution to this is to stuff the hole the dev's created.

Right now, I am very annoyed. As always because of hackers, but OVER BIS. They know hacking is a major problem since ArmA caught attention by a wide audience. I hosted a DayZ server and quite a large Community back a few months until the game got completely wrecked by hackers. It now is an absolute No-Go to be having such security holes.

Yes, it is an Alpha, but remember you had people pay for it, and right now one half-decent hacker has ruined your entire multiplayer landscape. This is really bad PR for your game. I play with passion since OFP 1.0 but right now it's freaking me out this is even happening. Nobody can play your game right now, and be it Alpha or not, I'm somewhat in a mood to ask my money back, just because its impossible this is happening and we are still customers.

Telling us to "simply ignore" the hacker is also not very helpful. How am I supposed to "ignore" being unable to play/flying in the air all the time?

You should have learned more from the past experiences.

I know this text is admitting defeat to the hacker and I'm doing just what he wants, but seriously? Hacks were annoying in the alpha already ever so often. I haven't been able to play a decent ArmA2 or 3 round in the last year due to hackers.

Every hour you let guys like that idiot lock 90% of the players out of the game, you lose long-term players. I have no problem in not playing ArmA3 right now, but I will eventually come back at some point...other people who are less appreciative of this game might not.

You are effectively losing money and I cant understand what gain you could probably have by it.

Sincerely,

iZen

[Messiah 2]

You paid for the final game and in return got access to the Alpha and Beta. Whilst it doesn't make the situation less irritable or degrading, you need to be aware of what you purchased and what you signed up for.

[wok 1]

I though alpha was made so we could report bugs and send feedback, well it looks like most people can't even play so they wont be reporting anything. I hope this gets fixed or at least temporarily patched asap.

[bob_gneu 10]

It is a little disconcerting to see so many people acting like this is the end of their lives. This is an alpha build of a game that is updated on a pretty regular basis, as such taking a week and learning the editor, having to restart your game and or locking down a server and blocking public joins is not nearly as annoying as not having the game at all. By no means does this mean that there is any excuse for allowing code to be recompiled, sent to and executed on client machines (or servers for that matter), but a few frustrating hiccups along the way should not make you want to jump ship or rant about how horrible BI is for not fixing a 0 day exploit on day -1.

Of equal merit is the ridiculous nature of categorizing this hacker as a "script kiddie," raging on motives or anything else. All that is actually known is that the hacker is smart enough to have uncovered a pretty significant security hole in the game, and that he has taken to making us fly in game with text based messages to show off his protest. Considering the nature of the hacking in ARMA 3 Alpha, primarily in the form of either blowing everything up in the map or teleporting everyone to a single location and detonating an explosive of some sort, this is benign. It is irritating, sure! But it is far from the worst thing that has been enacted on any of us without our consent. The most you can say about this is that it is an irritation and should be addressed, but this hacker is by no means an idiot, he has a clearly stated goal of improving the security of our game, which in turn improves the game for us all. Threatening to go after the hacker is not useful. Let's keep pushing BI to step in with an appropriate fix

You are all free to go off the handle in any situation you choose, I just ask that you don't assume you understand anything beyond the details that are available to us all.

Oh wait, sorry... this is the internet. Let's threaten not to play the game ever again and demand a refund on the forums and complain a lot!

[addicted 1]

@iZen

No offence, but almost all you have written have no sense. It’s an alpha - means Arma3 doesn't exists. Alpha it's a privilege to help create that game how we want and it’s an occasion to buy that game chipper. Let BIS do their job how they want and how they can. Don't exaggerate the problem and don’t' push. It's not good for community. Just chill out please.

[bob_gneu 10]

I though alpha was made so we could report bugs and send feedback, well it looks like most people can't even play so they wont be reporting anything. I hope this gets fixed or at least temporarily patched asap.

This is incorrect.

You can still play. If your server was hacked you need to restart it and demand that your clients do the same. Do not allow anyone on who has not restarted their client. Last night my task force played for hours by just passwording the server and requiring a restart of all clients before connecting.

---------- Post added at 15:05 ---------- Previous post was at 15:03 ----------

@addIcted

If I could have approved your post i would have.

Thank you for being a voice of reason in this sea of bullshit and rage-quitting. =)

[axclaw 1]

i uninstalled my shit after that every server i joined i was always flying and hearing explosions

heck i even tried hosting my own server and it had me flying again

i was like wtf man really really

[zzecool 10]

BIS knew about it and didnt respond ...... http://forums.bistudio.com/showthread.php?153168-How-to-disable-the-BIS-scripting-library&p=2380882#post2380882

This is the aftermath of this behaviour and a great lesson for BIS..

We ,the players are just victims that payed a game to help its development . This must be fixed ASAP .-

[ak1287 1]

This is incorrect.

You can still play. If your server was hacked you need to restart it and demand that your clients do the same. Do not allow anyone on who has not restarted their client. Last night my task force played for hours by just passwording the server and requiring a restart of all clients before connecting.

---------- Post added at 15:05 ---------- Previous post was at 15:03 ----------

@addIcted

If I could have approved your post i would have.

Thank you for being a voice of reason in this sea of bullshit and rage-quitting. =)

This.

I'm not going to lie, I almost completely forgot about adversarial multiplayer in the Arma 3 Alpha.

[massasster 1]

I can wait till we start up the half-assed anti-cheat program battleeye. That pile of shyt has banned many legit players and told them basically to "eff off, it's your fault" - then with no apology what so ever, un-banned their account a month or so later.

[wok 1]

This is incorrect.

You can still play. If your server was hacked you need to restart it and demand that your clients do the same. Do not allow anyone on who has not restarted their client. Last night my task force played for hours by just passwording the server and requiring a restart of all clients before connecting.

No, you are incorrect, i said most people, not everyone. Do you think every arma player read the forums?

[b00tsy 28]

There is something named 'single player' mode, it magically solves all hacking issues, go try it out. I don't get people that only think 'multi player' exists and is the whole game they bought. I remember a time where there was not even such a thing called 'multi player' in games. guess I am getting old.

[Alo Keen 7]

Do you think every arma player read the forums?

Well, it's obviously their loss if they don't. Being able to read up on what's new and what's going on... why would one want to pass up on such an opportunity?

You might argue that some people are not interested in the "backstage" chatter and just want to play - for those I'd advise waiting for the full release.