Marcos Nieto(Independent researcher)

Virtual Cash, Show Me The Money: Debugging Facebook Flash Games and Getting Some Real Bucks

Nowadays, social networks get their peak visitors into a somewhat complex gaming hierarchy, where they get involved in playing with or against their friends, but in these games there\'s always a constant: to succeed faster, to better improve the gaming experience, to acquire the latest items, whether outrun, out-stand, outwit other players, and get a high position in the coop, many on-line gaming companies have created virtual cash to purchase premium items and services otherwise unachievable. This simple procedure not only covers how to get our hands on that precious virtual cash without directly spending any real cash, but also how to stock it and even act as unofficial resellers, should it become a prosperous dark venture. The approach of my presentation aims towards demonstrating with very simple steps and tools how to trick an on-line game server to deliver some cash, masked under achievements during game-play, which everyone would fairly get; this particular scenario cuts that time window, boosts it by storming a set of genuinely recorded session back to the server in large number of iterations for each created phantom account. For each clone that has been tested with this procedure, the amount of generated virtual cash could be worth 50 US Dollars, once drained from there to a central account. On a daily basis, two clones can be set-up and drained from a fairly low-profile connection, since this can be performed from a 32KBps upload link with no problems, without triggering any alarm either. So, there are these power boosts that can be acquired with money via pay-pal, etc. That cyber cash acquisition is also achieved by genuine hard work, which in this case, supervised drones storm the servers mocking real players to get the virtual game money, transferred and redeemed, no different from a normal product sold by the company that creates it, since what is resold, for a lower price is, actually a product acquired legitimately from them.

Sobre Marcos Nieto

Keijo is an independent computer consultant, ranging from hardware cleanup to firewall racking and programming; an all-round, around, sound and surround computer geek. Formerly hired InfoSec support engineer, he left the corporate environment and the big city of Buenos Aires, segmented his time online among several activities, including InfoSec research and improving remediation procedures. His offline time is devoted to cars and girls, currently helping in a pimp-my-car type garage from a small town close to Córdoba, ran by his brother.

« volver a Speakers