It seems that the source code behind Bohemia Interactive’s DayZ is now in the hands of hackers.
It seems Bohemia didn’t pay attention to the possibility of DayZ support server being at risk, which has led to a hacker by the title of DrWhat and his friend the1domo getting their hands on the program database file.
The PDB is basically a binary file which contains debugging information gathered while compiling a program.
The PDB file also maps the statements in the source code to the execution instructions in the executable as well as containing the location of the original source file and the location of a source server from which the file can be retrieved.
A hacker named Surivaton had previously pointed out a flaw in the WHMCS software which is utilized by the DayZ support site. There seems to be a hole in the system which allows for SQL injections (similar to the recent Hearbleed one) which dumps the contents of a database to the attacker.
Seems like this is exactly what DrWhat and his friend did, exploiting a weakness in the system (which was supposedly patched last year) to get their hands on the 0.28 version of the executable file. While the PDB file is of an old executable (the game is currently on 0.45 as of 7th May) the file is also accompanied with the old executable to support it.
Even if the executable and its PDB file is old, it’s no challenge for hackers to adjust the offsets to mirror the current version.
According to Australia-based Asymmetric Security founder, Kayne Naughton “when source code or PDB is stolen, the cat is out of the bag and no matter what you do you can’t take that knowledge from your adversaries unless you rewrite from scratch.”
He said the alleged breach showed companies must react quickly to vulnerabilities in software developed by third parties. Bohemia might even have to rewrite the whole code since this leak could result in a massive amount of hackers in the game as well as piracy issues.
When we contacted Bohemia about the issue, they acknowledged the attack:
We have recently detected an attack on some of our servers, the precise nature and scope of this attack is currently being extensively investigated. There were no user data on any of the servers.
Current development goals and schedules for our games will not be affected by this attack. More information will follow as our investigation continues.
I hope for the sake of community, it isn’t as bad as it looks. What’s your take though? How will it affect DayZ if its source code finds its way to the Internet?