Videogames: December 2008 Archives

These are currently being sent to random people on the Microsoft XBox network:

Click to Enlarge

Click to Enlarge

"Hello we are a company called Microsoft Rewards. We have an overstock on Xbox Microsoft points. We are now giving them out but hurry because everyone on Xbox Live will be getting this message.

If you want points all you have to do is send us your username, email and password. After that we will log in and give you the points."

As you might have guessed, it's a scam...
As many of you probably know, I like my videogames. I also really like videogames where you get to shoot thousands of crazed zombies in the face, with a pump action shotgun. With that in mind, I was particularly interested in a collection of files that surfaced about a week or so ago, in relation to the popular videogame Left 4 Dead.

See, in theory it's supposed to be extremely difficult to mess around with XBox videogames. You might be able to exploit a few glitches here or there, but actually altering the game itself? Sorry, no can do.'s not quite that straightforward. Someone decided to hook their PC up to their XBox360, take files from the XBox Hard drive, patch them with custom-built software that looked like this:


......and then put the altered files back onto the XBox Hard Drive. Once this was done, the game was open to all sorts of abuse. You could make the characters giants, spawn thousands of guns, generate an endless amount of zombies, name it, it was probably do-able. The exploit was quickly fixed, and the files are now supposedly useless.


The bit that really interested me was that in many threads on unrelated forums, some people were claiming that using these programs on their PC had resulted in Steam accounts being stolen.

Despite testing these various programs for what seems like an age, I'm no closer to having my Steam account stolen than I was last week. It's possible that people are having their Steam account taken via an unrelated method, and in the rush to work out the cause this hack / mod is taking the fall. With that in mind, if anyone reading this tried the above hack (or knows someone that did) and you think your account details for Steam were taken as a result of using these files, please leave a comment and let us know exactly what happened.
If you like shooting zombies in the face - and who doesn't - then you may well have already purchased Left 4 Dead, a videogame pitting four survivors against a relentless zombie horde.

Well, it appears to be a popular target for scammers. An EMail popped up in my mailbox over the weekend, claiming I'd received a "guest pass" that would let me play the full game "for a limited time". Here's the mail in question:

Click to Enlarge

"The steam support has invited you to use a free guest pass for Left 4 Dead on Steam, the leading digital distribution platform for PC games.

Once you've installed Steam (or if you already have an account) click here to accept steam supports invitation to a full game of Left 4 Dead."

Of course, the link for the "guest pass" doesn't take you to an official site - it takes you to (note that's steampo v v ered, NOT steampowered)

At that point, if you enter your Steam password, you've potentially lost it for good. The site is currently offline, presumably because it's already been reported ("This domain is under examination at the moment, it will be finished within 24 hours"). However, there are probably more Phishing scams out there attempting to capitalise on the popularity of this particular game.

Now if you'll excuse me, I have to prepare for the coming Zombie Apocalypse...
This is a particular favourite of Phishers - a page claiming to give you free Microsoft Points for XBox Live, only to take your login and do what they want with it (which could range from using the credit card stored against your account to buy lots of games you don't actually want to just trashing your gamer profile).

With that in mind, then, here's the offering for today:

Click to Enlarge

The "3.1" in the bottom right hand corner is particularly humorous. Anyway, hit "Click here" and you're taken to a standard fake Live login page:

Click to Enlarge

If the unwary visitor should enter their details, some code in a .php file will stash the login for the Phisher to grab later while immediately redirecting you to the following (entirely fake) message on a blank page:

Click to Enlarge

If you get to the stage where you see this message, you should be thinking about logging in as quickly as you can and changing your password. Top tip for the day - any website that offers "Free Microsoft points" should be avoided like the plague. I've yet to see a genuine one, and I think I can safely say I'll be waiting for quite some time before I do...
I recently posted about this, regarding videogamers inexplicably spamming a moneymaking link to all their friends.

The same site is being posted to everything from Reddit to Digg, and assuming this isn't the grandest "hack every type of account known to Man and post autospam from it" scam I've ever seen (which is unlikely), we have to draw one conclusion - half the Internet has taken leave of their senses in the mad rush to see some incredibly tame pictures of a semi-naked woman.

It's a conclusion that has a fair amount of evidence lying around to back it up - here's an explanation from someone who posted it to a forum, only to have their original post edited by a Mod:

Click to Enlarge

"I'm just really shallow and want to see the rest".

...amazing that people are so eager to post this everywhere when if they really wanted to, they could see as much naked flesh as they want in about three seconds or less. Apparently it's easier to annoy your friends with spam and ruin your reputation on forums you've been on for a long time.

Whoever came up with this idea must have a swimming pool filled with money.
Someone, somewhere has decided to make a lot of money and apparently use gamers to achieve that goal. How are they doing this? Well, the last couple of days a certain weblink has been appearing on numerous gaming websites and forums.

Click to Enlarge

"Rumour has it "Sexy" Emilie is being cast as a fifth character replacing one who will die for new downloadable content already planned for 2009! Her site even has a story on it!"

There are two strange things about this spam. The first is that it's not the usual "Click here for pills" spambot speak - it's relevant to the forum it's been posted to, a real live person has sat down and typed it out. The second is that it isn't "one post and you're banned" spam accounts posting the link - in most cases, it's people who have been on their respective forums for some time (the person posting above is on the official XBox forums, and has a high gamerscore and reputation).

The accounts haven't been hacked - people are willingly posting this link up. Each time the link is posted, people are attaching an affiliate link which is even more suspicious. Visit the site, and we see some rather clever tactics being employed. At first, it looks like any other "Check out these pictures of my ex-girlfriend" porn website:

Click to Enlarge

However, scroll down and you see eight of these boxes:

Click to Enlarge

And this, which gives the game away:

Click to Enlarge

If you want to "see more", you have to send the link to as many people as possible. According to the text, more pictures will be unlocked as people click your link to reach the page - however, this is where it all starts to fall apart. It doesn't matter how many times you click the link from any of the sites it's been posted to - the counter that tells you "how many of your friends already clicked the link" always said zero for us when testing. Regardless of what the page says, you can hit F5 as many times as you like and it never goes up.

Despite this, there's a counter at the bottom of the page that says the number of people who've been there today is "204,781".


Over two hundred thousand people have been there, and not one person has arrived via these spammy affiliate links? Does that sound plausible?

Of course not. The gimmick is that the creator of the site is hoping people don't want to wait for pictures that will likely never actually reveal themselves (they certainly won't when the counter registering clicks doesn't seem to work), and phone up a $2.50 1-900 number to get a "special access pass".


Interestingly, when we visited the page via a proxy, we were randomly presented with a page displaying all ten images - presumably this is the page shown to the user if they're willing to phone and pay up.

Also of note is the following:

"Hot tip:  If you use ICQ, MSN, AIM, and other instant messengers to send your personal link to your friends, you will have the video in no time!"

If you see this site sent to you via a friend on Instant Messaging, don't worry - they haven't been hacked, they've just been convinced that sending this URL to all their friends is a good idea. The reality is that someone, somewhere decided to exploit gamers to go spread this link virally, and they're practically falling over themselves to promote it.


The site is now inevitably starting to move away from gaming sites and into other areas -
it's being posted to everything from Yahoo Answers ("Can you please tell me what is? my friend keeps telling me to go there but I don't what what it is, even though I have an idea") to Twitter (note the person who posted it there is a gamer too).

People will try to justify posting it:


...sadly, they're missing the point. People don't find the website "offensive" because they lack a sense of humour; they find it offensive because gamers are silly enough to keep posting it while making someone a lot of money at the same time. At this point, we're not sure how they convinced a whole bunch of gamers to start posting this link everywhere - but it definitely seems like a tactic that's paying off...

About this Archive

This page is a archive of entries in the Videogames category from December 2008.

Videogames: November 2008 is the previous archive.

Videogames: January 2009 is the next archive.

Find recent content on the main index or look in the archives to find all content.