I just read absolutely fabulous story on how the new Twitter game SpyMaster was hacked. I discovered this by googling ‘spymaster greasemonkey script’. Then, as my newly installed script started automatically doing tasks to earn my persona money, I started browsing for new approaches. I did not expect to find such riches.
The essence of the story is that our hero did not actually attack SpyMaster servers and take out their security. Instead, he built a few scripts and found out about a couple of bugs in the system. The key bug, which SpyMaster cleverly renamed an ‘exploit’, was that you could send money to different bank accounts including your own, and they money would never leave your account, but simply accumulate. Automating this with a script proved to be the key to great wealth in a few short hours: nothing short of inventing a bank note printing press.
“I earned 73.59 Trillion British Pounds in under 15 minutes. I bought every single safe-house and 100,000 of everything in the black market.”
Our hero, not satisfied with a personal fortune, then went one crucial step further and spread the wealth to thousands of others. In doing so, he covered his tracks.
SpyMaster was not happy to discover that some people had suddenly got not just hundreds or thousands or millions .. or billions .. or trillions in a few weeks of play. In a somewhat draconian move, they arbitrarily and without any warning shut down their accounts, renaming the bug an ‘exploit’. Unfortunately, they shut down thousands of accounts from people who were merely the beneficiaries of the new banking scheme.
Check out a YouTube video on how the bank account bug worked.