This is the ultimate power move. The third Cartel probably stockpiled a ton of gold through this method while d.a. Cartel 1 and 2 sold their stock. When the price went back up they had a massive value increase simply by snitching.
I used to work at one Amazon warehouse and met some girl I knew from school. We talked a bit during our trip home and she told me that she just got some bonuses for telling on guy that she saw stealing. Then 30s later she went "yea and then I got myself this" and pulled out some cheap jewelry she stole... Sometimes I'm surprised by what people do...
@@jordan9604 Sorry you decided to white knight the guy but I only ask because I have dyslexia and it was confusing to me so... If you ain't got nice things to say shut your fuckin mouth kid.
beyond real, I've had so many jira tickets where the response was the most inane general bullshit that I may as well not have bothered making the ticket at all
I mean if legit cartel members are making money off of selling OSRS gold I’m sure they’re in all games that this can be done to I think El Salvador or some central/south American country’s entire economy was ran off of osrs no shit it’s crazy
He talked about it more on stream and basically it's organised crime that comes out of China because China has no laws to protect digital stuff outside of China or something like that. Basically they go to poor people and pay them like 20% more then any person in their village is making. Just to run some programs on a computer. Whichis a deal any sane person would take.
I remember back in WoTLK i became friendly with a gold seller. She told me that all the farmers and hackers were mainly men while the sellers/people who reached out to talk were females. They had a warehouse with bunks for them to sleep in but it was pretty much a dedicated work house. I never had money to buy but she was happy i was kind to her so we chatted on an im, i think it was aol? I remember a few years had passed when i heard from her again, she had left the job and gotten married and shared some wedding photos. I was so happy to hear that of her. I lost contact years ago but i still think of her every so often. I hope they're doing well now
Women as the front facing customer service role has always been the most effective way of selling products to men without them asking too many questions.
I met a guy from china through boosting and through google translate we got speaking about the gold market. They now have entire "mafias" basically gold selling corps, within discord etc. The way it works is you funnel all the gold you earn to middle men which are connected to the "cartels, mafia's w.e". The cartel consists of logistics for holding and delivering gold but you also have marketing, customer service etc and even CEO/boss types that bring it all together. It also allowed sharing off systems so if a gold seller lost his level 60 mage but has shown he can grind gold 12 hours a day every day doing mara boosts. They would "lend" him a level 60 mage.
He calls them gold cartel or whatever. Truth is it's probably people in poor countries. Where they can make more selling gold than they could work an actual job.
@@nathaniels9141 no probably, its for sure. Gold has a vaule, compare it to the value of the currency and you can see where its profitable to farm gold and sell it for money.
Nah what exactly happened, is that a bunch of troglodytes occupied real hackers, and when they shot gold, they went crazy with it. So bro that had normal people on his side, swiped them out of the game. If they were smart, they could sell the same ammount of gold over time. So they basically could not do almost anything for years of income.
I was one of those that had 2FA for WoW and still got hacked. Took like an hour to verify it was me and get back in. Haven't been hacked since. Thanks for doing whatever you guys did to fix that.
@@kaystephan2610 There's a number of ways it COULD happen, but all of them are very unlikely. 2FA is very difficult to breach. No one knows specifically what happened here because 2FA vulnerabilities are extremely severe security flaws and aren't the type of thing that you'd want to speak on publicly even after you've fixed it, for fear that vulnerability could pop up in another place for someone else. Just pass the info along privately to relevant companies and move on quietly.
@@kaystephan2610from all the info we hot here it sounds quite a lot like it was this way: They introduced 2FA, but you had to puck a new pw for that. The old one was kept in place to bypass 2FA and thus whoever just took the old pw was effectively on regular pw authentication without realizing. Once the seemingly "not so important" pw got leaked you could just use that to bypass 2FA. The old layer 8 problem in the end.
tolkien was right in all planes of speech in this quote, hot damn may it be on my personal life, on exemples like this or on governmental scale he's a 100% right
In Lord of the Rings, Gold - as in *the element of gold itself* is mildly evil because Melkor (basically Satan) corrupted all of it centuries ago. This in turn corrupted both men and dwarves with a lust for gold and a willingness to commit atrocities for it. TL;DR getting off the gold standard delayed the return of the dark one and 'Tulkamania' a few thousand years thank you economists
@@MaxIronsThird You mean.... people who probably gonna quit doing "cartel gold selling" and just make quick cash out not caring about 3rd chinese botfarm. Stupid people would be the ones getting hacked for reusing the same passwords etc. Here they're evil = trying to steal and profit from it, 3rd cartel is the same, just because they sold the other two, doesn't mean they didn't go back and steal shit and RMT the game by ruining the economy. AKA evil undoing itself.
It's the same kinda thing in any illicit trade. If someone starts doing some dumb shortsighted shit then it usually doesn't end well for them. I used to know this one kid from my area who started growing and selling weed and his own rx pills for waay cheaper than literally everyone else to make all the prices go down to a more reasonable level. Dude ended up first getting robbed and "visited" by a "legitimate business association of gentlemen with leather vests" and then snitched on by street level dealers who wanted the prices to stay high. That's why they call them cartels I guess.
Fun fact: Capt Steven K Bannon ran Chinese Gold farms via his private equity fund back in the original WOW days. Goldman Sacks provided 60 million of funding for the venture.
I had to look this up. This is crazy. Apparently the source is a book written by a Bloomberg Businessweek reporter, Joshua Green, called Devils Bargain. Supposedly Goldman Sachs didn't supply all of the 60 million from what I'm reading about the book though.
I shook his hand. He was only with PlayerAuctions for a limited time. He clearly had no idea what he was doing. He also never owned a gold farm. Also, the investment by GoldMan Sachs performed VERY poorly. We were all pretty happy to see him go because he was going to run the company further into the ground.
Goldman Sachs will give 60 million to a fucking Chinese WoW gold farmer and then turn around and say I can't afford a $1000 mortgage when I already pay $1500 in rent.
The sad thing is that after watching this, I realize I was one of those people. I messaged blizzard about it because my pass was changed etc etc. they rectified the issue then banned me for 9 months for account sharing. This now makes complete sense. That was the final nail in the coffin for me to touch blizzard shit ever again.
Thor: Don't put the same password back in! Companies: Let's force password updates on our users every 6 months, and never let them reuse an old password!
The frustrating thing, for me, is that we have KNOWN better ways to handle password generation for more than a decade, but companies are still enforcing the worse, less secure, rotating password options that actually CAUSE so many of these leaks!
@@bug5654 He's right, I don't know the exact numbers but a large part of people getting scammed is because of social engineered emails/texts/letters that tell you, you need to change your password whilst not realizing you're being scammed. And the problem is that it's incredibly common (about 6 months) that companies ask you to change it.
@@dense_and_dull good. Use a password generator / manager and use it to generate codes. Realistically, you can't really trust any application you don't host yourself, that's the reality. Just pick the best one. They often list how they keep your passwords free (last pass before it shit the bet, did some cryptography wizardry for example)
@@dense_and_dull You could just go for the old-fashioned way my Dad used to use: Keep a password locked Excel file (or something similar) with all your login credentials in it. Then just copy/paste your password as needed. Just make sure whatever password you use for the file is something that 1) You can easily remember, 2) Is sufficiently complicated, and 3) You don't use ANYWHERE else.
@whymustyouignorereality lol, keep them logged somewhere, on a device? Fam, I write my shit down in a book. I dont even mind having to change them cause rhe book is next to my desk with logged chapters for specific places lol. I don't even say them outloud cause Google always listening.
Seems pretty neutral evil to me. Gold sellers are basically scalpers, right? Businessmen making money in a scummy way, but it's not necessarily criminal or lawful. Besides, it's a luxury, not a need. Scalping medicine or food is definitely evil, but currency in a video game is hardly necessary for safety or life
Gold farmers are the definition of neutral evil. Totally within the law, breaking a ToS, but also ruining the spirit of games. He was only acting in his best interests by reporting the exploit.
@@FireSikuthat is EXACTLY the play I was thinking. See the market crashing, buy gold at low price (assuming it is re-sellable), rat out the method to re-stabilise the market, sell gold at normal price. This only works if you have enough liquidity to survive investing in the dip though. Actually, the best play is to hack the accounts that bought cheap gold. No investment, large benefit. Scummy behaviour though!
For anyone wondering what likely happened was an MFA Fatigue Attack. Basically the attackers find a username/password combo that works due to re-used, recycled etc. They then input that into the system. It PINGS the MFA authenticator to do a push authorization. If you do this enough your victim will just click "ok" just to shut up the authenticator, once that's done, the attacker is in. Its why many systems now have users input a 2 or 3 digit code when the push comes.
Who sets up two factor and then when it pings when they are not trying to log in just accepts it?? Gotta be the same people stupidly posting their credit cards online.
Witch is just shows this was a dumb progression for 2FA. Good old TOTP with 6 numbers is still the best. You are not tied to your mobile device and there is no networking involved. Next best thing is WebauthN with physical hardware device. Smartphone based auth (SMS, NFC, push 2Fa) are incredibly susceptible to man in the middle given how easy it is to clone your phone.
I'm not a WOW player but I love hearing about stories from it. I wish I could like the gameplay because so much about the drama and the "lore" of the players and the game's history, like this incident, is so fascinating to me.
When you realise an ingame economy entirely destroyed by bots, gold sellers, ingame prices and services entirely based on inflated gold prices makes the game unplayable normally.
Doctors do this with their salary. The American medical association lobbies congress to restrict residency slots. American physicians can not work until completion of a residency program. This has caused medical schools not to expand because they know residency slots will not exist for additional matriculates. There is no shortage of qualified people who want to be doctors. Numerous are turned away yearly after applying. This allows doctors to say ‘don’t want to pay my rate? Find someone else cheaper or die’ while knowing they restricted supply 😂
Thanks for explaining this in an easily repeatable way. Dr. Ron Paul also talks about how the government subsidizes hospitals on a whim or according to size; essentially giving away tax payer dollars to those who need it the least. And this causes the smaller healthcare providers to go under because they can't charge enough to stay in business. Goes to show even a government measure to lower patient costs is still fraught with corruption. And that's before I even bring up the insurance industry and how the government lets providers charge ransom prices just *because* someone has insurance.
Dude who gave the method up is a real businessman. He knew what he needed to do to fix his market. It's smart lol but crazy how even they understand that there's a balance to it all. This behavior is a perfect example of why the government steps in to manage companies who monopolize- the truth is that these types of imbalances hurt everyone. Most of us don't have that lesson yet
Essentially, this is the private sector making a plea deal with the public sector, to utilize a legal monopoly which will then shut down competition, where the complaint is that the compeition was saturating the market by doing the same underhanded tactics as they were.
I honestly wouldnt be shocked if they were one in the same. Money is money and they want more of it. IF its anything like phone scammers they probably have a bunch of poor people they have hold and controller over doing that stuff for them. Diversifying your means of income is always a good idea when the main one is as volatile as something what they normally do.
Damn it took me a solid minute to remember what channel I'm watching, legitimately I was thinking for a bit "hell I feel like if one security breach was so big to crash the gold price I feel I'd have heard of that".
The real genius play by the third cartel would be to buy up all the worthless gold, turn in the competition, and then turn around and sell the gold after prices go back up.
great video! i appreciate the breath of fresh air your videos bring, and the analysis and commentary on the topic you are discussing. great work, just subbed.
One of the most interesting things I've read coming out of the video game market is developers hiring economists. Iirc there was an article about Valve hiring one for TF2 items and/or Steam gems meta during big sales
I did something similar with starcraft brood war. Some dude was issuing the burrow command to larva, which would make them hatch into mutalisks. You could get 3 mutalisks right off the bat and fly at your opponents. Blizzard said it was a modified replay, so I gave them both compiled and source code for triggering the burrow command on a larva, and a logger to see it working in the replay, and I pointed to the exact line of code needed to be fixed, and explained how/why their code was buggy and suggested a fix. Several pages of the main post complaining about this disappeared off the blizzard forums within an hour. When I asked if Blizzard was hiring, as I know Drakken was hired, I was told to go to college. I found/fixed your(Blizzard's) code as a hobby when you didn't even acknowledge it existed, and *I* need to go to college? I don't remember if I even reported the "telling a hatchery to burrow, then cancel gives you 100min/gas and can be repeated for infinite resources" after their response.. Here's to being Thor's co-worker in a different life. :p
Wait? You can put the same password when they ask you to change? Well... Good thing my computer illiteracy (or just the fact I'm a good law abiding citizen) made me more safe here I guess.
Depends on the policies set up within the system. It can be set up so that the new password isn’t the last 5 passwords used, for example. If they were smart with the 2FA, they would’ve done this.
You can bypass a lot of it simply with the password reset function. Many platforms allow users to access an account after obtaining a password reset token without additional verification.
My best guess is that because the passwords were prompted to be changed, there was some weakness/leak of old passwords, and by having old passwords they got around 2FA by using an older system. I have no idea if this is correct it is just my best guess.
The amount of parallels with other real world markets is insane. Crazy how short-sighted some people are and kill the business they are running, at least in games it gets fixed quickly whereas real-world can take decades and/or cause irreversible damage
The way this story was told in a previous short made it sound like one cartel cheated, one snitched, and one did nothing. This explanation makes WAY more sense.
You know something terrible has happened when your Security Specialist goes 'Oh no' and starts to panic
rule 3 : An ordnance technician at a dead run outranks everybody.
Yeah and unfortunately, this happen almost weekly. People make really dumb mistakes and are almost always the weak point in security
@@awolr But they weren't in this case... Except for the ones who didn't change their passwords when prompted.
@@atroxiv So your point was "no, but actually yes"?
@@awolr😂😂😂 True.
Honorable old "smuggling" cartel vs Greedy new "drug dealer" cartel. Tale as old as time 😂😂
Yusyud!!! Sotrue..
Yakuza vs new gang type of shit.
Medellin?
The difference between a rogue and a thief.
Ah yes, the "we don't harm civvies so please leave us alone" versus "yeah we kill people for fun" type of shit
This is the ultimate power move. The third Cartel probably stockpiled a ton of gold through this method while d.a. Cartel 1 and 2 sold their stock. When the price went back up they had a massive value increase simply by snitching.
I used to work at one Amazon warehouse and met some girl I knew from school. We talked a bit during our trip home and she told me that she just got some bonuses for telling on guy that she saw stealing. Then 30s later she went "yea and then I got myself this" and pulled out some cheap jewelry she stole... Sometimes I'm surprised by what people do...
@@OndraUrbandyring? Do u mean during?
@@EriSenshurIt is pretty damn obvious. Although, I thank you for pointing it out in case someone is trying to learn English from UA-cam comments.
@@jordan9604 Sorry you decided to white knight the guy but I only ask because I have dyslexia and it was confusing to me so... If you ain't got nice things to say shut your fuckin mouth kid.
@@jordan9604grow up and relax dude, you made a mistake. Own up to it.
this is the classic "you don't punish the guy who knows your weaknesses, you hire him"
The worst part is when CS is showing the issues to other departments, and they're like "yeah yeah, you can handle it"
Which is most of the time until someone important gets impacted.
"bug was reported, no resolution timeframe given, enjoy the shitty calls for weeks/months you shithead low tier goons"
And in the post-mayday analysis they don't want to put 'listen to CS' in the early detection plan...
Bruh i have this experience but opposite
beyond real, I've had so many jira tickets where the response was the most inane general bullshit that I may as well not have bothered making the ticket at all
I love how the devs referred to them as cartels
I mean they fit the definition
RWT is a lot more organized than you think.
I mean if legit cartel members are making money off of selling OSRS gold I’m sure they’re in all games that this can be done to
I think El Salvador or some central/south American country’s entire economy was ran off of osrs no shit it’s crazy
He talked about it more on stream and basically it's organised crime that comes out of China because China has no laws to protect digital stuff outside of China or something like that.
Basically they go to poor people and pay them like 20% more then any person in their village is making. Just to run some programs on a computer. Whichis a deal any sane person would take.
It's typically Venezuela. Source: I play the game @@Raumes513
You know shit's serious when the cartel snitches without bribing
I remember back in WoTLK i became friendly with a gold seller. She told me that all the farmers and hackers were mainly men while the sellers/people who reached out to talk were females. They had a warehouse with bunks for them to sleep in but it was pretty much a dedicated work house. I never had money to buy but she was happy i was kind to her so we chatted on an im, i think it was aol?
I remember a few years had passed when i heard from her again, she had left the job and gotten married and shared some wedding photos. I was so happy to hear that of her. I lost contact years ago but i still think of her every so often. I hope they're doing well now
Wholesome
Women as the front facing customer service role has always been the most effective way of selling products to men without them asking too many questions.
are you telling me they got together irl and lived together to make money off of hacking a game?
@misterbleedinggums, it's never too late to reach out to them again. It sounds like she was a good friend.
@@cattysplat It's Marketting tales as old as time, from business, governments, and cults.
This putting off “I’m a businessman” vibes
I met a guy from china through boosting and through google translate we got speaking about the gold market. They now have entire "mafias" basically gold selling corps, within discord etc. The way it works is you funnel all the gold you earn to middle men which are connected to the "cartels, mafia's w.e". The cartel consists of logistics for holding and delivering gold but you also have marketing, customer service etc and even CEO/boss types that bring it all together. It also allowed sharing off systems so if a gold seller lost his level 60 mage but has shown he can grind gold 12 hours a day every day doing mara boosts. They would "lend" him a level 60 mage.
He calls them gold cartel or whatever.
Truth is it's probably people in poor countries. Where they can make more selling gold than they could work an actual job.
he's a businessman doing business
Stringer Bell from The Wire. When crooks pay attention in economics class.
@@nathaniels9141 no probably, its for sure. Gold has a vaule, compare it to the value of the currency and you can see where its profitable to farm gold and sell it for money.
“I was a businessman, doing business”
But my business, was crime
@@logdog6762business is business lol
Crime pretty much is a business, governed by the same rules, risk/reward supply/demand
Valefisk reference? 👀
@@youknowwho3097 Bobby Cummins
Professionals have STANDARDS
No. Just basic economy.
Literally the only time that a free market has encouraged an entrepreneur to behave more ethically than a regulated market
bro doesn't know about real-life communism
@@azazelleblack "it will work this time i promise!"
Every failed communist country wanting to try again
@@azazelleblack bro doesn't know that communism isn't a regulated market
Nah what exactly happened, is that a bunch of troglodytes occupied real hackers, and when they shot gold, they went crazy with it.
So bro that had normal people on his side, swiped them out of the game. If they were smart, they could sell the same ammount of gold over time. So they basically could not do almost anything for years of income.
I was one of those that had 2FA for WoW and still got hacked. Took like an hour to verify it was me and get back in. Haven't been hacked since. Thanks for doing whatever you guys did to fix that.
How does that happen tho?
@@kaystephan2610 There's a number of ways it COULD happen, but all of them are very unlikely. 2FA is very difficult to breach. No one knows specifically what happened here because 2FA vulnerabilities are extremely severe security flaws and aren't the type of thing that you'd want to speak on publicly even after you've fixed it, for fear that vulnerability could pop up in another place for someone else. Just pass the info along privately to relevant companies and move on quietly.
@@kaystephan2610 Doubt they will say how.
@@kaystephan2610I think it would be a form of session hijacking
@@kaystephan2610from all the info we hot here it sounds quite a lot like it was this way:
They introduced 2FA, but you had to puck a new pw for that. The old one was kept in place to bypass 2FA and thus whoever just took the old pw was effectively on regular pw authentication without realizing. Once the seemingly "not so important" pw got leaked you could just use that to bypass 2FA.
The old layer 8 problem in the end.
This is what Tolkien meant by evil always being the source of its own undoing.
tolkien was right in all planes of speech in this quote, hot damn may it be on my personal life, on exemples like this or on governmental scale he's a 100% right
In Lord of the Rings, Gold - as in *the element of gold itself* is mildly evil because Melkor (basically Satan) corrupted all of it centuries ago. This in turn corrupted both men and dwarves with a lust for gold and a willingness to commit atrocities for it.
TL;DR getting off the gold standard delayed the return of the dark one and 'Tulkamania' a few thousand years thank you economists
nah, this is more like people are just stupid
@@MaxIronsThird You mean.... people who probably gonna quit doing "cartel gold selling" and just make quick cash out not caring about 3rd chinese botfarm. Stupid people would be the ones getting hacked for reusing the same passwords etc. Here they're evil = trying to steal and profit from it, 3rd cartel is the same, just because they sold the other two, doesn't mean they didn't go back and steal shit and RMT the game by ruining the economy. AKA evil undoing itself.
@@MaxIronsThirdNot all that different really, there are various reasons this qoute is right.
Bro really hit them with the “ain’t no room for gunslingers, we’re civilized now…”
It's the same kinda thing in any illicit trade. If someone starts doing some dumb shortsighted shit then it usually doesn't end well for them.
I used to know this one kid from my area who started growing and selling weed and his own rx pills for waay cheaper than literally everyone else to make all the prices go down to a more reasonable level. Dude ended up first getting robbed and "visited" by a "legitimate business association of gentlemen with leather vests" and then snitched on by street level dealers who wanted the prices to stay high.
That's why they call them cartels I guess.
Fun fact: Capt Steven K Bannon ran Chinese Gold farms via his private equity fund back in the original WOW days. Goldman Sacks provided 60 million of funding for the venture.
I had to look this up. This is crazy. Apparently the source is a book written by a Bloomberg Businessweek reporter, Joshua Green, called Devils Bargain. Supposedly Goldman Sachs didn't supply all of the 60 million from what I'm reading about the book though.
And apparently this is how he started gathering his white supremacist fanbase, all through wow at first, then through Breitbart
Lmao this is pretty funny
I shook his hand. He was only with PlayerAuctions for a limited time. He clearly had no idea what he was doing. He also never owned a gold farm. Also, the investment by GoldMan Sachs performed VERY poorly.
We were all pretty happy to see him go because he was going to run the company further into the ground.
Goldman Sachs will give 60 million to a fucking Chinese WoW gold farmer and then turn around and say I can't afford a $1000 mortgage when I already pay $1500 in rent.
Sometimes enemies become allies.
Well, you know the saying. The enemy of my enemy is my friend
In business, there is no permanent enemies.
@@ZoraPMCare
It was just an old-fashioned, illegitimate businessman wanting to go back to business as usual.
not really
The sad thing is that after watching this, I realize I was one of those people. I messaged blizzard about it because my pass was changed etc etc. they rectified the issue then banned me for 9 months for account sharing. This now makes complete sense. That was the final nail in the coffin for me to touch blizzard shit ever again.
Thor: Don't put the same password back in!
Companies: Let's force password updates on our users every 6 months, and never let them reuse an old password!
The frustrating thing, for me, is that we have KNOWN better ways to handle password generation for more than a decade, but companies are still enforcing the worse, less secure, rotating password options that actually CAUSE so many of these leaks!
@@ClokworkGremlin What in the correct horse battery staple are you talkin' bout, Willis?
@@bug5654 He's right, I don't know the exact numbers but a large part of people getting scammed is because of social engineered emails/texts/letters that tell you, you need to change your password whilst not realizing you're being scammed. And the problem is that it's incredibly common (about 6 months) that companies ask you to change it.
@@bug5654 Nvm my comment just noticed you said 'Correct horse' So I assume you agree
"oh you can re-use passwords, after 32th time that is."
Don't worry bro. All the password requirements are so convoluted I basically have to make a new password each time
LOL tell me about it. I started using password generators and keeping them logged on a separate device. I don't trust those password saving programs.
@@dense_and_dull good. Use a password generator / manager and use it to generate codes. Realistically, you can't really trust any application you don't host yourself, that's the reality. Just pick the best one. They often list how they keep your passwords free (last pass before it shit the bet, did some cryptography wizardry for example)
@@dense_and_dull You could just go for the old-fashioned way my Dad used to use: Keep a password locked Excel file (or something similar) with all your login credentials in it. Then just copy/paste your password as needed. Just make sure whatever password you use for the file is something that 1) You can easily remember, 2) Is sufficiently complicated, and 3) You don't use ANYWHERE else.
@whymustyouignorereality lol, keep them logged somewhere, on a device? Fam, I write my shit down in a book. I dont even mind having to change them cause rhe book is next to my desk with logged chapters for specific places lol. I don't even say them outloud cause Google always listening.
@@BoinkrNanis lol, im in cyber sec and I often joke that the best security recommendation I have is pen and paper
Cartel 3: thats bullshit, im gonna tell the devs
I always remember playing Skyrim, if you join the Thief's Guild, they tell you "we don't kill"... You don't kill the cows if you only need milk
Similarly, you don't kill sheep if you only need wool, and you don't kill the poultry if you only need eggs.
The Cartel Dilemma, personified.
Funny how the gaming cartels do the same thing the Mexican cartels would do in this situation
What do you mean
@@Tryton-A-Morrisan example is the mexican cartel is killing anyone who is manufacturing fentanyl because it destroys their income.
@@Tryton-A-Morris you dont f**k with market
2 cartels had hackers, the third: economists.
I know which one I think is more dangerous
Reminds me of a line from a ssethtzeentach video
Security specialist freaking out has the same energy as a Sergeant EOD bomb specialist freaking out
A lot of the problems in the world could be easily solved if more people simply said, "Wait, this is stupid and short-sighted."
I can’t tell if that third cartel person was Lawful or Neutral Evil.
why not chaotic, since they're out for themselves?
Seems pretty lawful, as in serving the long term interests of their cartel lol
Seems pretty neutral evil to me. Gold sellers are basically scalpers, right? Businessmen making money in a scummy way, but it's not necessarily criminal or lawful. Besides, it's a luxury, not a need. Scalping medicine or food is definitely evil, but currency in a video game is hardly necessary for safety or life
They made a living converting the in-game currency into real money. They weren't just doing it for a fake currency lol. @@anonymone453
Gold farmers are the definition of neutral evil. Totally within the law, breaking a ToS, but also ruining the spirit of games. He was only acting in his best interests by reporting the exploit.
The 3rd cartel dude is a genius
I really hope the 3rd cartel bought a lot of this really cheap gold.
That's the real genius move lol
@@FireSikuthat is EXACTLY the play I was thinking.
See the market crashing, buy gold at low price (assuming it is re-sellable), rat out the method to re-stabilise the market, sell gold at normal price.
This only works if you have enough liquidity to survive investing in the dip though.
Actually, the best play is to hack the accounts that bought cheap gold. No investment, large benefit. Scummy behaviour though!
No. He just had common sense.
Not a genius, just losing money
The third cartel guy understands meaning and importance of balance. A true master of grey
the outstretched hands was Homer's spirit slipping into Thor
"you little!!"
Economics in a nutshell
For anyone wondering what likely happened was an MFA Fatigue Attack. Basically the attackers find a username/password combo that works due to re-used, recycled etc. They then input that into the system. It PINGS the MFA authenticator to do a push authorization. If you do this enough your victim will just click "ok" just to shut up the authenticator, once that's done, the attacker is in. Its why many systems now have users input a 2 or 3 digit code when the push comes.
Not in this case. There actually was a way around 2FA
Who sets up two factor and then when it pings when they are not trying to log in just accepts it?? Gotta be the same people stupidly posting their credit cards online.
This is why push OK 2fa is stupid. Either do manual TOTP or type a number
Witch is just shows this was a dumb progression for 2FA. Good old TOTP with 6 numbers is still the best. You are not tied to your mobile device and there is no networking involved.
Next best thing is WebauthN with physical hardware device.
Smartphone based auth (SMS, NFC, push 2Fa) are incredibly susceptible to man in the middle given how easy it is to clone your phone.
@@Runzi333 Remember the Linus Tech Tipps hack? Yep, they did exactly that.
I'm not a WOW player but I love hearing about stories from it. I wish I could like the gameplay because so much about the drama and the "lore" of the players and the game's history, like this incident, is so fascinating to me.
What is most off-putting to you about the gameplay?
When you realise an ingame economy entirely destroyed by bots, gold sellers, ingame prices and services entirely based on inflated gold prices makes the game unplayable normally.
When Goblin Gangs go to war, they go to the forums. XD that's the best part.
Doctors do this with their salary.
The American medical association lobbies congress to restrict residency slots. American physicians can not work until completion of a residency program. This has caused medical schools not to expand because they know residency slots will not exist for additional matriculates.
There is no shortage of qualified people who want to be doctors. Numerous are turned away yearly after applying.
This allows doctors to say ‘don’t want to pay my rate? Find someone else cheaper or die’ while knowing they restricted supply 😂
Thanks for explaining this in an easily repeatable way. Dr. Ron Paul also talks about how the government subsidizes hospitals on a whim or according to size; essentially giving away tax payer dollars to those who need it the least. And this causes the smaller healthcare providers to go under because they can't charge enough to stay in business. Goes to show even a government measure to lower patient costs is still fraught with corruption. And that's before I even bring up the insurance industry and how the government lets providers charge ransom prices just *because* someone has insurance.
You'd think they WANT more doctors ya know to TAKE CARE of more PEOPLE god I fucking hate capitalism
They do the same with airline pilots.
An enemy of an enemy is a temporary ally.
The enemy of my enemy is my friend... for as long as our common enemy exists.
Dude who gave the method up is a real businessman. He knew what he needed to do to fix his market. It's smart lol but crazy how even they understand that there's a balance to it all.
This behavior is a perfect example of why the government steps in to manage companies who monopolize- the truth is that these types of imbalances hurt everyone.
Most of us don't have that lesson yet
Essentially, this is the private sector making a plea deal with the public sector, to utilize a legal monopoly which will then shut down competition, where the complaint is that the compeition was saturating the market by doing the same underhanded tactics as they were.
Seeing this short knowing I was there during the stream, bliss. What a feeling.
BEHOLD, THE FREE MARKET.
Didn't expect to find a "History on Crack" moment on this channel but I was not disappointed by it.
Bro really pulled a: “Professionals have standards”
You ain't a businessman until you have to stop yourself from shooting your own foot
If the cartel isn’t busy selling drugs then they’re definitely playing WoW bypassing 2FA for gold 😂
Well, that's one way Chinese prisons actually make money. There was a whole ass report about it a while ago. Apparently it's pretty lucrative.
He's not talking about those cartels
I honestly wouldnt be shocked if they were one in the same. Money is money and they want more of it. IF its anything like phone scammers they probably have a bunch of poor people they have hold and controller over doing that stuff for them.
Diversifying your means of income is always a good idea when the main one is as volatile as something what they normally do.
Emerges from the shadows: "I have something...you might find interesting."
The smack talk to the chronograph really cracked me up man!! “You’re embarrassing me”!!! 😂
Wish the government looked that far ahead.
Steve Bannon be angry that day
Damn it took me a solid minute to remember what channel I'm watching, legitimately I was thinking for a bit "hell I feel like if one security breach was so big to crash the gold price I feel I'd have heard of that".
Gotta love competition.
its crazy that people live day to day and dont understand why inflation is an issue, it took 3 teams to realize that, crazy
Because 99.9% of people don't care about inflation until it arrives. Then they react. Human nature never prepares for the worst.
This isn't me snitching. This is me doing "Business" fix it gringo quick! Vamos! 😂😂😂
This is a really neat idea and I love how relaxed the video is!
The real genius play by the third cartel would be to buy up all the worthless gold, turn in the competition, and then turn around and sell the gold after prices go back up.
Plus Thor & Friends banned their competition.
There's actually 4 gold selling cartels in this story. The 3 illegal ones, and Blizzard.
great video! i appreciate the breath of fresh air your videos bring, and the analysis and commentary on the topic you are discussing. great work, just subbed.
One of the most interesting things I've read coming out of the video game market is developers hiring economists. Iirc there was an article about Valve hiring one for TF2 items and/or Steam gems meta during big sales
I did something similar with starcraft brood war. Some dude was issuing the burrow command to larva, which would make them hatch into mutalisks. You could get 3 mutalisks right off the bat and fly at your opponents. Blizzard said it was a modified replay, so I gave them both compiled and source code for triggering the burrow command on a larva, and a logger to see it working in the replay, and I pointed to the exact line of code needed to be fixed, and explained how/why their code was buggy and suggested a fix. Several pages of the main post complaining about this disappeared off the blizzard forums within an hour.
When I asked if Blizzard was hiring, as I know Drakken was hired, I was told to go to college. I found/fixed your(Blizzard's) code as a hobby when you didn't even acknowledge it existed, and *I* need to go to college?
I don't remember if I even reported the "telling a hatchery to burrow, then cancel gives you 100min/gas and can be repeated for infinite resources" after their response..
Here's to being Thor's co-worker in a different life. :p
So you're telling me Blizzard did not have any password history requirements? You could just put in the same password again... Ugh...
Best radio voice ever.
the music sorta fitting the scrambling theme is the best part of this
What is the song? Like the name of it
Cartels are what true free market capitalism looks like.
Wait? You can put the same password when they ask you to change?
Well... Good thing my computer illiteracy (or just the fact I'm a good law abiding citizen) made me more safe here I guess.
Depends on the site. Many sites have a requirement that you don't use one of your previous 7 passwords. Battlenet notably did not have such a policy.
Depends on the policies set up within the system. It can be set up so that the new password isn’t the last 5 passwords used, for example. If they were smart with the 2FA, they would’ve done this.
Ahh ok this provides more context than the other short i was confused abt. Thanks!
"I'm not a gangster. I'm a businessman and my business is crime." - Bobby Cummines
What dumb ass company allows you to use the same password...
How do you bypass 2fa though?
You can bypass a lot of it simply with the password reset function. Many platforms allow users to access an account after obtaining a password reset token without additional verification.
My best guess is that because the passwords were prompted to be changed, there was some weakness/leak of old passwords, and by having old passwords they got around 2FA by using an older system. I have no idea if this is correct it is just my best guess.
Or had an email OTP + Passwords
Wondering the same thing. How does password reuse bypass 2fa without some other issue in play?
The competition probably bought up all the cheep gold before they gave it up.
I love when the "bad guys" reach the good guys for help bcs a third "bad guy" is simply chaotic and ruining his business 😂
"Some men just want to watch the world burn."
Earliest I've ever been. Going to go change my password
[insert something about Mexican drug cartel here]
That's why some companies now force you to actually change your pass by giving you error "password can't be same as previously used password"
3rd Cartel: "playing with my money is like playing with my emotions."
they need to make a movie or tv show about these escapades because they are so interesting
the music is so perfect lmao
The panic you feel as a security specialist when that snowball takes root.
The quintessential "No honor among thieves" moment.
Too much evil really DOES destroy evil.
Thank God he opened up paint, I wasn't sure I could follow otherwise
Enemy's enemy is an ally........... 🗿🗿🗿
This is why some organizations have a strict password requirement of your new one to not be an old one you used within the past decade.
'the enemy of my enemy is my friend, or a gold seller'
Cue TF2 sniper meme
“PROFESSIONALS HAVE STANDARDS”
This just reminds me of that scene The Wire where Stringer was going to night school and taking Econ classes
That G was a real G 😂
He has the coolest stories
I love the fact that there’s cartels for WOW
Cartel guy was like “Professionals have standards”
The amount of parallels with other real world markets is insane. Crazy how short-sighted some people are and kill the business they are running, at least in games it gets fixed quickly whereas real-world can take decades and/or cause irreversible damage
That "Ohhhhhh shitttt" though
The way this story was told in a previous short made it sound like one cartel cheated, one snitched, and one did nothing. This explanation makes WAY more sense.
As someone who works in IT it boggles me when a company asks for a new password yet the password reset still allows them to use the same password…
Damn I think I remember this happening x) This was a crazy time to be online :’)
That was actually brilliant from a cartel aspect
"They killed our scam so we put out the competition"
nice to know all these stuff went in the background while i was playing the game.
that's some serious whiteboarding work there, pirate.
Find that man and make him a politician