Tower of Fantasy Hackers are Stealing Accounts Without 2FA

It’s not too late to secure your account!

The recent open-world MMORPG Tower of Fantasy is experiencing a wave of hackers stealing what users are calling “custom accounts.” These are accounts that don’t make use of the security offered by 2FA or Two-Factor Authentication.

When registering for a Tower of Fantasy account, users have the option to log in through another service such as Google or Facebook. This type of registration can be seen on other sites across the web. However, many users have opted for registering an account directly with Tower of Fantasy. While this technically does have fewer moving parts making it feel more secure, this is actually the least secure option for players of the game.

Services like Google offer Two-Factor Authentication which means that users who create their account with this service are only at risk if their main account is compromised. Meanwhile, a custom account only offers the security of an email and password, giving hackers fewer obstacles to taking over an account.

There are two things to keep in mind about registering an account with another service. Firstly, it’s not too late! Users can sign into their Tower of Fantasy accounts and link their Google, Facebook, or whatever service they prefer and take advantage of the additional security offered. This isn’t enough to secure your account, however.

Secondly, users will need to unlink their custom account. Without taking this step, users are no more secure than they were before linking services. Hackers can even sign in with a custom account, and unlink your other accounts, leaving users no better off than if they hadn’t linked accounts in the first place. So if you link your accounts, make sure to unlink and remove your custom account from your Tower of Fantasy account.

Victims of hackers have surprisingly seen little help from Hotta Studio and Perfect World, the developers of the game. One user who sought help in retrieving their account was seemingly accused by the developer for “selling” their account. While it’s common for MMO developers to be reluctant to compensate users, accusing them of rule-breaking themselves takes it a step further.

This isn’t the first time that Tower of Fantasy has experienced technical issues. At the time of the game’s launch, users were experiencing errors where they couldn’t sign in, or worse they couldn’t even register in the first place. Part of this may have to do with the game’s surprising popularity on launch, but in the end, users who experienced these errors were rewarded with premium currency.

If there’s any silver lining to these circumstances, it’s that users might become more aware of just how important 2FA is to account security. Whether that’s on Tower of Fantasy or any other service. With the buzz about the wave of hackers, more users than ever are considering linking their game accounts to more secure services.


Leave a Comment