19: Hacking New Eden


Beyond the bleeding edge of the metagame, in the whispered realms of myth, supposition and paranoia, exist the wizards of EVE: the hackers. Not a day passes in New Eden without some foul event being credited to their misdeeds. Depending on who you listen to, hackers are simultaneously responsible for corp thefts, account seizure, alliances being disbanded, random items being misplaced, and the Icelandic banking crisis. Who are these people, and how much influence on EVE do they really have?

When I got into the spy business around March of 2006, one of the first things the nascent GIA did was attempt to gauge exactly how prevalent hacking was in alliance politics. This was a drive primarily fueled by my own ignorance; knowing nearly as much about code as I do home decorating, I assumed that surely hackers were a dime a dozen. It seemed that every other forum drama thread referred to them. But I swiftly found that while EVE is a magnet for coders of all kinds, the “0.0 EVE Hacker” may as well be a Yeti. Yet belief in hackers meddling in 0.0, much like belief in elves in certain island nations with a penchant for geothermal power who shall remain nameless, is persistent. Like a communist conspiracy, discovering no evidence of their existence is simply a sign of the subtlety of the quarry.

They certainly do exist, but the vast majority appear to focus on hacking the game client, running bots or devising ways to steal isk. Simply botters, macroers, and exploiters – not glamorous meddlers in grand politics. Where were the hackers who pulled the strings in 0.0? Where were the hackers who played the spy game? In my entire time in EVE, I have confirmed the existence of only one (though there are rampant rumors of another, who remains anonymous). Six months passed before I encountered him. It began innocuously enough. A “rival” spymaster appeared, offering a variety of espionage services to the highest bidder on the main alliance forum. Kugutsumen, as he called himself, was almost immediately made into a laughingstock. Espionage in EVE is primarily a nationalistic enterprise (at least, in that forum) and outright offers of intelligence for isk were one of the oldest and most effortless scams in the book.

Perhaps I should have kept my mouth shut and refrained from trolling Kugutsumen, because he swiftly made himself my nemesis. At first he contacted me via AIM, offering his services – but since I never pay for intel (and Goonswarm was chronically out of isk, regardless of inconvenient principles) that went nowhere. Then he began to turn the screws.

In September 2006, Goonswarm was in Insmother, living out of Red Alliance stations and warring with the Southern Coalition. The primary force behind the Southern Coalition was Lotka Volterra, an alliance formed by Shinra, M. Corp and UK Corp. Mirroring our later cultural successes in swaying defectors such as Haargoth Agamar, one of Lotka Volterra’s directors, Osmodious, had ‘flipped’ and become a GIA sleeper agent. Using his access, we began to monitor Lotka.org’s director forums. This gave GS and RA an incredible strategic advantage in the war, as we knew in advance how much support LV was willing to provide its allied partners (Slim to none, as Veritas Immortalis and Knights of the Southerncross belatedly discovered), where they intended to build future outposts, and how willing their leadership was to ‘go to the mat’ with GS and RA.

After a month of quietly watching LV’s directorate, things took a turn for the bizarre. Lallante, a Shinra director and LV bigwig, began posting forum rips from Goonfleet.com – and not the usual member-level acces (everyone has a member-level spy in Goonfleet) but our heretofore inviolable director forums. Panic and chaos immediately followed. It began with emergency private director meetings, because at first we had no idea if the leak was evidence of a traitor or something worse. After a frantic phone call to our server admin, we determined the truth: we had been hacked. Lallante had been given an altered cookie which allowed him to log into our forums as Remedial, the CEO of Goonfleet, which meant that he could see everything that took place on our forums. If we hadn’t penetrated LV’s directorate with a human agent – or if Lallante had been more sensible about keeping his access secret, we never would have uncovered this breach.

The Kugutsumen situation was becoming intolerable. On the Xelas Alliance (a now-defunct BoB vassal alliance based in Fountain) forums, I discovered a thread listing a chain of emails between Kugutsumen and the Xelas directorate. He had been offering Xelas his services as well, and as a demonstration of his abilities he revealed to Xelas a chain of private messages between me and one of my Xelas agents, exposing and burning the agent in the process. Not only had Remedial’s access been sold to Lallante, but Kugutsumen had acquired root-level access of Goonfleet.com and accessed all of my archived forum PMs. Yikes. Worse, as we discovered in a fury of research in the aftermath of the hacking, Kugutsumen was the ‘real thing’; while a teenager in France, he had been convicted of defrauding the FBI of $250,000, and had since expatriated to Jakarta, Indonesia – a place where the anti-hacking laws are so hilariously lax that it has become an international center for the ‘computer security’ industry. The man was a security professional (with a penchant for setting up swanky nightclubs in his spare time, it turned out,) and we had no legal recourse whatsoever.

When Kugutsumen next contacted me, he readily admitted what he had done. Lallante had hired Kugu based on his forum advertisement and agreed to pay 500 million isk per week for access through Remedial’s account – but by the time we discovered the hack and the Xelas situation, Lallante had refused to pay Kugutsumen his fee. That act of hubris may come to be known as one of the most foolish and self-destructive decisions made in the game, because Kugutsumen promptly outed Lallante to me and began actively working against Lotka Volterra and their allies.

Having now ‘owned’ Goonfleet.com and Lotka.org both, Kugutsumen moved on toward bigger game, the most powerful alliance in the game at the time: Band of Brothers. It probably didn’t help Band of Brothers that Lallante and most of Lotka Volterra joined BoB after losing their space. What Kugutsumen uncovered nearly tore EVE apart. In the director forums of Reikoku, Kugutsumen found evidence of CCP collusion with BoB – the infamous T20 scandal. When he began publishing the incriminating material on the eve-online forums, he was summarily banned from the game. But the damage was done to both BoB and CCP’s reputation. Around the rallying cry of “Band of Developers,” the Great War was unleashed.

In the intervening years, CCP has cleaned up its mess – by firing the ISD volunteers, creating the Council of Stellar Management, removing the Aurora program and establishing the Internal Affairs department. Kugutsumen remains banned, though I suspect it is within his capabilities to play if he so chose. Instead he runs his own eve-related forum which has become a tabloid-esque institution. The word ‘Kugutsumen’ remains censored, as if it were profanity, on the eve-online forums. Lotka Volterra fell shortly after Lallante’s access to Goonfleet.com was removed, and Osmodious remained a director in their organization, undiscovered until a year after the alliance had disbanded. As for BoB, their reputation was ruined and their alliance destroyed.

Looking back on the ‘Kugutsumen Drama’, the confluence of chaos, luck and happenstance boggles the mind. It is probably a good thing that there is only one hacker interested in the EVE metagame, given how catastrophic Kugutsumen’s influence on the game and its politics have been.


Ah, Kugutsumen. The word which cannot be spoken on the official forums, CCP’s bete noir. The hard fact is that Kugutsumen is one of the most interesting people in EVE, even when he barely gets involved anymore; one cannot examine the history of the Great War without tracing his involvement in the core events – uncovering T20, the Threadnaughts, “Band of Developers”.

At the metagame level there’s still not much hacking, though in modern times people throw DDOSes around like candy due to the spread of tools like LOIC; nullsec mostly avoids DDOSing as it’s a nuclear option, a Pandora’s Box. The most persistent case of DDOSing I know of was against EveNews24 after Riverini ran an expose on Iskbank; pissing off a bunch of Moldovan RMTers resulted in a crippling botnet attack that didn’t let up for months.

Hacking does have a tremendous level of influence at the botting/RMT side of the game; frankly, if you have the skills to do an undetected python injection and create thin clients of your own, you probably don’t care to bother meddling in the nullsec metagame, because you’re busy making real-world cash with your skills. At the time I wrote this column I was utterly naive about the botting/RMT culture, but after the Iskbank expose it’s not a surprise that hackers with this kind of skill don’t bother with nullsec politics.

This article originally appeared on TheMittani.com, written by The Mittani.

Let your voice be heard! Submit your own article to Imperium News here!

Would you like to join the Imperium News staff? Find out how!