Just today, the Lifeboat server network’s core plugin was uploaded to the popular code hosting website Github. All the code managing logins, the database, kits, VIP, chat filtering, anti hack, and more is now (illegally) publicly available.
It appears that earlier today, LBSG developer @JackNoordhuis sent the plugin code to the notorious Dalton Edwards, the same guy who once distributed a mod to cheat on servers to, somehow, help server’s prevent cheats.
Jack said Lifeboat had “fired him for not doing anything”, as reasoning for sharing the private code with Dalton. He explained that some services are easily exploitable, and that Lifeboat “can’t do anything”.
At that point, Dalton then posted the code to Github, and distributed the link from his twitter account.
Lifeboat has been in contact with Dalton, stating the laws he has broken. It appears police have been contacted, with Dalton tweeting that a police officer was at his house.
The leak also includes important database information, like URLs, database passwords and API authentication keys. Dalton has already shown off his access to their databases with a screenshot of him deleting tables of kit information.
Dalton doesn’t seem greatly concerned about this incident, despite having already been contacted by police. Tweets asking Notch to pay his legal fees, calling the police officer “hot”, and suggesting he’s looking forward to prison are just some of the jokes he’s posted about this. He’s also threatened to release plugins for gamemodes if Lifeboat takes legal action, but it’s not clear if he even has them in his posession.
It’s likely Lifeboat will take this to court, as it’s a serious breach of copyright. It will be interesting to see where this ends up.
On a positive note, we can now confirm that they really did secure their password storage.