Recently, a player revealed a alarming 'session hijacking' incident (known in Chinese as 'chuanhao' or 'crossed-account') on the Netease Cloud Gaming platform. The user reported that without even logging in, they could see a stranger's account information and phone number, posing a significant threat to personal data and account security.
The community discussion heated up quickly. Veterans pointed out that this isn't a new phenomenon; such security lapses have persisted for a long time, but remained under the radar due to the relatively low number of victims. There is widespread frustration regarding the company's indifferent attitude toward these critical technical flaws. Many users are now advising each other to manually delete login device records from official websites, sign out completely, and clear data after every session to prevent unauthorized access.
Regarding the technical root cause, some speculated it might be a collision error where the server generates duplicate session tokens. Others compared the service to other platforms, suggesting that users should enable two-factor authentication for every login and remain vigilant against unauthorized device authorization.
评论 (0)
暂无评论,来说两句吧! 🍉