June 10, 2026
Game cracked, comments cracked harder
A game's homemade crypto fell to a DIY supercomputer
Fans roast the writing style as a gamer cracks a game's secret lock with spare PCs
TLDR: A player says they broke *Tower Unite’s* homemade security using a weekend network of gaming PCs, exposing a serious backend weakness that the studio quickly patched. But commenters were hilariously fixated on a different emergency: the post’s allegedly AI-sounding, all-lowercase writing style.
A wild hacking story turned into a two-front internet battle: first, over how one player used a few friends’ gaming computers like a homemade supercomputer to break into Tower Unite’s custom security system; second, over the way the whole thing was written up. The basic scandal is easy enough for non-experts: the game had its own home-brewed lock protecting important player and server traffic, and a determined tinkerer says that lock was weak enough to break at home over a weekend. Once inside, they could read the game’s backend chatter and expose multiple separate mistakes. To the indie studio’s credit, it reportedly rushed out a fix in about two weeks—fast enough to earn some genuine applause.
But in the comments, the real fireworks came from readers who were less mad about the broken crypto than the vibe of the post itself. One commenter went full melodrama, joking that people who ask for all-lowercase, AI-style articles should be “deported to a gulag,” while another flatly declared the blog unreadable because the “LLM default tone” was too annoying. That sparked the kind of classic internet pile-on where the security disaster somehow became a culture-war skirmish about writing style, AI slop, and whether a juicy technical exposé can survive sounding like a chatbot. In other words: the game’s lock got cracked, but the comment section cracked first.
Key Points
- •The article says a 509-bit RSA key embedded in Tower Unite’s binary was factored with CADO-NFS and the general number field sieve, allowing decryption of backend protocol traffic.
- •The author reports three separate cryptographic problems: a weak key generator, a shipped static key, and a decryption routine that leaked uninitialized heap memory.
- •The investigation began while trying to run a local dedicated server and examining repeated AGC connection failures.
- •The article describes AGC as Tower Unite’s Authoritative Game Coordinator, responsible for persistent backend functions such as economy, inventory, achievements, and server listings.
- •According to the article, PixelTail replaced the homemade cryptographic layer with secp256k1 and libsodium within two weeks, but server authentication still left active man-in-the-middle attacks possible.