Quote Originally Posted by sinfull View Post
Nothing is ever secure once you know the algorithms used even if they used something like SHA-256 to encrypt data it may end up pointless as this type of encryption is now easily crackable if you know what your doing.
Not really. You'd have to be able to crack the encryption in real time regardless of the keys/session tokens. I don't believe that any RMT operation is going to invest what they'd have to in order to do that, just so they could inject fraudulent transactions that would easily be traced once detected.

That said, it is possible to do more to secure their database queries/transactions for this game, and they should do it. Even if a determined group of hackers or the NSA could crack the encryption or authentication information used, greater security would foil all but those most determined attacks.