Apex Legends Hacker Said He Hacked Tournament Games 'For Fun' (techcrunch.com) 34
An anonymous reader shares a report: On Sunday, the world of video games was shaken by a hacking and cheating scandal. During a competitive esports tournament of Apex Legends, a free-to-play shooter video game played by hundreds of thousands of players daily, hackers appeared to insert cheats into the games of two well-known streamers -- effectively hacking the players midgame. "Wait, what the fuck? I'm getting hacked, I'm getting hacked bro, I'm getting hacked," said one of the players allegedly compromised during a livestream of the gameplay. The incidents forced the organizers of the Apex Legends Global Series tournament, which has a $5 million total prize pool, to postpone the event indefinitely "due to the competitive integrity of this series being compromised."
As the midgame hacks were underway, the game's chatbot displayed messages on-screen that appeared to come from the hackers: "Apex hacking global series, by Destroyer2009 &R4andom," the messages read. In an interview with TechCrunch, the hacker Destroyer2009 took credit for the hacks, saying that he did it "just for fun," and with the goal of forcing the Apex Legends' developers to fix the vulnerability he exploited. The hacks sent the Apex Legends community into a frenzy, with countless streamers reacting to the incidents, and some players suggesting Apex Legends is not safe to play, because every player could be at risk of getting hacked not only in-game, but potentially having their computers hacked, too. Destroyer2009 declined to provide details of how he allegedly pulled off hacking the two players midgame, or what specific vulnerabilities he exploited.
"I really don't want to go into the details until everything is fully patched and everything goes back to normal," the hacker said. The only thing Destroyer2009 said regarding the technique he used was that the vulnerability "has nothing to do with the server and I've never touched anything outside of the Apex process," and that he did not hack the two players' computers directly. The hacks "never went outside of the game," he said.
As the midgame hacks were underway, the game's chatbot displayed messages on-screen that appeared to come from the hackers: "Apex hacking global series, by Destroyer2009 &R4andom," the messages read. In an interview with TechCrunch, the hacker Destroyer2009 took credit for the hacks, saying that he did it "just for fun," and with the goal of forcing the Apex Legends' developers to fix the vulnerability he exploited. The hacks sent the Apex Legends community into a frenzy, with countless streamers reacting to the incidents, and some players suggesting Apex Legends is not safe to play, because every player could be at risk of getting hacked not only in-game, but potentially having their computers hacked, too. Destroyer2009 declined to provide details of how he allegedly pulled off hacking the two players midgame, or what specific vulnerabilities he exploited.
"I really don't want to go into the details until everything is fully patched and everything goes back to normal," the hacker said. The only thing Destroyer2009 said regarding the technique he used was that the vulnerability "has nothing to do with the server and I've never touched anything outside of the Apex process," and that he did not hack the two players' computers directly. The hacks "never went outside of the game," he said.
maybe this what it takes to fix DRM root kits & (Score:2)
maybe this what it takes to fix DRM root kits & anit cheat root kits.
or if they want an $5 million total prize pool they can take part of ship out on an temp basis locked down systems (that are white listed as no DRM no anit cheat) to each gamer who makes the tournament
Re: (Score:2)
Re: (Score:2)
Getting a player's game process to execute arbitrary code is "hacking the two players' computers directly", so their statement is BS.
Re:What's the vulnerability? (Score:4, Interesting)
No, hacking someone's computer directly means that they hacked the computer [i]first[/i] to get access to the apex binary which they claim they didn't.
If we take their claim at face value, that they hacked the running apex-binary, one likely vector for that could be an unknown vulnerability in the spectator mode or in the chat for example.
Hey, Mental Giant.... (Score:2)
Re: Well, it was funny (Score:3)
Re: (Score:2)
I wonder how many people think it would be fun if during the superbowl someone in the crowd throws in randomly an extra ball midgame.
It would all depends how much it interfere with the game. Its against the rules. The home team could be penalized for it. The play is blow dead and it given a do over as if it never happened.
Some idiots chucking things into the opposite endzone? Clean that up and kick those fans out. Let the game go on.
Some idiots chucking things into a play? If the play didn't end up being a game changer, most would find it at least a little funny and completely moronic. It it wiped a crucial score or turn over, people
Re: (Score:2)
Its always interesting to watch slashdot go back and forth on this stuff, and I am not immune myself.
People seem to have alternately strong opinions depending on the topic as to if adding " on a computer" makes it different.
What you are describing here is essentially vandalism. You are right, the hate for someone who potentially disrupted the super bowl in the way you describe would be unimaginable. On the other hand there will be no shortage of people who will say this is no big deal.
Within that group yo
Re: (Score:3)
people shouldn't get 'time' or pay a fine, they should fix what they broke
that's justice
when the state profits from crime, there will always be crime
Re: (Score:3)
nah its more like we find out how much the nfl owners are invested in sports betting. o wait
Re: (Score:2)
I wonder how many people think it would be fun if during the superbowl someone in the crowd throws in randomly an extra ball midgame. I'll bet that person should fear for his/her life, even though it was just a prank. During a professional game, this is just 'not for fun', but deliberately to damage the game.
Granted they are playing for money making them professionals, but I can't help get a chuckle out of calling playing video games a "professional game" like the NFL.
Re: Well, it was funny (Score:2)
Re: (Score:2)
Re: (Score:2)
I wonder how many people think it would be fun if during the superbowl someone in the crowd throws in randomly an extra ball midgame. I'll bet that person should fear for his/her life, even though it was just a prank. During a professional game, this is just 'not for fun', but deliberately to damage the game.
FTS, I read it as his way to make the makers of Apex fix the problems. I'd say this would be more like someone telling the NFL they have a security flaw at that stadium and then, during the game, running out onto the field. Lord knows fans running onto the field has happened before [hollywoodreporter.com], yet I bet 95% of /. didn't know it happened...
Re: Well, it was funny (Score:2)
Re: (Score:2)
The key point, from my take away was, ""just for fun," and with the goal of forcing the Apex Legends' developers to fix the vulnerability he exploited. "
Sounds like they knew it was an issue but was like "why fix it".
So he showed them why.
"Why does anyone do anything?" (Score:2)
"Sheer, absolute boredom!"
probably phishing attacks (Score:2)
This is also the type of attack that will prove trivial to trace by a federal forensics team and this person is going
Re: (Score:2)
I'm suspecting the culprit phished the two affected participants in advance of the tournament and installed rootkits. The indication for this was the attack wasn't more widespread than the two competitors.
Did you even bother to read the linked article? It specifically states that the exploit is delivered through game via the anti-cheat software.
Re: (Score:2)
There is some other mention that actual cheat software had been deployed on the players' systems and a menu was displayed during the livestream. This sounds like a rootkit and the fact that it was limit
Re: (Score:3)
Except Easy Anti Cheat has always been known to be an attack vector. It's always been ass. All 3rd party anti-cheat services are. There is absolutely no reason to trust them at their word. The best anti-cheat is one developed in-house for the specific game in question, anything else is a waste of money, time, and effort.
Re: (Score:2)
Trash (Score:2)
Trash game with trash anti-cheat and a trash community. Just throw it in the bin.
I don't think he realizes how serious (Score:1)
Maybe nobody will press charges for some reason but do not fuck with mega corporations for fun. All it takes is one spiteful upper manager type willing to press charges and you're going to spend a good chunk of the rest of your life dealing with one stupid mistake when you're a kid. Or criminal system is not kind to anyone that gets caught up in it. Is
Reclaiming the purpose (Score:2)
Games are fun. Put $5 million in prize money on the line, and games are business. From a certain PoV, hacking the game just for fun reclaims the purpose of gaming.
Duh? (Score:2)
There are really only two reasons for such shenanigans (three if you count revenge). Money and fun.