A cybercriminel has put online sale of the source code of the Popular Riot Games game, as well as antitrhe modules. The publisher explains that he refused to pay the ransom required by the authors of the attack.
Victim of a data theft, Riot Games does not give in to blackmail but could still suffer from it. Vendredi 20 janvier, l’éditeur des très populaires jeux vidéo League of Legends et Valorant confirmed on Twitter to have been the victim of a computer attack allowing cybercriminals to access its development environment. A few days later, the American studio explained that the attackers had managed to steal from the source code relating to the League of Legends, Teamfight Tactics games, as well as the source code of a cheating tool. Still according to the studio, no personal data or any data relating to the players’ account, however, was assigned.
as promised, we wanted to update you on the status of last week’s cyber attack. Over the Weekend, Our Analysis Conf… https://t.co/krfow8ki13
Riot Games says it has been the victim of an attack on “social engineering”, that is to say the exploitation of the lack of vigilance of an employee, and specifies that the attackers tried to push the studio to Paying a ransom of $ 10 million, according to the note that Vice was provided. Riot Games explained that he had not paid for this ransom, preferring to initiate external consultants to help him face the crisis and work in connection with the police.
In retaliation, the authors of the attack put in sale the source code stolen on a forum known for hosting many data leaks. The announcement, published by a recently created account and therefore without known history, sets the reserve price of what is presented as the source code of League of Legends and several antitrhe modules (Packman, Xigncode and Demaucia) at 1 million Dollars, and invites potential buyers to make their offers on Telegram messaging. 2>
blessed bread for cheaters
The message announcing the auction contains a screenshot showing the directories stolen by the attackers, representing an archive of 72.8 gigabytes of data, without being able to determine what they contain precisely, what version of the source code is put up for sale, nor if it is complete or partial.
Riot Games nevertheless specified that “the stolen source code contained several features implemented on an experimental basis” for League of Legends. In accordance with the use on this stolen data resale forum, several recognized users, including its administrator, have guaranteed the authenticity of the content sold.
The main risk linked to this sale is an opportunity for cheating tool developers to operate this information to get around the safeguards set up by the studio. Riot Games also recognizes this possibility in his statements: “Since the attack, we have been trying to assess its impact on antitriche tools and are ready to deploy fixes as quickly as possible.”
Riot Games is not the first video game studio to face this type of threat. In 2022, the Rockstar Games games publisher had faced a similar incident, a surfer having broadcast on the internet several video extracts from the highly anticipated sixth episode of the Grand Theft Auto series. The same group had previously taken it to Electronic Arts by broadcasting the source code of the FIFA 21 game, but also in Ubisoft and Nvidia. Previously, cybercriminal groups known for their attacks on the ransomiciel had also targeted Ubisoft, broadcasting the source code of the Watch Dogs game: Legion, as well as the editors Crytek and CD Projekt.