Riot Games hack could help cheaters • TechCrunch
Last week came the video game giant Riot Games revealed that hackers had compromised the “development environment” – where the company stores its source code – with a social engineering attack.
While the company assured its users that “there is no indication that player data or personal information was obtained,” the hack could still be damaging, as hackers obtained the source code of Riot’s popular game League of Legends and Teamfight tacticsas well as the source code for the company’s older anti-cheat system.
Stealing anti-cheat source code — even an old system — can help hackers develop better and less detectable cheats, according to industry experts who spoke to TechCrunch.
“From Riot’s perspective it’s bad (beyond just embarrassing) because it makes it easier for cheat developers to understand the game and therefore easier to develop new cheats, it also makes it easier for third party league servers/clients to get the team,” Paul Chamberlain, who led Riot’s anti-cheat team until September 2020, told TechCrunch.
Chamberlain said the old anti-cheat hasn’t been a part of League of Legends for five years, but given that the development of cheats “is as much (maybe more) about the game itself than the anti-cheat system, and having access to the game source code means that you don’t need to reverse engineer the released binaries (which are often obfuscated or encrypted as well) and gives cheaters better access to the intent of the game code through comments and variable/function/class names.”
“Access to an outdated anti-cheat system is mostly a curiosity, but it can provide some insight into how the anti-cheat developers think and what the company prioritizes in terms of what needs protection,” Chamberlain explained.
Riot itself admitted this risk. In a tweets on Tuesdaythe company said that “any exposure of source code could increase the likelihood of new cheats emerging,” and that developers are working to assess the impact of the theft and “be prepared to deploy fixes as quickly as possible if necessary.”
When reached by email, Riot spokesperson Joe Hixson declined to answer TechCrunch’s questions beyond the company’s tweets.
An industry insider with knowledge of anti-cheat systems, who asked to remain anonymous as he was not authorized to speak to the press, agreed that theft of the anti-cheat system’s source code has the potential to harm Riot and its players.
“They are in trouble if the anti-cheat code is published,” he said. “If the anti-cheat source code is revealed, it will be easy for cheaters to circumvent everything.”
The insider explained that Riot’s old anti-cheat system is likely still being used to prevent a variety of cheats and is working to detect and block them. Theft of the system could compromise Riot’s ability to identify the hardware used by cheaters — game companies use identify and fingerprint the hardware used by cheaters to ban them — as well as the detection systems used to find cheaters, and could even require a rewrite of the anti-cheat system.
What’s more, the insider said, the source code could even be used by malware developers. “It will be easier to find vulnerabilities in [game’s] driver that can be exploited by malware,” the insider said.
Motherboard reported on Tuesday that the hackers are demanding that Riot Games pay a $10 million ransom not to publish the stolen code.
“We have provided you with valuable data, including the precious anti-cheat source code and full game code for League of Legends and its tools, as well as Packman, your user mode anti-cheat. We understand the importance of these artifacts and the impact their release to public wants on your main titles, Valorant and League of Legends. In light of this, we are making a small exchange request of $10,000,000,” read the ransom note obtained by Motherboard.
