Victim of data theft, Riot Games does not give in to blackmail but could still suffer from it. Friday, January 20, the publisher of the very popular video games League of Legends and Valorant confirmed on Twitter having been the victim of a computer attack that allowed cybercriminals to access its development environment. A few days later, the American studio explained that the attackers had managed to steal source code relating to the games League of Legends, Teamfight Tactics, as well as the source code of an anti-cheating tool. Still according to the studio, however, no personal data or data relating to the players’ account has been affected.
As promised, we wanted to update you on the status of last week’s cyber attack. Over the weekend, our analysis conf… https://t.co/krFOW8KI13
Riot Games says it was the victim of an attack by “social engineering”i.e. the exploitation of an employee’s lack of vigilance, and specifies that the attackers tried to pressure the studio into paying a ransom of 10 million dollars, according to the note obtained by the magazine Vice. Riot Games explained that it did not pay this ransom, preferring to hire external consultants to help it deal with the crisis and work in conjunction with law enforcement.
In retaliation, the attackers put the stolen source code up for sale on a forum known to host numerous data leaks. The announcement, posted by a recently created account and therefore without known history, sets the reserve price of what is presented as the source code of League of Legends and several anti-cheat modules (Packman, Xigncode and Demacia) at 1 million dollars, and invites potential buyers to make their offers on Telegram messaging.
Blessed bread for cheaters
The message announcing the auction contains a screenshot showing the directories stolen by the attackers, representing an archive of 72.8 gigabytes of data, without it being possible to determine what precisely they contain, which version of the source code is offered for sale, or whether it is complete or partial.
Riot Games has nevertheless clarified that “the stolen source code contained several experimentally implemented features” to League of Legends. In accordance with the practice on this forum for the resale of stolen data, several recognized users, including its administrator, have vouched for the authenticity of the content sold.
The main risk associated with this sale is the opportunity for developers of cheat tools to exploit this information to circumvent the safeguards put in place by the studio. Riot Games recognizes this possibility in its statements: “Since the attack, we have been working to assess its impact on anti-cheat tools and are ready to deploy fixes as quickly as possible. »
Riot Games is not the first video game studio to face this type of threat. In 2022, the game publisher Rockstar Games had thus faced a similar incident, an Internet user having broadcast on the Internet several video extracts from the highly anticipated sixth episode of the series. Grand Theft Auto. The same group previously attacked Electronic Arts by releasing the game’s source code FIFA 21, but also to Ubisoft and Nvidia. Previously, cybercriminal groups known for ransomware attacks also targeted Ubisoft, releasing the game’s source code Watch Dogs: Legionas well as editors Crytek and CD Projekt.