company logo

Product

Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.

Solutions

By Industry

BFSI

Healthcare

Education

IT & Telecom

Government

By Role

CISO

Application Security Engineer

DevsecOps Engineer

IT Manager

Resources

Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest

Company

Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

loading..
loading..
loading..
Loading...

Riot Games

Source Code

Cyberattack

loading..
loading..
loading..

League of Legends Source Code up for Auction After Riot Games Breach

Hackers auctioning alleged source code for Riot Games' League of Legends and Packman anti-cheat software on hacking forum after recent hack

26-Jan-2023
4 min read

Riot Games, the developer behind the popular online game League of Legends, has suffered yet another cyber attack, with the alleged source code for the game and the company's anti-cheat software Packman being put up for auction by the hackers. This marks the third major incident for the company in recent months, raising concerns about its ability to protect its data and players' personal information.

Details of the Hack

Last Friday, Riot Games disclosed that its development environment had been hacked, allowing threat actors to steal source code for League of Legends (LoL), Teamfight Tactics (TFT), and the company's Packman legacy anti-cheat platform. In a conversation with security research group VX-Underground, the threat actors stated they gained access to Riot Game's network after performing a social engineering attack over SMS on one of the company's employees. The threat actors claimed they had access to the development network for thirty-six hours until they were detected by the company's security operations center (SOC).

Ransom Demands and Auction of Stolen Data

Yesterday, the company confirmed they had received a ransom note from the threat actor and said they would not be paying a ransom. Vice.com obtained this ransom note, which demanded $10 million to prevent the stolen data from going public.

However, last night, the threat actor behind the attack began selling the alleged source code for League of Legends and the legacy Packman anti-cheat platform on a popular hacking forum. The forum post includes a link to a thousand-page PDF document that they claim contains a directory listing the 72.4 GB of stolen source code. BleepingComputer reviewed this document, and it does appear to be a source code listing for software associated with Riot Games.

The threat actor says they are selling the League of Legends source code and Packman for a minimum of $1 million. However, they told BleepingComputer that they would be willing to sell Packman by itself for $500,000.

Hacking forum post on Riot breached.jpg Riot Games source code sold on hacking forums

The main concern regarding the stolen source code is that it could be used to create cheats or exploits to target the game and its players. Other threat actors could also use the source code to potentially create exploits that allow remote code execution on players' devices.

"Truthfully, any exposure to source code can increase the likelihood of new cheats emerging. Since the attack, we've been working to assess its impact on anticheat and to be prepared to deploy fixes as quickly as possible if needed," tweeted Riot Games.

It is not uncommon for hackers to auction off stolen data, but it is rare for it to be source code for a popular online game like League of Legends. This is the third major cyber attack to hit Riot Games in the past two years. In 2019, Riot Games suffered a data breach that exposed the personal information of its players. In 2020, the company's European servers were hit with a DDoS attack that caused widespread disruption.

The question remains, will anyone actually purchase the alleged source code for $1 million or more? Only time will tell, but one thing is for sure, the stakes are high for Riot Games and its players. The company must continue to take aggressive steps to protect its network and players from cyber threats.

In a statement provided to Vice, a Riot Games spokesperson said: "We can confirm that a subset of our source code, related to our older legacy anti-cheat software, was accessed. We want to be clear that the most recent version of our anti-cheat software, Riot Vanguard, was not impacted by this incident. We have already made updates to our systems that address the issue."

The spokesperson added: "As a precautionary measure, we have temporarily disabled all external access to our network while we investigate the incident and take steps to strengthen our network security further."

It is likely that the company will face legal action over the incident, as well as potential fines if personal data was exposed in the hack. The company's reputation and the trust of its players will also be at risk.