Hackers are auctioning the alleged source code of the popular multiplayer online arena video game “League of Legends” stolen from the American gaming giant Riot Games in a cyberattack last week.
Cyberattack On Riot Games
Last Friday, Riot Games confirmed the cyberattack in a series of tweets in which it said that it was targeted by threat actors in an unexpected social engineering attack where the game company’s developer environment was compromised.
Additionally, the source code for League of Legends (LoL), Teamfight Tactics (TFT), and its โlegacyโ anti-cheat platform were also exfiltrated by the threat actor.
โThe illegally obtained source code also includes a number of experimental features. While we hope some of these game modes and other changes eventually make it out to players, most of this content is in prototype and thereโs no guarantee it will ever be released,โ the company announced in a series of tweets.
While the exact nature of the hack is unknown,ย Riot Games said that no player data or player personal information has been compromised. It added that the cyberattack would slow down the release of upcoming patches for some of its games.
Ransom Demand
The threat actor this Tuesday has reportedly sent a ransom email to Riot Games and demanded a payment of $10 million in order to prevent the stolen data from going online.
Below is an excerpt from the ransom email sent to Riot Games:
โDear Riot Games, We have obtained your valuable data, including the precious anti-cheat source code and the entire game code forย League of Legendsย and its tools, as well as Packman, your usermode anti cheat. We understand the significance of these artifacts and the impact their release to the public would have on your major titles,ย Valorantย andย League of Legends. In light of this, we are making a small request for an exchange of $10,000,000.โ
As evidence, the hacker also sent two PDF documents that contains the stolen Packman and League of Legends source code.
Once the ransom payment is received, the hackers claimed that they will erase the code from their servers and the files will never be released to the public. They will also โprovide insight into how the breach occurred and offer advice on preventing future breaches.โ
Further, the ransom note added that, โWe do not wish to harm your reputation or cause public disturbance. Our sole motivation is financial gain.โ
The initial email also provided a deadline of 12 hours to respond, noting that a failure to do so would result in “the hack being made public and the extent of the breach being known to more individuals.”
Responding to the ransom note, Riot Games said that it wonโt pay the ransom amount demanded by the attackers.
โToday, we received a ransom email. Needless to say, we wonโt pay,โ Riot Gamesโ official Twitter accountย announced.
Today, we received a ransom email. Needless to say, we wonโt pay.
While this attack disrupted our build environment and could cause issues in the future, most importantly we remain confident that no player data or player personal information was compromised.
2/7
— Riot Games (@riotgames) January 24, 2023
Stolenย Source Code Put Up For Auction
Following the disclosure of the cyberattack by Riot Games, a threat actor who goes by the name โArkaโ or “ArkaT” posted an ad on a popular criminal forum, Breached, selling the stolenย source code of the League of Legends for a minimum of $1 million, which also includes Packman and user mode anti-cheat for League of Legends and Valorant.
“League of Legends Source Code Auction! As you know, League of Legends source code has been stolen, confirmed by Riot Games. I’m starting auction for the source code, at starting $1,000,000. ** INCLUDES PACKMAN (USERMODE ANTI-CHEAT FOR LEAGUE OF LEGENDS & VALORANT) **.”
The post includes a large PDF that contains a directory listing of the 72.4 GB stolen source code.
According to the hacker, cheat makers forย League of Legends could end up paying huge amounts for the source code for games and an anti-cheat system, as a threat actor can create cheats or exploits for these games.
โThis is very valuable for cheat developers, it’s a huge game, I’m sure it would be at every advantage for a cheat developer,โ Arka wrote in the forum thread.
Indeed, Riot Games tooย believes thatย if the source code is leaked, it could result in the spread of new cheats for League of Legends.
โTruthfully, any exposure of source code can increase the likelihood of new cheats emerging. Since the attack, weโve been working to assess its impact on anticheat and to be prepared to deploy fixes as quickly as possible if needed,โ the company said in a tweet on Tuesday.
โWeโve made a lot of progress since last week and we believe weโll have things repaired later in the week, which will allow us to remain on our regular patch cadence going forward. The League and TFT teams will update you soon on what this means for each game.โ