The online game Apex Legends may be suffering from a code smuggling vulnerability that gives attackers control of the gaming PC. At least this is what events during yesterday's games in the “Apex League Global Series” (ALGS) suggest – several players had partially lost control of their actions.
Advertisement
Online multiplayer games are a lucrative business: In addition to the prize money for winning tournaments – at the ALGS at least $600,000 for the winning team of four – players can earn money from live streaming, merchandise and product advertising. Being caught using banned fraud programs during such a transfer is therefore a big problem for a professional gambler.
Yesterday that's exactly what happened twice: During a game of the highly prized ALGS, a cheat menu suddenly appeared on the screen of the player Noyan “Genburten” Ozkose and he announced that he was being hacked. Ozkose left the match, which was then abandoned. Another well-known player of the online shooter, Phillip “ImperialHal” Dons, noticed in the new edition of the game that his game character had unnaturally good aiming accuracy – a sign of an “aimbot”, i.e. additional software that helps the player or him with aiming this task is completely reduced.
Guessing about the point of attack
After the incident, the organizers postponed the championship final and are now looking for the security gap. A person with the player name “Destroyer2009” has claimed responsibility for the attacks and claimed in Chat logs published via Xit has an “RCE exploit”, i.e. a code smuggling hole in the game software.
Although this seems possible in principle – such gaps were rumored to have already existed in TitanFall and were verifiable in the popular Source engine – but it could also be malware that was deliberately introduced into the computers of those affected in a different way. However, various streamers and anti-cheat organizations warn against starting the game “Apex Legends” until the situation is clarified – even a complete uninstallation is sometimes recommended.
The warning does not seem to have reached the players of the popular, free-to-play title. Although the number of players on Monday is around 20 percent lower than last Friday, there is no sign of a massive decline in players on the unofficial game database SteamDB.
Not only the main game is suspected of containing the code smuggling gap, but also the anti-cheat software that comes with it. Despite their benefits for honest gamers, such programs are still controversial, as they sometimes intervene deeply in the operating system as kernel drivers and often cause unwanted side effects.
(cku)