Apex Legends Streamers Warned To 'Perform a Clean OS Reinstall as Soon as Possible' After Hacks During NA Finals Match

An anonymous reader shares a report: The Apex Legends Global Series is currently in regional finals mode, but the North America finals have been delayed after two players were hacked mid-match. First, Noyan "Genburten" Ozkose of DarkZero suddenly found himself able to see other players through walls, then Phillip "ImperialHal" Dosen of TSM was given an aimbot. Genburten's hack happened part of the way through the day's third match. A Twitch clip of the moment shows the words "Apex hacking global series by Destroyer2009 & R4ndom" repeating over chat as he realizes he's been given a cheat and takes his hands off the controls. "I can see everyone!" he says, before leaving the match.

ImperialHal was hacked in the game immediately after that. "I have aimbot right now!" he shouts in a clip of the moment, before declaring "I can't shoot." Though he continued attempting to play out the round, the match was later abandoned. The volunteers at the Anti-Cheat Police Department have since issued a PSA announcing, "There is currently an RCE exploit being abused in [Apex Legends]" and that it could be delivered via from the game itself, or its anti-cheat protection. "I would advise against playing any games protected by EAC or any EA titles", they went on to say.

As for players of the tournament, they strongly recommended taking protective measures. "It is advisable that you change your Discord passwords and ensure that your emails are secure. also enable MFA for all your accounts if you have not done it yet", they said, "perform a clean OS reinstall as soon as possible. Do not take any chances with your personal information, your PC may have been exposed to a rootkit or other malicious software that could cause further damage." The rest of the series has now been postponed, "Due to the competitive integrity of this series being compromised," as the official Twitter account announced. They finished by saying, "We will share more information soon."

umm..

[Anonymous Coward]

wait... what about regular people that play Apex or have other EA games installed?

Re:

[jacks smirking reven]

I mean every major online comp shooter at this point has people wallhacking and aim-botting at some point, you can google " *any game* aimbot" on youtube and you'll find clips of someone doing it.

Once the vision tech reached the point where you can separate out the hacking machine from the playing machine so the machine doing the "hacking" is just feeding inputs into the game doing the "playing" most anti-cheats can't pick that up outside of doing heuristics on the movement the player is doing since there i

Re:

[Anonymous Coward]

maybe you didnt understand...

they are claiming these guys were hacked midgame and are using an exploit that seems to affect EA and EA games...

hence my question - what about regular people who have these games installed? am i at risk for being hacked because of EA's shitty software???

Re:

[DarkRookie2]

am i at risk for being hacked because of EA's shitty software

Its EA so yes.

Re:

[jacks smirking reven]

Considering everything about this seems to be a targeted attack probably pretty slim. Are you a high level player participating in tournaments? Then maybe, otherwise there really isn't much incentive to enable an unknown person to cheat against their knowledge unless you specifically wanted them to get caught and banned which would be a .

Unless maybe this is a new form of trolling that could be mass deployed? I don't see anything about this that could be done just "in the background", seems like in this ca

Re:umm..

[nsbfikwjuunkifjqhm]

You still don't get it, do you? This hasn't got anything to do with cheating. There's a suspicion that a Apex Legends or one of its components is vulnerable to a remote code execution attack. If it can be exploited to target specific players, the exploit can probably be automated to target regular players. If the attackers can use the exploit to run cheat tools, they can probably use it to run all kinds of malware.
Like seriously, if you're this ignorant about cybersecurity maybe just don't answer, instead of spreading misinformation.

Re:

[muh_freeze_peach]

the hacker clearly states that nothing on the local machine was touched. he basically played a movie on their screens using the game's engine.

Re: umm..

[RedK]

Itâ(TM)s not EA games. Itâ(TM)s Apex specifically. Apex uses Valveâ(TM)s Source engine, which other EA games don ât use. Iâ(TM)d expect a higher level of technical literacy on Slashdot.

Re:

[muh_freeze_peach]

posting this as an AC is like screaming into a pillow.

Source Engine RCE

[micksam7]

Apex Legends uses the Source engine, which has had several RCE exploits over the years.

A nice writeup here: https://www.reddit.com/r/Compe... [reddit.com]

Re:

[jacks smirking reven]

Interesting. I know it's highly modified but kinda wild the same engine that powered Half Life 2 is running one the of the largest online comp shooters still.

Re:

[codebase7]

Well the same OS that powered fisherprice styling, (and even older), is still running the largest share of desktops in the world over 20 years later.

The same is even more true for the OS that powers "XXXX the year of" memes, and it powers far more devices in the world than the fisherprice OS does.

Just because they slapped a new version number on it doesn't mean they completely rewrote the code in it's entirety for that release. People just think that they did because big number and complain loudly when

Re:

[jacks smirking reven]

I get your point but there is a big gap between a game engine which by its nature has high version turnover (UE does like 4 minor revisions a year? And they're not very minor? 5.2 had some big changes over 5.1, same for 5.3 etc), very little regard for backward compatibility, only has to worry about stability unto itself and has seen gigantic leaps and bounds in capabilities over the last 20 years compared to an operating system especially Windows in this case which we all like to joke about how it still pr

Kernel level anti cheat

[Stormwatch]

That's what you get with kernel level anti cheat. It must be regarded as malware and *criminally* punished.

liability issues? and even employer / union issues

[Joe_Dragon]

liability issues? and even employer / union issues / Players Association for e-sports teams?

I think that is may heading for some court cases say that.
You get hacked be someone useing the root kit like anti cheat software, Have an hack get remote installed and then get black flagged by the anti cheat software?

It may be unfair for them to say well under the rules useing cheating tools = DQ with no appeal or protest rights?

Will this lead to some events needed to have locked hardware / software maybe with out t

Re:

[gweihir]

I agree. Hacking your user's machines is a crime and needs to be treated as such.

Re:

[Powercntrl]

Actually, this is what you get when you try to make competitive video game playing into a serious sport. There's always going to be at least a few people who find that concept to be completely absurd and want to get some lulz by messing with the players.

Even real pro sports have problems with people streaking across the field, flying drones over the stadiums, rioting in the streets when the wrong team wins, etc.

Re:

[alvinrod]

Supposedly this has to do with a group that warned Valve about this issue some time ago and Valve not fixing the problem. This seems like a mostly harmless way of calling greater public attention to the issue. The problem is that there's no way of knowing if someone with more malicious intent didn't also take advantage of this exploit to install actual malware.

Otherwise this wouldn't be that much different from someone taking over one of the giant displays in a stadium due to unpatched vulnerabilities an

Re:

[F.Ultra]

Apex Legends are using a heavily modified version of the source engine, and we are talking about the discontinued source v1 here, not the v2 that Valve is still developing. Valve have nothing to do with this, nor should they have been warned about something that EA is developing in house.

Re:

[Joe_Dragon]

but can an player get banned just due something they don't fully control like an someone streaking due to it tripping an cheat flag?

That is want the players union will do. They will stand up and fight that ban or even file an protest to force an event replay if needed.

Re:Kernel level anti cheat

[Torodung]

+1

I scrolled into the comments to say the same. Kernel level copy protection is no good neither, and we all remember the Sony rootkit. Microsoft should ban these drivers, now.

Games, f-ing recreational activity, belongs in userspace, if not a virtualized sandbox. Sandbox is going too far I think, but userspace isn't. No privileges outside the home directory. No root for you!

If that makes e-sports stop working, it's time to write a new OS just for e-sports. If amateur multiplayer games are rife with cheating, time to start to deal with that without compromising the OS. Manage the community better. For best results, base it in Linux. Might want to have a look at Proton.

Enough. If Windows can't be a gaming OS without kernel shenanigans, then it can't be a gaming OS. If you need kernel drivers to make your gaming business model work, it's time for a new business model.

Re:

[RedK]

> I scrolled into the comments to say the same

So you guys rushed to spread misinformation about the situations, because you don't like that multi-player game developpers try to make cheating harder.

I have to question both you and the OP's motive in pushing this narrative.

Re:

[codebase7]

If that makes e-sports stop working, it's time to write a new OS just for e-sports.

The problem isn't the OS, it's how these events are run and the outrageous expectations of the general public. They expect NBA or NFL level competitions complete with harsh penalties for even the slightest perceived cheater, on a console / PC that's being played in a dark Cheetos and Mountain Dew filled room in their mother's basement that hasn't seen sunlight in years. That's two very different sets of circumstances and they come with completely different levels of accountability for the players involved

Re:

[AmiMoJo]

It's a little surprising that Microsoft doesn't have an API for this. Or maybe they do, some of the XBOX crap that comes with Windows?

Re:

[F.Ultra]

No one knows at this point if the exploit is in the anti cheat or if it is in the actual game code itself. Not defending the shit that is EAC at all, but we don't know where the exploit is yet.

Re: Kernel level anti cheat

[RedK]

Epic put out a statement already saying it wasnâ(TM)t their code, ie, EAC, that was at cause. Seeing how this wouldnâ(TM)t be the first RCE in Source Engine, that is more likely the culprit. But donâ(TM)t try to stop the pro cheating crowd from ranting against anti cheat software.

Re:

[F.Ultra]

And this is also the old unmaintained source 1 engine on top of that

Re:

[Schoenlepel]

What kind of damages could a gamer possibly have? Lost points? Ranking? All vapor in the eyes of the justice department.

If they did actual work stuff (and, no, "esports" is not work) on the same computer where they did the gaming, I think the gamers ought to be liable. ...but I'll probably be downvoted into oblivion for saying the obvious.

Re:

[muh_freeze_peach]

this hack didn't use the kernel level anti cheat find a new boogey man, timmy.

What's actually amazing

[Opportunist]

That this doesn't happen more often.

Games, especially their anti-cheat and DRM junk, digs so deeply into the system that even antivirus sometimes struggles to "see" it. Now add that these things are programmed first and foremost with the interest of its maker in mind, with very little, if any, afterthought on making it secure for the machine it is running on.

Expect more of this crap to surface, especially with games that are highly popular and enjoy an install base akin to what used to be the former champion of RCEs, Adobe Flash.

Re:

[gweihir]

Indeed. One reason I have a dedicated gaming machine that I do nothing else on and that has zero privileges on my network.

e-sports needs an players association!

[Joe_Dragon]

well even them some can use the anti-cheat software to cheat the game or to fuck with other players.

Now this is something that an players association can help with giveing the players an voice about issues!

Re:

[Bahbus]

It's the reason I don't buy or play games with kernel level anti-cheat. Apex Legends, Valorant, League of Legends (soon), Helldivers 2, etc. The games either aren't that good to begin with. The ones that are F2P have that going for them at least, but paid games with kernel level anti cheat? Fuck no, those devs can eat shit. Their assholery isn't worth having a dedicated gaming machine as you described, because those games aren't worth ever touching.

Re:

[gweihir]

I try to do the same thing, but let's be honest. I am an experienced PhD-level IT security expert and even I cannot tell reliably whether there is kernel-level anti-cheat or some other backdoor or security problem or spying in there without investing a lot of effort. Which I am not about to invest and even if I did, I may (and likely will) still overlook stuff. So something may creep in and hence the dedicated machine with no email and no non-gaming web surfing on it.

Re:

[Bahbus]

Knowing there is kernel level anti cheat or not is pretty easy to check out before installing. Other security other backdoors are a separate issue, but not one that I worry much about because the damage that can be done is significantly less than kernel level damage.

Re:

[gweihir]

Knowing there is kernel level anti cheat or not is pretty easy to check out before installing.

Well, keep telling yourself that. I do not see it though.

Re:

[Bahbus]

Well, that's kinda sad, because it really is easy.

Re:

[RedK]

Strange since Easy Anti-Cheat is just a service in Windows and it's plain to see when it starts and stops.

You're PhD level and couldn't tell ?

Re:

[gweihir]

You think that is the only way to do it? Fascinating.

Everywhere nerds get violently ill

[Provocateur]

In the backseats of campers and aeroplanes, nerds started reaching for the airsickness bags, others were banging loudly to get to the occupied bathroom stalls, when The Most Important News of the Day broke. It had nothing at all to do with Putin, Ukraine, or the Gaza strip. Details at 11.

Quality writing

[CAIMLAS]

It'd be really great if people learned out to write clearly. It'd make these jargon-heavy and irrelevant "headlines" somewhat easier to digest.

Re:

[gweihir]

Clear writing would require clear thinking. Most people cannot do that.

Re:

[kellin]

Huh?

Re:

[RedK]

What Jargon exactly ?

It names a game, what the players of that game are told to do, and then the context in which they were told to do this.

If anything, it's the most normal headline I've ever seen.

Is it the "NA" part ? North America is Jargon to you ?

They will just get hacked again

[gweihir]

The most critical thing to do when having been hacked is to determine that attack vector and close it. After that, you can reinstall, restore a backup, etc.

Re:

[RedK]

People are being told to not reinstall or at the very least, not launch the game. Now good luck convince players not to do that, but they have been warned.

Re:

[gweihir]

Interesting. We really need liability for commercial software with crappy security.

Somebody hack my F1 2023 please!

[KlomDark]

I need something to keep me on the track, not bouncing off walls and cutting corner! I try my ass off, and that game's just too damn hard.

Re:

[Anonymous Coward]

MAGAtard!

Kinda funny

[sjames]

So the cheats were forced onto the player's machines by hacking the anti-cheating system?

Re:

[Anonymous Coward]

>cheat delivered via anti-cheat

AAAAHAHAHAHAHA you can't make this shit up

everyone is convinced this stuff is garbage except the shareholders, who are pacified after their demands of "WHAT IS X DOING ABOUT Y" are fed said garbage

Re:

[F.Ultra]

they don't know yet if the exploit was in EAC or the game itself

Re: Kinda funny

[RedK]

It wasnâ(TM)t in EAC. Epic already put out a statement since they own EAC. Respawn and EA still have yet to comment further after postponing the ALGS.

NGL This is kinda wildly awesome....

[austinpoet]

I mean yeah, it sucks for the players in the tournament and all that but the idea of some nefarious person modding a third person's installed game/mods and enabling them remotely during a live online multiplayer game seems still sci-fiy to me.

I mean, game player hacking? boring. game server having hacks installed? soo 2023. This? it's like out of anime.

Re:

[codebase7]

I mean, game player hacking? boring. game server having hacks installed? soo 2023. This? it's like out of anime.

Hotpatching [jpassing.com] has been around for well over a decade. It's how Microsoft's Visual Studio debugger works. Even Enterprise Linux distros can do it. The idea that something can patch a running program's text segment isn't new. (Hell, it's the explicit goal of most video game console exploits.) Certainly not confined to the realm of sci-fi. (Nor Japan....)

The idea of some random asshat online doing it in a multiplayer game isn't new either. It has a CVE issued in 2023 for the Nintendo DS of all things.... [mitre.org]

Kernel level anti cheats are the worst.

[Monolyth]

The fact that they did it during a major event and did it in a very blatant / viral manner tells me that the hackers are probably looking for widespread exposure of the risk / issues of kernel level AC. They could've done much worse and never popped their head up.