Wow it finally happened. So glad I switched to steam running on linux mint last week. I refused to install helldivers because it wanted to install some no holds barred god level permissions anti-cheat software. Windows 11 was the last straw for me. Good times…
The volunteers at the Anti-Cheat Police Department have since issued a PSA announcing, “There is currently an RCE exploit being abused in [Apex Legends]” and that it could be delivered via from the game itself, or its anti-cheat protection. “I would advise against playing any games protected by EAC or any EA titles”, they went on to say.
As for players of the tournament, they strongly recommended taking protective measures. “It is advisable that you change your Discord passwords and ensure that your emails are secure. also enable MFA for all your accounts if you have not done it yet”, they said, “perform a clean OS reinstall as soon as possible. Do not take any chances with your personal information, your PC may have been exposed to a rootkit or other malicious software that could cause further damage.”
Removed by mod
leopards.exe has eaten your face and will continue.
[OK] [Yes] [I deserve it]
The missing context here (not your fault, i think people reporting this are being misleading) is that they were using their personal systems in this tournament. That means whatever dodgy software they’ve installed can’t be monitored in a controlled environment, and claims of it being EAC’s fault is unfounded.
A proper tournament would have controlled hardware and software, even if playing remotely at a professional level. You can’t guarantee these systems haven’t been tampered with, even if the players insist on proper security measures.
deleted by creator
The clips of the hacks being installed/activated are pretty crazy:
Note that the title has been edited: we do NOT know if this was EAC yet. The article says it “may have been.” EAC has claimed it wasn’t them (but of course they’re going to claim that). Instead, it could have been Apex’s source engine. Or, it could have been two individually compromised machines from software completely unrelated to Apex; remember, these are two high-profile targets, after all. We just have to wait and see what the real cause was. Regardless, I wouldn’t play Apex for at least the next day or two, just to be safe.
I’m not in the community at all, but I have to respect how these players reacted to getting hacked. I’m sure it was devastating to have their tournament run ruined in that way.
deleted by creator
Removed by mod
Removed by mod
Removed by mod
Is Helldiver’s anti cheat that bad too? am I at least a little better off running the game through Proton on Linux or am I just providing a compatibility layer to a rootkit?
Wait who TF is cheating in HD? It’s pve?
There isn’t much sandboxing in Wine, but at least on linux, the AC is forced to run in userspace (instead of having root privileges). So it’s not quite as invasive, but it still has access to everything your non-root account has access to. Which is still a lot. Probably not much better from a privacy perspective, but at least a little better from a security perspective.
You could theoretically get around this issue by installing Steam via Flatpak so that everything is sandboxed though.
I do not buy this RCE in Apex/EAC rumor. This wouldn’t be the first time “pro” gamers got caught with cheats. And, I wouldn’t put it past the cheat developers to not only include trojan-like remote-control into their cheats, but use it to advertise their product during a streamed tournament. All press is good press. And honestly, they’d probably want people thinking it was a vulnerability in Apex/EAC rather than a trojan included with their cheat.
These 2 pros have performed at lan multiple times and the type of cheats used would have been immediately noticed on any stream.
The hacker (destroyer2009) also gifted in excess of $8k worth of lootboxes to multiple streamers, suggesting that they have access to some remote APIs they shouldn’t.
On top of that a few months ago there was a widespread issue with top players being targeted in lobbies where they’d drop and then 57 bots would drop and zombie rush, all named the same thing and controlled by some kind of rudimentary script.
Pretty much everything together has ruled out the possibility of either of the players involved being the ones who are purposefully cheating.
I’m not saying they were purposefully cheating in this or any tournament, and I agree cheating under that context would be totally obvious. But, it is feasible that a pro worried about their stats might be willing to cheat in situations where the stakes are lower outside of tournaments.
What I also don’t understand is, if this hacker has lobby wide access, why was it only these two people who got compromised? Why wouldn’t the hacker just do the entire lobby? Clearly this hacker loves the clout. Forcing cheats on the entire lobby would certainly be more impressive.
PS. This is all blatant speculation. From all sides. No one, other than the hacker and hopefully Apex really knows what happened. I am mostly frustrated by ACPD’s immediate fear mongering of a RCE in EAC or Apex based on no concrete evidence.
They probably didn’t randomly guess what happened. There would be pretty obvious clues as to how it happened. The network traffic for tournaments like this is monitored. Because they have to be done online. If they had no idea what actually happened, they would have at least been suspicious of the players at first. No matter what messages were playing in chat at the time.
This isn’t a statement from Apex or EAC. The original source for the RCE claim is the “Anti-Cheat Police Department” which appears to just be a twitter community. There is absolutely no way Apex would turn over network traffic logs to a twitter community, who knows what kind of sensitive information could be in that. At best, ACPD is taking the players at their word that the cheats magically showed up on their computers.
PS. Apparently there have been multiple RCE vulnerabilities in the Source Engine over the years. So, I’m keeping my mind open.
deleted by creator
There is an RCE exploit in EAC which has been confirmed by their twitter account; but they didn’t confirm of it being exploited anywhere.
My belief is that the people responsible into it hacked these people months ago; as a few months ago the same hacker did attack ImperialHal while on stream with botted zombie accounts that follow him to kill him. On that stream’s highlights all those bots were named (number)destroyer2009fan; which is the same as the person that spammed the chat at the time of the hack.
This is not an advertisement for cheats. Searching the hacker’s name in cheat forums doesn’t point to any specific program. I suspect that this is openly calling out Respawn to fix their anticheat, which has been a laughing stock.
“I would advise against playing any games protected by EAC or any EA titles”, they went on to say.
Easy. I specifically blocked all titles with the tags “EA” and “EA Play” on Steam. Never have to worry about it.
Removed by mod
Apparently the “easy” in EAC means easy like when you call a woman easy…
Hahahaha removed them enabling customers.
So, lemme get this straight: allowing remote parties to install malware (DRM) on your system results in allowing remote parties to install malware on your system? Wow, who could have known! Certainly not the distributors of the step-one malware, am I right?
I’m certain there’s a couple of lessons to be learned here (install and run games as normal, non-elevated users, people! It’s easy to do on Linux) but I’m also somehow certain Big Corpos are going to stick their heads into the sand regarding such lessons.
Oh well, the pirate way it is.
Removed by mod
