Threat actors are auctioning the alleged source code for Riot Game’s League of Legends and the Packman anti-cheat software, confirmed to be stolen in a recent hack of the game company’s developer environment.
Last Friday, Riot Games disclosed that its development environment had been hacked, allowing threat actors to steal source code for League of Legends (LoL), Teamfight Tactics (TFT), and the company’s Packman legacy anti-cheat platform.
Yesterday, the company confirmed they had received a ransom note from the threat actor and said they would not be paying a ransom. Vice.com obtained this ransom note, which demanded $10 million to prevent the stolen data from going public.
In a conversation with security research group VX-Underground, the threat actors stated they gained access to Riot Game’s network after performing a social engineering attack over SMS on one of the company’s employees.
The threat actors claimed that they had access to the development network for thirty-six hours until they were detected by the company’s security operations center (SOC).
They told VX their goal was to steal the source code for Riot Vanguard, the game company’s anti-cheat software.
Hacker begin selling stolen source code
Last night, the threat actor behind the attack began selling the alleged source code for League of Legends and the legacy Packman anti-cheat platform on a popular hacking forum.
The threat actor says they are selling the League of Legends source code and Packman for a minimum of $1 million. However, they told BleepingComputer that they would be willing to sell Packman by itself for $500,000.
The forum post includes a link to a thousand-page PDF document that they claim contains a directory listing of the 72.4 GB of stolen source code. BleepingComputer reviewed this document, and it does appear to be a source code listing for software associated with Riot Games.
While the threat would not share further proof of the stolen source code, they told us they shared some with Ryscu, a YouTuber who creates videos around League of Legends.
Ryscu included a screenshot of this leaked source code in a YouTube video about the breach.
BleepingComputer has been unable to independently verify if the source code is legitimate, and Riot Games has not responded to our queries about the source code sale.
Is it worth $1 million?
The main concern regarding the stolen source code is that it could be used to create cheats or exploits to target the game and its players.
Other threat actors could also use the source code to potentially create exploits that could allow remote code execution on player’s devices.
“Truthfully, any exposure of source code can increase the likelihood of new cheats emerging. Since the attack, we’ve been working to assess its impact on anticheat and to be prepared to deploy fixes as quickly as possible if needed,” tweeted Riot Games.
While source code makes it easier to find bugs in code, it is also possible to find them using reverse engineering with little cost other than time.
Therefore, only time will tell if this allegedly stolen source code is worth $1 million to cheat developers and other threat actors.
Source: www.bleepingcomputer.com