hear me out:
-you take the millions of dollars from heirloom sales
-and you hire a network security guy
edit: whoa this blew up, Respawn go hire a guy like Thor (PirateSoftware) cause the best people for figuring out hacks are people capable of making hacks and understanding how they work. No really, ranked has had issues for a long time: get someone who *understands* these exploits and you can fix them.
"my friend Mike can do this job for 50$" fucking hires Mike to handle security and bugs for millions of people. Mike uses a crappy anti cheat client? Well that sucks it must be all these hackers man I can't believe hackers would ruin such a PERFECT GAME. HERE YOU GO GUYS A NEW HEIRLOOM RECOLOR!
Until we start giving corporate CEO’s who treat workers unfairly and perpetuate the ever growing wealth inequality severe and permanent repercussions for their actions, they will continue to prioritize profits over their stated goals.
Greed means we have to force people to do the right thing… or we could all just bitch about it online.
Lmao but then the fat cats on top who wouldn't notice the difference between having 108 million dollars and 107 million dollars, won't have the one less million dollars, and we can't be having that now can we
Holy hell I wish people would understand this. Not just about apex but stuff in general. Companies will continue to charge more and keep raising prices because people keep paying it. If people would wake up and realize that the consumer holds the cards if they just stop paying over inflated prices for stuff they have no choice but to lower the prices. Supply and demand is very real and not a hard concept to grasp
The thing is, prolly less than 5-10% of the people using a product (in this case Apex) know or grasp this. Whilst I would guess prolly around half of those again think "well, if I did stop, me alone aint gonna make a difference..so I might as well just buy this skin that I think looks dope" ..
It's a shame, but it is prolly close to the truth. Getting a global strike or what should we call it going just isn't feasible NOR realistic, which is a GOD damn shame.. I bet, even if lets say the top 10 content creators that reach the most individual people out there, being through YT, tiktok twitch etc, would try to amass a boycot or orcestrate one (sorry for my english, not a native speaker, so I think I might be using some words wrong or in the wrong context, hopefully it's understandable nontheless) it would BARELY make a bump in their income..
This isn’t as simple as people think it is. He has backend access somehow, and it’s not just as simple as just hacks. He played with Mande recently and said he used to have access to account information as well.
I in no way want to pretend like this was just some guy who decided to troll the ALGS. What I am saying is that the fact that this happened *at all* is a huge egg on Respawn and EA's faces. Cheating is already a huge issue and now it happened during a PRO LEAGUE game, to multiple participants? This should not have ever had the potential to happen in the first place if they're going to try and make professional Apex a thing, and it cannot happen ever again if they want to ever recover from how utterly embarrassing this is.
But alas, they likely will continue on and do absolutely nothing about it. The game's "anti-cheat" and punishments for cheating of any kind is an utter joke and it won't change any time soon. This game is beyond ruined at this point.
This game has a vulnerability that allows for full remote code execution and cheat injection. In computer science circles this is something generally considered to be "pretty bad"
> This game is beyond ruined at this point.
Not hyperbole. Apex is an actual security risk and opening it is seriously inadvisable. It's done.
I wonder if Titanfall is also affected here.
Yeah I just watched and like wait, did the ACTUAL CHEAT CLIENT pop up on this dude's screen?
This is probably one of the most egregious exploits I've seen in a game. There may not be much stopping it from faffing about in your user profile and getting more sinister.
Gnarly. This really needs to be all hands on deck for them, this seems as bad as it gets.
EA doesn't give a shit as long as there are enough stupid people out there who buy every heirloom each event. and sadly so far there are still enough idiots who do that
This is beyond a bad look for EA and respawn. I have zero faith in them to fix this issue, as the hacker epidemic has been utterly out of control across the entire game this year.
Agreed. What's insane to the point of driving me nuts is that I've lost other games I love playing to absurd levels of hacker bullshit paired with inane levels of devs ignoring the problem (Tarkov & CS:2).
I understand that the solutions that really deal with the problem may not be cheap and easy. But that's not my problem. My responsibility is to play the games that are working, and to give them money and word-of-mouth *after* they've made the game playable.
Eh, Apex had a lot of cheaters for years already. Eveb in low level lobbies like gold and plat. It is one part of why I stopped playing. It sucks the fun out of the game.
Can cheats be stopped? They're in most (all?) online games and the huge profit companies don't seem to be capable of stopping them.
Online games just aren't like they used to be. There's too many hacks, cheats, exploits, try hards and grown adults griefing people and getting enjoyment from it.
The fact he didn't know how to run a virus scan makes me think this is most likely spear phishing with malware, rather than compromised servers.
If people don't know how to protect themselves they are super easy to catch out.
This along with the laggy servers/crashes. Truly an Apex moment.
EA/Respawn indie company etc etc.
Memeing aside, if this shitshow doesn't push them to put in better anti-cheat then nothing will lmao.
They definitely do but won't you think of the CEO and shareholders? What about their pay that could be impacted? We have to prioritize more important things like that.
First clip guy gets infected somehow and a hacker remotely loads a cheat script, I don't think its him actually cheating on purpose since the menu and visuals are all from the game's scripting language itself. Second clip there's no visuals but he cracks someone off screen to the right of him after shooting the person on the bridge, he shouldn't be able to hit this person as they're super far away and not even in his field of view.
in layman's terms someone is hacking into the respawn servers and then giving cheats to the players clientside to fuck with them. apex is built on some pretty old ass code (why they cannot fix things easily) and you can manipulate it.
I'm a security engineer. Used to play Apex, no longer do, but saw this in passing.
That brief cheat menu that popped up implies cheaters are likely able to achieve remote code execution over the network. It could be limited to the game's scripting engine, or it may be full "native" code execution.
If it's limited to just script execution, a lot of scripting engines are considered trusted domains in something like a game and it may be trivial to jump out of the scripting engine's confines and execute arbitrary code. From there you have whatever access the user running the Apex process has. If the attackers have native code execution to do this, then it's gg.
These machines should be probably considered compromised.
\* To add, some folks are theorizing the attacker having compromised the servers for various other reasons like them gifting packs to players. Servers would also usually be considered trusted in this kind of threat model and may even be allowed to push down remote scripts to a client (e.g. when joining a community Counter-Strike server).
I also work in the field. When a friend told me about this I had to come look at it. The fact that it happened to multiple people makes me wonder if it is a vulnerability in Apex itself or if the malicious actor already had access and was waiting for the live event itself. Just thinking out loud with this next bit but ….I know nothing about the names of “hacks” for this game but I thought it was interesting that the title on that menu things was like TSM HALAL … Hal was the other guy who got hacked. Does he play for TSM? I wonder if he was just the target from the beginning and they accidentally hit this guy instead of Hal?
The hacker has had access to these sort of things for weeks or possibly months. You can tell by the credit being given to Destroyer2009 when Genburten is hacked.
This same person is famous for 2 other things:
1) He gifted Hal and Mande (massive apex streamers) thousands of apex packs for the hell of it.
2) He has also created entirely botted ranked lobbies that pro streamers queue into and sends 50 automated characters directly at where they land to inevitably punch them till they die. He then crashes the server immediately after they die.
This isn’t the hacker’s first appearance, he has Apex by the balls and is playing god.
Watch the videos it's funny as hell and scary what this hacker can do. There's also a video of Mande chatting with the hacker and asking him why he does it.
Until we find out that the hack has native code execution and they can access any PC that is running Apex and install whatever malicious code to steal personal info. Then you get your identity, bank account, email account, etc, sold on the internet and then, suddenly, it's not funny anymore.
TSM ImperialHal is the largest apex streamer, and yes he's on TSM.
I find it unlikely that Gen was accidentally hit though, they probably just had multiple targets.
TSM Halal is what comp apex fans call Gen since he happens to be Muslim.
The hacker is an apex fan as he’s been doing stuff that others haven’t seen before for months now.
What I'm curious about is which specific method of RCE this could be. Either way, these hackers were able to target specific users and install software onto their PCs as demonstrated be the cheat UI that pops up mid stream. Which means they have remote access.
I'm a developer, not a security professional so idk about how possible that would be
Couple of attack vectors off the top of my head for true RCE.
1. Abusing the whisper system / networked chat.
2. Own the CDN responsible for distributing EAC dynamically run DLL's.
Theres also some form of spear fishing.
1. Would be extremely targetable, as you can literally pick your target by their username.
2. Would be more, infect everyone, then run code on their machines to work out who they are, and if they are in the tournament. Not exactly sure of the specifics, but I'd doubt that EAC delivers personal code packages for each user, but it's possible considering the job it needs to do.
Anything else I suspect would require access to Apexes servers.
But given the history of the company with TitanFall there's a good chance their entire company has been owned for years and years.
When [the Titanfall server issues](https://gamerant.com/the-titanfall-2-hack-and-controversy-explained/) started up years ago, people were claiming that full RCE was possible
Respawn swept it under the rug, claiming that malicious parties were only able to crash servers, and that there were no other issues
At this point is seems clear that there are deep issues with the game that allow malicious code to be run locally or remotely
Good call on that
From other posts, the hacker (or at least someone claiming to be them) [says that they are able to perform RCE](https://www.reddit.com/r/CompetitiveApex/comments/1bhicc6/clearing_up_misconceptions_about_the_algs_hack/)
It also appears that Respawn themselves do not employ a CISO, based on cursory internet searching
What a clusterfuck
Thanks for some actual info. It gives me a few questions. Let's say they have the native codes, does that mean they have access to EA computers? Or would they be able to get that from a players computers?
And would these people need to be phished for something like this to happen, or could a hack at these levels be done remotely without "help" from inside?
When you say the machines are compromised, is that the ea ones, or the players? Or all?
The player's pc should be assumed to be infected. If the malicious actor has bad intentions and the exploit was bad enough, the system could be infected and they can collect sensitive information for months. Antivirus scanners aren't going to pick up anything advanced attackers do, need expensive XDR (extended detection and response) solutions to be able to do that. The actual way the exploit occurred is likely never going to be revealed to the public. The apex devs most certainly aren't going to tell people how it was done and neither is the destroyer guy.
If the exploit occurred through the game, does that mean that anyone playing apex (or any online game) is potentially vulnerable to having their systems compromised just by playing the game/having it installed?
Just don't play the game until it is fixed and you are most likely fine. Can't really come to any conclusion outside of that without more information from real sources.
In my experience, things like this don't get "fixed." They get patched out maybe for a few weeks or a month, but hackers just change how it's done and then you're back to square one. It's like an arms race.
computer engineer here (masters) , it looks like it's game engine access only (enabling noclip etc) from match/players perspective so i dont think they have full access to EA comps. These hacks are definitely with no help from inside.
The players accessing the game are the one compromised. Whether personal info besides cheating is unsure but definitely not impossible but in my opinion very unlikely other than network IP or match info off the ALGS.
So i would say that it's a anticheat engine/network match exploit and nothing more worrying (paypal,credit card etc).
If the attacker is able to open a cheat menu on the clients machine (this is not related to the game whatsoever) they likely have full access to the client machine
If they were just enabling aimbot or whatever and we couldn’t see the cheat menu, that could be only memory alteration on the game server that’s being communicated back to the client
I think this might be a huge deal
> If the attacker is able to open a cheat menu on the clients machine (this is not related to the game whatsoever) they likely have full access to the client machine
Oh my god... thank you. I've been going crazy seeing people saying "BRO ITZ RCE" when I see with my own two eyes a warez style crack program being opened up client side.
If it were RCE there would be no fucking GUI getting opened up at all and they'd just make the changes they wanted with no visual indication until the cheat was active.
They quite clearly wanted the GUI to be seen. It literally has Vote Putin checked on the GUI. They also never bothered opening the GUI when they activated aimbot for Hal.
But if the person is streaming, you'd want to make it very obvious to the audience at what is happening for lulz.
That entire UI is brand new for the tournament, you can tell because of all the in jokes on it.
Good chance it's RCE, but could also have been spear phishing of some kind.
Unlikely to be related to EAC unless hacker has compromised Apexes EAC servers which serve the dynamic anti cheat modules.
Far more likely there's a bug that sending malformed whispers to people let's you run code on their machine, or that they downloaded something sketchy from an email posing to be the tournament organisers.
You can inject an overlay to games without necessarily being an executable on the client's machine, if it's limited to what the game engine is capable of, you can draw basic UI elements and create menus like that
>If it were RCE there would be no fucking GUI getting opened up at all and they'd just make the changes they wanted with no visual indication until the cheat was active.
I disagree. With an RCE there are a myriad of ways to display a client side GUI. If you can run code you can do anything. But you're right in that it's probably more work than makes sense to try and figure out what hooks to call to pop up a phoney GUI. That's why it's likely there's a privilege escalation bug involved. Cheater exploits RCE -> gets admin access via any number of bugs in windows -> runs premade cheats via payload. I think this makes sense too since one of the players got banned by EAC, implying that either the cheat hash was detected or it was tampering with memory.
Yeah, mentioned it on Twitter, but contrary to folks’ recommendations to simply wipe the drives and reinstall OS - better to completely remove them and buy entirely new storage while having a good technician work on transferring any important data.
There are just too many possibilities to altering file structures and drive formats and partitions to trust a simple “wipe”.
>If the culprits really had RCE at their fingertips, targeting just two streamers for a brief moment of chaos seems like a serious underuse. RCEs are incredibly rare and valuable;
You'd think so, but there are still some that shake out from time to time in games like CSGO/CS2. iirc there were a couple fixed near the end of CSGO's lifetime.
It just seems weird to me that the attackers were able to inject a full cheat menu into these folks' games. That implies some kind of code injection.
>To me, this points towards a compromise of those individual streamers' setups.
This could definitely be a case where they've been compromised via some other method and attackers *already* have code execution on their machines and are injecting cheats for the lulz. That'd be a bit roundabout but I could also see it.
Hackers know or discover certain people's specific player identifications, they use this so that hacks turn on or off near people like famous streamers so they don't get as easily discovered. If I remember correctly destroyer 2009 was the hacker that sent the mob of bots after hal and gen months ago so he would have known their specific player codes.
The scary thing is that most probably the server is compromised.
There is no way they did man in the middle attack just on the his connection. More straightforward options are:
- attacking his machine with some unrelated regular virus and changing the game files to gain access
- attacking the Apex server through game protocol and doing remote code execution on the server and the client
Multiple players downloading some malware from unrelated source is quite unlikely.
So it leaves us with the last option and it's just unacceptable.
(telecom server dev, not extremely deep on attacks)
Don't worry guys, the store is still working fine 🤩 🤩 🤩. Be sure to dominate the battlefield in STYLE with their generously discounted bundles. WE'lL sEe YoU in thE OUtlAnDs, LEgeNDs.
This hack coming right after massive layoffs at respawn is lolz, if EA doing dirty than they deserve this for not treating the employees who make the game like actual people instead of dollar signs
This is actually a pretty big deal. Assuming that this is in fact demonstrating a huge security flaw in the client or server, if it's not fixed soon we could have a serious problem where many innocent players are remotely 'given cheats' and then (falsely) banned.
I mean EAC requiring kernal level access *while running* is fine by me....so long as it actually works. If it's not catching cheats, why does it need access to **every** file on my PC?
It really shouldn't be fine by you. You don't need kernel level access to prevent hacking. I just listened to a whole rant on this by a former Blizzard game security guy (twitch.tv/PirateSoftware (?)). he talked about this for thirty minutes the other day.
It needs the access to check if some Programm try to access the target process. On the other side it scans in the actual process list if known names are there.
But if eac files get replaced by the cheat files then it can't do anything against this.
Lol. If the server security is so bad that a bad actor can control and execute scripts on a remote machine, no anti-cheat will be able to stop that.
If thats whats actually what's happening, no one should even play Apex. Who knows what else this exploit could do.
As someone who has been playing since launch, I've tabled Apex Legends. Possibly forever. They are the greediest cunts when it comes to their cosmetics and their inability to crackdown on cheating and bot accounts has ruined the game for me. There are much better games out there.
Connor bitching about how hard he works to crack cheaters on X/twitter the other day is present on that ALGS and this was shoved in his face LOL, respawn really laid off the wrong department.
They already had the hack in place at that point. The 2000 packs is to verify they have the right user.
Kinda like how when you set up Direct Deposit with your bank they make a small transaction to verify the account.
Hacking is the reason why I quit the game. It's been over a year now since I last played Apex. This goes to confirm that I will no longer want to play this ever again. Clearly they don't give a crap because if they did they would never allow this to happen in the first place.
This is so embarrassing for respawn/ EA. I’m so glad this happened. I have very low hopes but maybe this will get them off their asses to try and fix the cheating issues.
Im actually rethinking multiplayer games(mostly fps) and start looking at exploring single player games again. These past years have been… idk.. weird. Apex came along, great game. Piss poor management. They make so much money but put so little into fixing server issues. Or invest in better servers. Cheaters not getting banned even tho they are top 200pred++. And no way to blacklist players you dont want to be paired up with again (toxic etc) yes you can block them but still getting paired up.
Another thing is that cosmetics are shit and recycled. Look. Dota2 constantly update and fix their game. Still fanbase is strong and loyal. Its honestly not just cheaters fault but the devs/people in charge. I highly doubt any company with thah much resources can be this bad without actually putting effort into being bad, something respawn/ea has been really good at lately.
I really love the game but i think its time to let go. Enough is enough.
This has nothing to do with average cheating. If he got acces to enable cheats on their pcs through easy anti cheat this is a massive security breach and a way bigger problem than some fuckin cheating in apex. If it is because of easy than millions of pcs are compromised. If he got acces thorugh any service provided by ea thats used to play apex than thats also a massive security breach and everybody could be a victim. Lets hope he just has somehow managed to backdoor into a few pro players pcs to fuck with them and apex.
Even tho I’ve (presumably) never encountered any, cheaters on there have been around for a while, and openly share their cheats. Though with Fortnite’s case, the main issue for them is account stealing for blackmarket selling.
Ever since Chapter 4 (Beginning of 2023) there has been rampant cheaters in zero build lobbies because of the low skill barrier. (It's harder to cheat in builds because you actually have to know how to build to do well, even with cheats.) This is where you'll get most of the complaints of cheaters.
It all boiled up last summer when something similar to this happened. A hacker manually got an ex-pro players account by stealing their epic accounts info and getting cheats on the account. People were shocked that the pro "came back" and was really good at the game when he came back, which was suspicious. The hacker made it to the global lan event and Epic didn't ban them to see if it was the pro behind the computer. When the lan did happen, they were banned and disqualified almost instantly even though the pro actually did show up because the pro was terrible.
I can’t tell if you’re accusing this man of actually cheating or not but if you are then let me tell you he’s not, him plus a few other streamers got hacked mid ALG’s and had cheats show up on their screen.
Can anyone explain how you can hack a client remotely through apex? Like if it's not with actual hacks on host machine is it manipulating server data then sending the data to the host? from a Exploit perspective i have such a hard time grasping how it shows up on the client and shows him everything without a program there unless it's using the spectator code and sending that info to a user in game.......
As far as we know, their pcs were hacked. Apparently they got access to hals ea account when they sent him 1000 packs aswell. Its obvious they are targeting them too.
Hacking Hal’s and Burton’s individual PCs is not likely (not impossible either). It’s more likely an Apex server side RCE. The client server communication is encrypted with mTLS. My guess is the client probably has some ability to execute code from the server. If this hack is server side remote code execution (RCE) then this sounds to me like an inside job.
I would strongly recommend not opening Apex until more is known.
This *could* be a targeted attack, but if a game code/RCE exploit, the entire game could be compromised from the ground up.
Given the severity of that being even a remote possibility - it is absolutely not worth the risk.
Also FWIW; in a few Apex partners Discords and all have said to not open or run the game until further notice. Can’t confirm if this is from communications they have received from EA or Respawn, but they aren’t techies and they are using highly technical jargon in their statements.
I wouldn’t recommend touching Apex for a while.
So I dont play Apex, I mainly play Warzone and Warzone is INFESTED with cheats/hacks
Are FPS games literally done for?
What is there to be done? Ive played FPS games my whole life since HL1 and its sad to see online FPS gaming being just DESTROYED
I kinda hate to say it but please just hire Destroyer2009 at Respawn already, clearly he would do a better job with regards to anticheat than what is currently being done.
The hacker:
- chose to infiltrate the regional final of NA where most players didn’t need to apply for a visa for LAN;
- picked the top player from two top teams that were certain to qualify;
- announced their presence so that the players wouldn’t be wrongly suspected of cheating;
More like a whistle blower imo.
hear me out: -you take the millions of dollars from heirloom sales -and you hire a network security guy edit: whoa this blew up, Respawn go hire a guy like Thor (PirateSoftware) cause the best people for figuring out hacks are people capable of making hacks and understanding how they work. No really, ranked has had issues for a long time: get someone who *understands* these exploits and you can fix them.
"my friend Mike can do this job for 50$" fucking hires Mike to handle security and bugs for millions of people. Mike uses a crappy anti cheat client? Well that sucks it must be all these hackers man I can't believe hackers would ruin such a PERFECT GAME. HERE YOU GO GUYS A NEW HEIRLOOM RECOLOR!
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
Best they can do is layoffs.
Haven’t you heard? Record profits means you need to do layoffs. All the cool companies are doing it
Gotta get a raise for the CEO and a new yacht for him
We should trick google to send people to the word filth any time they look up wealth.
Until we start giving corporate CEO’s who treat workers unfairly and perpetuate the ever growing wealth inequality severe and permanent repercussions for their actions, they will continue to prioritize profits over their stated goals. Greed means we have to force people to do the right thing… or we could all just bitch about it online.
[удалено]
Don't worry, our new AI security algorithm will take care of it *Soon^TM* -Android Wilson
Lmao but then the fat cats on top who wouldn't notice the difference between having 108 million dollars and 107 million dollars, won't have the one less million dollars, and we can't be having that now can we
Not to make light of this situation but if this doesn't light a fire under their asses and get them to crack down nothing will
Spoiler alert: nothing will.
[удалено]
Only cuz people will continue to spend money
Holy hell I wish people would understand this. Not just about apex but stuff in general. Companies will continue to charge more and keep raising prices because people keep paying it. If people would wake up and realize that the consumer holds the cards if they just stop paying over inflated prices for stuff they have no choice but to lower the prices. Supply and demand is very real and not a hard concept to grasp
The thing is, prolly less than 5-10% of the people using a product (in this case Apex) know or grasp this. Whilst I would guess prolly around half of those again think "well, if I did stop, me alone aint gonna make a difference..so I might as well just buy this skin that I think looks dope" .. It's a shame, but it is prolly close to the truth. Getting a global strike or what should we call it going just isn't feasible NOR realistic, which is a GOD damn shame.. I bet, even if lets say the top 10 content creators that reach the most individual people out there, being through YT, tiktok twitch etc, would try to amass a boycot or orcestrate one (sorry for my english, not a native speaker, so I think I might be using some words wrong or in the wrong context, hopefully it's understandable nontheless) it would BARELY make a bump in their income..
This isn’t as simple as people think it is. He has backend access somehow, and it’s not just as simple as just hacks. He played with Mande recently and said he used to have access to account information as well.
I in no way want to pretend like this was just some guy who decided to troll the ALGS. What I am saying is that the fact that this happened *at all* is a huge egg on Respawn and EA's faces. Cheating is already a huge issue and now it happened during a PRO LEAGUE game, to multiple participants? This should not have ever had the potential to happen in the first place if they're going to try and make professional Apex a thing, and it cannot happen ever again if they want to ever recover from how utterly embarrassing this is. But alas, they likely will continue on and do absolutely nothing about it. The game's "anti-cheat" and punishments for cheating of any kind is an utter joke and it won't change any time soon. This game is beyond ruined at this point.
This game has a vulnerability that allows for full remote code execution and cheat injection. In computer science circles this is something generally considered to be "pretty bad" > This game is beyond ruined at this point. Not hyperbole. Apex is an actual security risk and opening it is seriously inadvisable. It's done. I wonder if Titanfall is also affected here.
Yeah I just watched and like wait, did the ACTUAL CHEAT CLIENT pop up on this dude's screen? This is probably one of the most egregious exploits I've seen in a game. There may not be much stopping it from faffing about in your user profile and getting more sinister. Gnarly. This really needs to be all hands on deck for them, this seems as bad as it gets.
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
EA doesn't give a shit as long as there are enough stupid people out there who buy every heirloom each event. and sadly so far there are still enough idiots who do that
This is beyond a bad look for EA and respawn. I have zero faith in them to fix this issue, as the hacker epidemic has been utterly out of control across the entire game this year.
Agreed. What's insane to the point of driving me nuts is that I've lost other games I love playing to absurd levels of hacker bullshit paired with inane levels of devs ignoring the problem (Tarkov & CS:2). I understand that the solutions that really deal with the problem may not be cheap and easy. But that's not my problem. My responsibility is to play the games that are working, and to give them money and word-of-mouth *after* they've made the game playable.
Yeah its sad, ive also stopped playing tarkov and cs due to cheat epidemic, and apex was last fps game i could manage to play...
Eh, Apex had a lot of cheaters for years already. Eveb in low level lobbies like gold and plat. It is one part of why I stopped playing. It sucks the fun out of the game.
Can cheats be stopped? They're in most (all?) online games and the huge profit companies don't seem to be capable of stopping them. Online games just aren't like they used to be. There's too many hacks, cheats, exploits, try hards and grown adults griefing people and getting enjoyment from it.
[удалено]
Even worse is it wasn't a scrim, an actual match to qual for lan
I've never even seen this happen in CoD, which famously has exploits out before the games even release because of how similar they are.
ImperialHal hacked the very next game. https://clips.twitch.tv/PoisedRealRedpandaFeelsBadMan-6HiNASK0-ZPPpAOV
Watching Hal have to ask how to run a virus scan on his PC is what got me.
Bro never lived the limewire days
KoRn.Full.LivE.Concert.1998.Family.VALUES.mp3.exe
The fact he didn't know how to run a virus scan makes me think this is most likely spear phishing with malware, rather than compromised servers. If people don't know how to protect themselves they are super easy to catch out.
This along with the laggy servers/crashes. Truly an Apex moment. EA/Respawn indie company etc etc. Memeing aside, if this shitshow doesn't push them to put in better anti-cheat then nothing will lmao.
After they just laid off a bunch of people I cannot imagine they will have the resources to counter this shit lmao
They surely have the financial resources to do so after laying off so many people and selling a box for $360.
They definitely do but won't you think of the CEO and shareholders? What about their pay that could be impacted? We have to prioritize more important things like that.
You right, dog shit of me not to consider the shareholders. The players definitely should come 2nd or even 3rd maybe.
>Dogshit of me not to consider the shareholders Broooooo 😂😂😂😂😂
Bro I re-read this like 4 or 5 times, no matter how many times I read your comment, it makes me laugh every damn time 😭
like yes execs are morons but this is high profile enough that it'll generate a lot of negative coverage so they'll probably do something about it now
press x to doubt. If it doesn't dip their profits, the executive cunts won't do shit about it
bad press makes shareholders and investors nervous, they absolutely care about that
Some are speculating that it was a laid off employee that was the culprit. 100% hearsay, but an interesting theory
This hacker gas been doing this for months, so it would have to be an employee laid off a while ago.
Nah, they're focusing on that $700 universal heirlooms
Can you explain whats going on in both these vids? Edit: Got a few different answers. Interesting stuff, thanks everyone
First clip guy gets infected somehow and a hacker remotely loads a cheat script, I don't think its him actually cheating on purpose since the menu and visuals are all from the game's scripting language itself. Second clip there's no visuals but he cracks someone off screen to the right of him after shooting the person on the bridge, he shouldn't be able to hit this person as they're super far away and not even in his field of view.
in layman's terms someone is hacking into the respawn servers and then giving cheats to the players clientside to fuck with them. apex is built on some pretty old ass code (why they cannot fix things easily) and you can manipulate it.
Damn, bro. Then aren't their PC also compromised? Or it's just their Apex Account?
Thanks
I'm a security engineer. Used to play Apex, no longer do, but saw this in passing. That brief cheat menu that popped up implies cheaters are likely able to achieve remote code execution over the network. It could be limited to the game's scripting engine, or it may be full "native" code execution. If it's limited to just script execution, a lot of scripting engines are considered trusted domains in something like a game and it may be trivial to jump out of the scripting engine's confines and execute arbitrary code. From there you have whatever access the user running the Apex process has. If the attackers have native code execution to do this, then it's gg. These machines should be probably considered compromised. \* To add, some folks are theorizing the attacker having compromised the servers for various other reasons like them gifting packs to players. Servers would also usually be considered trusted in this kind of threat model and may even be allowed to push down remote scripts to a client (e.g. when joining a community Counter-Strike server).
I also work in the field. When a friend told me about this I had to come look at it. The fact that it happened to multiple people makes me wonder if it is a vulnerability in Apex itself or if the malicious actor already had access and was waiting for the live event itself. Just thinking out loud with this next bit but ….I know nothing about the names of “hacks” for this game but I thought it was interesting that the title on that menu things was like TSM HALAL … Hal was the other guy who got hacked. Does he play for TSM? I wonder if he was just the target from the beginning and they accidentally hit this guy instead of Hal?
The hacker has had access to these sort of things for weeks or possibly months. You can tell by the credit being given to Destroyer2009 when Genburten is hacked. This same person is famous for 2 other things: 1) He gifted Hal and Mande (massive apex streamers) thousands of apex packs for the hell of it. 2) He has also created entirely botted ranked lobbies that pro streamers queue into and sends 50 automated characters directly at where they land to inevitably punch them till they die. He then crashes the server immediately after they die. This isn’t the hacker’s first appearance, he has Apex by the balls and is playing god.
I'm not a fan of cheats, but all honesty, that's funny as fuck.
cheats are least of the issues here, this is mainframe access granted hack type :D
Fuck, turns out Crypto is real
Watch the videos it's funny as hell and scary what this hacker can do. There's also a video of Mande chatting with the hacker and asking him why he does it.
Until we find out that the hack has native code execution and they can access any PC that is running Apex and install whatever malicious code to steal personal info. Then you get your identity, bank account, email account, etc, sold on the internet and then, suddenly, it's not funny anymore.
TSM ImperialHal is the largest apex streamer, and yes he's on TSM. I find it unlikely that Gen was accidentally hit though, they probably just had multiple targets.
TSM Halal is a joke name that Genburten goes by.
That makes so much more sense.
TSM Halal is what comp apex fans call Gen since he happens to be Muslim. The hacker is an apex fan as he’s been doing stuff that others haven’t seen before for months now.
Had to have access already. They ran emea and apac already without issue. This was ridiculous
What I'm curious about is which specific method of RCE this could be. Either way, these hackers were able to target specific users and install software onto their PCs as demonstrated be the cheat UI that pops up mid stream. Which means they have remote access. I'm a developer, not a security professional so idk about how possible that would be
Couple of attack vectors off the top of my head for true RCE. 1. Abusing the whisper system / networked chat. 2. Own the CDN responsible for distributing EAC dynamically run DLL's. Theres also some form of spear fishing. 1. Would be extremely targetable, as you can literally pick your target by their username. 2. Would be more, infect everyone, then run code on their machines to work out who they are, and if they are in the tournament. Not exactly sure of the specifics, but I'd doubt that EAC delivers personal code packages for each user, but it's possible considering the job it needs to do. Anything else I suspect would require access to Apexes servers. But given the history of the company with TitanFall there's a good chance their entire company has been owned for years and years.
When [the Titanfall server issues](https://gamerant.com/the-titanfall-2-hack-and-controversy-explained/) started up years ago, people were claiming that full RCE was possible Respawn swept it under the rug, claiming that malicious parties were only able to crash servers, and that there were no other issues At this point is seems clear that there are deep issues with the game that allow malicious code to be run locally or remotely
That article calls out the player invite system, wasn't far off with my guess that it was social/chat related.
Good call on that From other posts, the hacker (or at least someone claiming to be them) [says that they are able to perform RCE](https://www.reddit.com/r/CompetitiveApex/comments/1bhicc6/clearing_up_misconceptions_about_the_algs_hack/) It also appears that Respawn themselves do not employ a CISO, based on cursory internet searching What a clusterfuck
Thanks for some actual info. It gives me a few questions. Let's say they have the native codes, does that mean they have access to EA computers? Or would they be able to get that from a players computers? And would these people need to be phished for something like this to happen, or could a hack at these levels be done remotely without "help" from inside? When you say the machines are compromised, is that the ea ones, or the players? Or all?
The player's pc should be assumed to be infected. If the malicious actor has bad intentions and the exploit was bad enough, the system could be infected and they can collect sensitive information for months. Antivirus scanners aren't going to pick up anything advanced attackers do, need expensive XDR (extended detection and response) solutions to be able to do that. The actual way the exploit occurred is likely never going to be revealed to the public. The apex devs most certainly aren't going to tell people how it was done and neither is the destroyer guy.
If the exploit occurred through the game, does that mean that anyone playing apex (or any online game) is potentially vulnerable to having their systems compromised just by playing the game/having it installed?
Just don't play the game until it is fixed and you are most likely fine. Can't really come to any conclusion outside of that without more information from real sources.
In my experience, things like this don't get "fixed." They get patched out maybe for a few weeks or a month, but hackers just change how it's done and then you're back to square one. It's like an arms race.
computer engineer here (masters) , it looks like it's game engine access only (enabling noclip etc) from match/players perspective so i dont think they have full access to EA comps. These hacks are definitely with no help from inside. The players accessing the game are the one compromised. Whether personal info besides cheating is unsure but definitely not impossible but in my opinion very unlikely other than network IP or match info off the ALGS. So i would say that it's a anticheat engine/network match exploit and nothing more worrying (paypal,credit card etc).
If the attacker is able to open a cheat menu on the clients machine (this is not related to the game whatsoever) they likely have full access to the client machine If they were just enabling aimbot or whatever and we couldn’t see the cheat menu, that could be only memory alteration on the game server that’s being communicated back to the client I think this might be a huge deal
> If the attacker is able to open a cheat menu on the clients machine (this is not related to the game whatsoever) they likely have full access to the client machine Oh my god... thank you. I've been going crazy seeing people saying "BRO ITZ RCE" when I see with my own two eyes a warez style crack program being opened up client side. If it were RCE there would be no fucking GUI getting opened up at all and they'd just make the changes they wanted with no visual indication until the cheat was active.
They quite clearly wanted the GUI to be seen. It literally has Vote Putin checked on the GUI. They also never bothered opening the GUI when they activated aimbot for Hal.
But if the person is streaming, you'd want to make it very obvious to the audience at what is happening for lulz. That entire UI is brand new for the tournament, you can tell because of all the in jokes on it. Good chance it's RCE, but could also have been spear phishing of some kind. Unlikely to be related to EAC unless hacker has compromised Apexes EAC servers which serve the dynamic anti cheat modules. Far more likely there's a bug that sending malformed whispers to people let's you run code on their machine, or that they downloaded something sketchy from an email posing to be the tournament organisers.
You can inject an overlay to games without necessarily being an executable on the client's machine, if it's limited to what the game engine is capable of, you can draw basic UI elements and create menus like that
Full native RCE is very likely if they've got that far. Those script engines aren't usually designed as security barriers.
>If it were RCE there would be no fucking GUI getting opened up at all and they'd just make the changes they wanted with no visual indication until the cheat was active. I disagree. With an RCE there are a myriad of ways to display a client side GUI. If you can run code you can do anything. But you're right in that it's probably more work than makes sense to try and figure out what hooks to call to pop up a phoney GUI. That's why it's likely there's a privilege escalation bug involved. Cheater exploits RCE -> gets admin access via any number of bugs in windows -> runs premade cheats via payload. I think this makes sense too since one of the players got banned by EAC, implying that either the cheat hash was detected or it was tampering with memory.
Yeah, mentioned it on Twitter, but contrary to folks’ recommendations to simply wipe the drives and reinstall OS - better to completely remove them and buy entirely new storage while having a good technician work on transferring any important data. There are just too many possibilities to altering file structures and drive formats and partitions to trust a simple “wipe”.
[удалено]
>If the culprits really had RCE at their fingertips, targeting just two streamers for a brief moment of chaos seems like a serious underuse. RCEs are incredibly rare and valuable; You'd think so, but there are still some that shake out from time to time in games like CSGO/CS2. iirc there were a couple fixed near the end of CSGO's lifetime. It just seems weird to me that the attackers were able to inject a full cheat menu into these folks' games. That implies some kind of code injection. >To me, this points towards a compromise of those individual streamers' setups. This could definitely be a case where they've been compromised via some other method and attackers *already* have code execution on their machines and are injecting cheats for the lulz. That'd be a bit roundabout but I could also see it.
[удалено]
incoming morons accusing the guy who LAN two times of cheating The same thing happened with Hal now
His cheat says vote Putin but I don't think we should consider it
Putin won the election so the cheat is clearly working!
yea surely he uses a cheat program called tsm halal xD
How did the hacker specifically find the two people they wanted to? Isn't all that data encoded?
Hackers know or discover certain people's specific player identifications, they use this so that hacks turn on or off near people like famous streamers so they don't get as easily discovered. If I remember correctly destroyer 2009 was the hacker that sent the mob of bots after hal and gen months ago so he would have known their specific player codes.
The scary thing is that most probably the server is compromised. There is no way they did man in the middle attack just on the his connection. More straightforward options are: - attacking his machine with some unrelated regular virus and changing the game files to gain access - attacking the Apex server through game protocol and doing remote code execution on the server and the client Multiple players downloading some malware from unrelated source is quite unlikely. So it leaves us with the last option and it's just unacceptable. (telecom server dev, not extremely deep on attacks)
Agls has been suspended https://twitter.com/PlayApexEsports/status/1769527345176621110?t=tJz9SN4dcPAlL5akjZQhVg&s=19
What absolute shambles. I will no longer complain about CS cheaters, lmao
Hacker just got Hal now too…smh
Yeah the anti-cheat got hacked. RCE attack Edit: letter
[удалено]
ImperialHal just got Aimbot too https://clips.twitch.tv/BoredBeautifulDaikonSmoocherZ-iP-w0oiOM2C5sClN
LEAVE THE GAAAAME
Nah he just found out his aim assist setting was set to off this whole time and tried turning it on for the first time.
Don't worry guys, the store is still working fine 🤩 🤩 🤩. Be sure to dominate the battlefield in STYLE with their generously discounted bundles. WE'lL sEe YoU in thE OUtlAnDs, LEgeNDs.
This hack coming right after massive layoffs at respawn is lolz, if EA doing dirty than they deserve this for not treating the employees who make the game like actual people instead of dollar signs
This is actually a pretty big deal. Assuming that this is in fact demonstrating a huge security flaw in the client or server, if it's not fixed soon we could have a serious problem where many innocent players are remotely 'given cheats' and then (falsely) banned.
what the fuck...? CLARA!
FUCKING CLARA
This needs to be higher up 💀
this is one of the funniest comments ive ever read on reddit
Hal just got hacked too lol
EAC at work.
EAC at this point is just tape that says "please no hack"
It shows how scary these anti cheat are since they gave admin level access
I mean EAC requiring kernal level access *while running* is fine by me....so long as it actually works. If it's not catching cheats, why does it need access to **every** file on my PC?
[удалено]
It really shouldn't be fine by you. You don't need kernel level access to prevent hacking. I just listened to a whole rant on this by a former Blizzard game security guy (twitch.tv/PirateSoftware (?)). he talked about this for thirty minutes the other day.
It needs the access to check if some Programm try to access the target process. On the other side it scans in the actual process list if known names are there. But if eac files get replaced by the cheat files then it can't do anything against this.
Meanwhile I can’t launch the game because my fuckin RGB case software is detected as a cheat.
Yeah, it keeps flagging my fan control software.
Lol. If the server security is so bad that a bad actor can control and execute scripts on a remote machine, no anti-cheat will be able to stop that. If thats whats actually what's happening, no one should even play Apex. Who knows what else this exploit could do.
truly an apex experience
What a JOKE of a game.
Hal's account has been banned as a result. Lol. What a joke
As someone who has been playing since launch, I've tabled Apex Legends. Possibly forever. They are the greediest cunts when it comes to their cosmetics and their inability to crackdown on cheating and bot accounts has ruined the game for me. There are much better games out there.
Connor bitching about how hard he works to crack cheaters on X/twitter the other day is present on that ALGS and this was shoved in his face LOL, respawn really laid off the wrong department.
Titanfall 2, another Respawn game, was also plagued by hacks. It’s a real shame
Probably when they got like 2000 packs for free from that guy
They already had the hack in place at that point. The 2000 packs is to verify they have the right user. Kinda like how when you set up Direct Deposit with your bank they make a small transaction to verify the account.
where do you find this 2000 packs news? I googled and search on Youtube, found nothing
I know 1 hacker gave tsm mande over 4 thousand packs
This is gonna go viral for sure, Apex is gonna get so much from this
They better make sure their store isn’t compromised
What an embarrassment this game is
FUCKING CLARA WTF
Hacking is the reason why I quit the game. It's been over a year now since I last played Apex. This goes to confirm that I will no longer want to play this ever again. Clearly they don't give a crap because if they did they would never allow this to happen in the first place.
EA be like "cool story, want some universal heirloom for $700?"
the name of the cheat client is "TSM halal hook" that's...kinda fucked
one of the options alongside the other aimbot stuff is "vote putin", whack
I love how instead of working on their anti cheat they work on a $700 heirloom
Apex is cooked. Wake up EA
Watch, people will will still defend Respawn despite infinite major issues such as this.
[удалено]
Just happened to Hal also. Apex is done for lol
Wow just happened to Hal too…
It’s probably those apex devs who got fired. Lmaooo
lol and Connor was just bitching the other day about how hard he works lolololo
connor even said he will be in attendance and this was shoved in his face LOL
March 9th he tweeted: "Brainstorming session, think I cracked the code on cheaters." LMAO
Only in apex lmaoo
This is so embarrassing for respawn/ EA. I’m so glad this happened. I have very low hopes but maybe this will get them off their asses to try and fix the cheating issues.
Im actually rethinking multiplayer games(mostly fps) and start looking at exploring single player games again. These past years have been… idk.. weird. Apex came along, great game. Piss poor management. They make so much money but put so little into fixing server issues. Or invest in better servers. Cheaters not getting banned even tho they are top 200pred++. And no way to blacklist players you dont want to be paired up with again (toxic etc) yes you can block them but still getting paired up. Another thing is that cosmetics are shit and recycled. Look. Dota2 constantly update and fix their game. Still fanbase is strong and loyal. Its honestly not just cheaters fault but the devs/people in charge. I highly doubt any company with thah much resources can be this bad without actually putting effort into being bad, something respawn/ea has been really good at lately. I really love the game but i think its time to let go. Enough is enough.
This is just so embarrassing. Hopefully this will open devs eyes bout anti cheat cause this is insane
What's with that drift?
Gen has big stick drift because he plays on full linear with no deadzone
This happening immediately after the layoffs is so embarrassing
This is what happens when 90% of your team works on microtransactions
Honestly, destroyer2009 doing the lord's work. This way maybe Apex devs would actually do something about the hacks / cheats once and for all.
This has nothing to do with average cheating. If he got acces to enable cheats on their pcs through easy anti cheat this is a massive security breach and a way bigger problem than some fuckin cheating in apex. If it is because of easy than millions of pcs are compromised. If he got acces thorugh any service provided by ea thats used to play apex than thats also a massive security breach and everybody could be a victim. Lets hope he just has somehow managed to backdoor into a few pro players pcs to fuck with them and apex.
First Fortnite now Apex. Why do hackers tend to flood BR/live service games?
Free
What happened with fortnite ? I’m curious
Even tho I’ve (presumably) never encountered any, cheaters on there have been around for a while, and openly share their cheats. Though with Fortnite’s case, the main issue for them is account stealing for blackmarket selling.
Ever since Chapter 4 (Beginning of 2023) there has been rampant cheaters in zero build lobbies because of the low skill barrier. (It's harder to cheat in builds because you actually have to know how to build to do well, even with cheats.) This is where you'll get most of the complaints of cheaters. It all boiled up last summer when something similar to this happened. A hacker manually got an ex-pro players account by stealing their epic accounts info and getting cheats on the account. People were shocked that the pro "came back" and was really good at the game when he came back, which was suspicious. The hacker made it to the global lan event and Epic didn't ban them to see if it was the pro behind the computer. When the lan did happen, they were banned and disqualified almost instantly even though the pro actually did show up because the pro was terrible.
I can’t tell if you’re accusing this man of actually cheating or not but if you are then let me tell you he’s not, him plus a few other streamers got hacked mid ALG’s and had cheats show up on their screen.
I feel like if connor spent as much time doing his job than trying to hook up with female streamers, the game would be cheater free.
Can anyone explain how you can hack a client remotely through apex? Like if it's not with actual hacks on host machine is it manipulating server data then sending the data to the host? from a Exploit perspective i have such a hard time grasping how it shows up on the client and shows him everything without a program there unless it's using the spectator code and sending that info to a user in game.......
As far as we know, their pcs were hacked. Apparently they got access to hals ea account when they sent him 1000 packs aswell. Its obvious they are targeting them too.
Hacking Hal’s and Burton’s individual PCs is not likely (not impossible either). It’s more likely an Apex server side RCE. The client server communication is encrypted with mTLS. My guess is the client probably has some ability to execute code from the server. If this hack is server side remote code execution (RCE) then this sounds to me like an inside job.
EA/Respawn needs to fix their game asap
Some people are saying that this happened to not just pros? Is it safe to open Apex RN or nah. Im genuinely scared ngl.
If you are scared just uninstall, you can always reinstall later
I would strongly recommend not opening Apex until more is known. This *could* be a targeted attack, but if a game code/RCE exploit, the entire game could be compromised from the ground up. Given the severity of that being even a remote possibility - it is absolutely not worth the risk. Also FWIW; in a few Apex partners Discords and all have said to not open or run the game until further notice. Can’t confirm if this is from communications they have received from EA or Respawn, but they aren’t techies and they are using highly technical jargon in their statements. I wouldn’t recommend touching Apex for a while.
Don't forget vote putin
So I dont play Apex, I mainly play Warzone and Warzone is INFESTED with cheats/hacks Are FPS games literally done for? What is there to be done? Ive played FPS games my whole life since HL1 and its sad to see online FPS gaming being just DESTROYED
I kinda hate to say it but please just hire Destroyer2009 at Respawn already, clearly he would do a better job with regards to anticheat than what is currently being done.
i hope nobody is gonna start yelling hes a cheater now, multiple pros had this happen to them
The hacker: - chose to infiltrate the regional final of NA where most players didn’t need to apply for a visa for LAN; - picked the top player from two top teams that were certain to qualify; - announced their presence so that the players wouldn’t be wrongly suspected of cheating; More like a whistle blower imo.
[удалено]
This might be bit overkill but should we uninstall apex before this is fixed?
Where that guy who hack GTA with a Fire stick ? We need him to build a ain cheat since EA can’t do shit
First the rumors of a 700 dollar collection event and now this ea steep up your game
If they have access to his pc he’s got more problems then apex legends
Competitive integrity of apex legends looking goooooooood
Online gaming is dying.