Apex Legends hacker stated he hacked match video games ‘for enjoyable’

On Sunday, the world of video video games was shaken by a hacking and cheating scandal.

Throughout a aggressive esports match of Apex Legends, a free-to-play shooter online game performed by hundreds of thousands of players day by day, hackers appeared to insert cheats into the video games of two well-known streamers — successfully hacking the gamers midgame.

“Wait, what the fuck? I’m getting hacked, I’m getting hacked bro, I’m getting hacked,” stated one of many gamers allegedly compromised throughout a livestream of the gameplay.

The incidents pressured the organizers of the Apex Legends Global Series match, which has a $5 million complete prize pool, to postpone the occasion indefinitely “due to the competitive integrity of this series being compromised.”

Because the midgame hacks had been underway, the sport’s chatbot displayed messages on-screen that appeared to return from the hackers: “Apex hacking global series, by Destroyer2009 &R4andom,” the messages learn.

In an interview with TechCrunch, the hacker Destroyer2009 took credit score for the hacks, saying that he did it “just for fun,” and with the aim of forcing the Apex Legends’ builders to repair the vulnerability he exploited.

The hacks despatched the Apex Legends group right into a frenzy, with numerous streamers reacting to the incidents. Some players suggested that Apex Legends just isn’t protected to play and that each participant might might probably be in danger; that might apply to not solely in-game, however having their computer systems hacked, too.

Destroyer2009 declined to supply particulars of how he allegedly pulled off hacking the 2 gamers midgame or which particular vulnerabilities he exploited.

“I really don’t want to go into the details until everything is fully patched and everything goes back to normal,” the hacker stated. The one factor Destroyer2009 stated concerning the method he used was that the vulnerability “has nothing to do with the server and I’ve never touched anything outside of the Apex process,” and that he didn’t hack the 2 gamers’ computer systems instantly.

The hacks “never went outside of the game,” he stated.

Destroyer2009 stated he didn’t report the vulnerability to Respawn, the online game developer that makes Apex Legends, as a result of neither the corporate nor the sport’s writer, Digital Arts, supply a bug bounty program that financially rewards hackers and researchers for privately reporting safety flaws.

“They know how to patch it without anyone reporting it to them,” he stated.

Speaking in regards to the hacks he did in the course of the match, Destroyer2009 stated that he “went viral, but not many people would have used an exploit like that in an absolutely innocent way for players.”

“Just imagine if it wasn’t a joke and we didn’t put any memes in the cheat, I’m pretty sure you can ruin someone’s career if they had a cheat pop up on a tournament,” stated Destroyer2009, defending his actions in an try to indicate that he by no means had malicious intentions.

A screenshot of an Apex Legends aggressive sport, the place a participant seems to get hacked, and will get a cheat impulsively. Picture Credit: Apex Legends/Respawn/Digital Arts

When Destroyer2009 allegedly hacked one of many gamers and inserted cheats into their sport, a window appeared on the player’s screen exhibiting a menu for a instrument that can be utilized to allow totally different cheats within the sport. One of many choices within the cheat window was “VOTE PUTIN.”

Destroyer2009 stated that the window is a part of an actual cheat software program, however not one that’s public, and whose menu was barely modified for the hacks on Sunday. The hacker additionally stated he focused these particular gamers, who go by Geburten and ImperialHal, as a result of “they’re just nice guys.”

“Free attention and views for them,” he added. (The 2 gamers didn’t reply to a number of requests for remark.)

On Tuesday, Respawn, the studio that develops Apex Legends, posted a statement on X (formerly Twitter), addressing the incidents.

“Our teams have deployed the first of a layered series of updates to protect the Apex Legends player community and create a secure experience for everyone,” stated the assertion, which didn’t present any particulars on what was this primary replace, nor any particulars on what occurred Sunday.

Conor Ford, who works on Apex Legends safety group, wrote on X that he and his colleagues are working to handle the problems. “The team on this are some of the most talented I’ve ever had the pleasure of working with. All I can say is, the care and love shown from parties involved makes me thankful for the coworkers and devs on this game,” wrote Ford.

Neither Respawn nor Digital Arts responded to requests for remark by TechCrunch in regards to the hacker’s claims or disputed them.

Simple Anti-Cheat, the builders of the anti-cheat engine utilized in Apex Legends (and a number of other different video games), said in a statement on Monday that it was “confident that there is no RCE vulnerability within EAC being exploited.” An RCE, or distant code execution, is a safety flaw that enables a hacker to run malicious code on a goal’s machine remotely, equivalent to over the web. It’s one of many worst sorts of vulnerabilities because it can provide the hacker direct entry to the goal’s laptop.

At this level, there is no such thing as a public proof that factors in that course.

Regardless of the eye that his hacks triggered, Destroyer2009 stated that “players shouldn’t worry about it” as a result of he doubts others will determine what vulnerability he used, and how one can exploit it, earlier than it will get patched.