Riot Games revealed on Tuesday that hackers had stolen the source code for League of Legends and Team Fight Tactics, and the company would not be paying the ransom demanded by the hackers to get the code back.
It’s the latest in a spate of data hacks at prominent game firms and implies both titles could be increasingly vulnerable to cheaters in the coming months. Analysis done over the weekend indicated that the attackers had exfiltrated source code for League, TFT, and a legacy anti-cheat platform, Riot Games said in a tweet.
This morning, we were hit with a ransom email. We, of course, refuse to contribute financially. Riot Games reported late last week that its systems had been “compromised” by a social engineering attack. However, the business did say that the incident would delay the rollout of patches for sure of its games, even though no user data or personal information had been compromised.
Company officials have not yet confirmed the methods the alleged attackers used to steal the source code for one of the most popular multiplayer games in the world, but “social engineering” may indicate that an employee fell for a phishing scheme on another platform and unknowingly gave out their login credentials.
A hacker did this last year to the NFT game Axie Infinity, draining hundreds of millions of dollars worth of cryptocurrency. It has also been speculated that a Slack login was used in the recent hack of Rockstar Games, which resulted in the unprecedented disclosure of in-development Grand Theft Auto VI assets. There is no denying the increasing prevalence of ransom hacks.
Riot Games, the company behind League of Legends and Valorant, was targeted by a social engineering attack.
Luckily for gamers, as of this time there's no indication that player data or personal information was stolen.https://t.co/zngj9WFdxq #riotgames
— F-Secure (@FSecure) January 23, 2023
Other well-known game developers and publishers have fallen victim to hackers recently, including Cyberpunk 2077 developer CD Projekt Red and Elden Ring publisher Bandai Namco. When asked for more information, a Riot Games representative politely declined to elaborate but did say that the firm planned to publish a detailed postmortem on the breach, including the attack vectors,” in the near future.
Riot Games resumed their Twitter thread today by saying, “Since the attack, we’ve been working to assess its impact on anti-cheat and to be prepared to implement patches as swiftly as feasible if needed.” However, the business disclosed that the compromised builds also included experimental new features for League of Legends (Wild Rift) and Team Fight Tactics.
Quick update, players. The team completed a hotfix that will include a lot of the content that was scheduled for patch 13.2. It’ll go live on January 26, but unfortunately, we won’t be able to include the Ahri ASU and some other stuff, which we will move to patch 13.3 (Feb. 8).
— League of Legends (@LeagueOfLegends) January 24, 2023
These features are considered secret and are therefore at risk of being leaked before they are officially announced. Despite Riot Games‘ hopes, “much of this material is in prototype, and there is no assurance that it will ever be deployed,” the developer stated.
The company added that it is assisting law authorities with their investigation into the attack and hopes to have its systems back up and running by the end of the week so that normal game updates can resume. There were layoffs at several gaming and technology companies last week, and Riot Games was no exception, letting go of around 50 workers.
Follow us on Twitter and Google News to get the most up-to-date info and headlines.