{"id":24199,"date":"2024-03-20T15:10:03","date_gmt":"2024-03-20T23:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/03\/20\/news-17929\/"},"modified":"2024-03-20T15:10:03","modified_gmt":"2024-03-20T23:10:03","slug":"news-17929","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2024\/03\/20\/news-17929\/","title":{"rendered":"Apex Legends Global Series plagued by hackers"},"content":{"rendered":"\n

The North American finals of online shooter game Apex Legends has been postponed after games were disrupted by hacking incidents. <\/p>\n

Apex Legends, published by EA, is currently in an important stage of its Global Series, the regional finals mode. This is a big deal for the top players since there is a $5 million prize pool, with a few of the top teams in each region set to battle it out in the finals.<\/p>\n

But on Monday, the Apex Legends official X account tweeted that it had postponed the contest after deciding the “competitive integrity” of the series had been compromised.<\/p>\n

\n
\n
\n

Due to the competitive integrity of this series being compromised, we have made the decision to postpone the NA finals at this time.
We will share more information soon.<\/p>\n

— Apex Legends Esports (@PlayApexEsports) March 18, 2024<\/a><\/p><\/blockquote><\/div>\n<\/figure>\n

According to PCGamer<\/a>, there were at least two major incidents:<\/p>\n

\n

\u201cFirst, Noyan “Genburten” Ozkose of DarkZero suddenly found himself able to see other players through walls, then Phillip “ImperialHal” Dosen of TSM was given an aimbot.\u201d<\/p>\n<\/blockquote>\n

An aimbot is a program or patch that allows the player to cheat by having the character’s weapon aimed automatically. Using cheats like those would lead to immediate disqualification and total loss of respect if done on purpose.<\/p>\n

The volunteers of the Anti-Cheat Police Department warned players against playing any games protected by Easy Anti-Cheat (EAC) or any EA titles for a while, because they suspected a Remote Code Execution (RCE) exploit was being used against the players.<\/p>\n

\n
\n
\n

PSA: There is currently an RCE exploit being abused in @PlayApex<\/a>. It is unsure whether it comes from the game or the actual anti-cheat (@TeddyEAC<\/a> ). I would advise against playing any games protected by EAC or any EA titles once they have fixed this or can comment.<\/p>\n

Currently,\u2026<\/p>\n

— Anti-Cheat Police Department \"\ud83d\udd75\" (@AntiCheatPD) March 18, 2024<\/a><\/p><\/blockquote><\/div>\n<\/figure>\n

However, recent developments point less toward an RCE being the cause and more to an actual infection on the players’ computers…<\/p>\n

Malwarebytes to the rescue<\/h2>\n

In a livestream<\/a>, affected gamer ImperialHal spoke to cybersecurity expert \u201cPirateSoftware,\u201d who has been investigating the attacks.<\/p>\n

ImperialHal uses Malwarebytes to scan his machine which flags an inbound connection from an IP address linked to a server known for malicious activities. <\/p>\n

\"Malwarebytes<\/p>\n

It appears that the attacker had direct access to ImperialHal’s computer, likely via a Trojan. PirateSoftware concluded:<\/p>\n

\n

“I don’t see evidence of Apex having RCEs. It does not mean that it’s impossible but I still don’t see evidence, while I do see evidence of him having direct access to your machine.”<\/p>\n<\/blockquote>\n

Protect yourself<\/h2>\n

We recommend that all gamers scan their computers with reliable security software<\/a>. Malwarebytes Premium for Windows’ Brute Force Protection feature blocked the connection from being made to ImperialHal’s computer, so make sure you enable that feature.<\/a><\/p>\n

\n

We don\u2019t just report on threats\u2014we remove them<\/strong><\/p>\n

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

The North American finals of the Apex Legends Global have been postponed after at least two hacking incidents. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[32,26699],"class_list":["post-24199","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-news","tag-personal"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24199","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24199"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24199\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24199"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}