The fact that Riot isn't taking this seriously is crazy, you have the most competitive well loved server in your game not being able to play the game. what do you think will happen? less tournament appearances, less streaming views, less bought skins etc. Riot needs to take a serious look at this before it's too late.
Though on hindsight, I would say Riot probably are working on it undercover and don't want to publicly announce it in the fear that the DDOSERs are going to go into hiding. We'll just have to see, though I wish they weren't doing radio silence as it can look off-putting.
Are we really surprised they're not paying attention to this? I'm always confused at these comments when riot has showed for years they don't give a fuck about there game as long as money is still coming in.
But thats the thing it will affect money flow. Like it or not the lck is a huge part of lwagues income. So I agree with bb they probably are keeping hush to avoid being found out. Even if it does make them look bad visually.
I honestly never expected this level of production value when I first started to watch your vids in summer of 2022. This video is really interesting and informative, thanks Ryscu! :D
Its not just the production value he also seems to know about what hes talking about which is actually quite refreshing to see tbh, its not really required as long as the info provided is accurate to the research done, but it sure is a nice bonus 👍 (im talking about how he seems to know about computer science, and such).
I could not agree more! I was about to write the same exact comment beside I joined this community 2023! I appreciate the work putted in for such a great and very informative video!
DOS Attack = Large amount of packets sent to client to crash. DDOS Attack = Large amount of packets sent from a lot of other places (like a botnet) to crash a client.
DOS hasn't been used for a long time as your modem itself can block incoming useless empty packets from a single ip. Even now DDOS with only 10-20 computers most likely won't work.
I know Faker wouldn't do it, but imagine if Faker said unless they fix DDOS issue that he wouldn't attend MSI or Worlds, how fast would you think Riot would fix the issue?
@@ImaskarDononope.he simply can't join another team until 2025,but the contract can't force him to play.he can choose whether he wants to attend or not
@@ImaskarDono True, T1 and Faker specially has a lot of sponsors. T1 itself would encourage or in worse case, force Faker to play due to pressure from those sponsors. Unless those sponsors and T1 itself are in line of Faker's actions, he just can't do that because every one will suffer (financially).
12:45 As someone who works in IT-Security for companies. Most likly scenario is communication hell, left hand right hand problem. 3 Seperate entities are involved with this so i'm pretty sure "bureaucracy" is the main reason for the slow responses. Meetings with too many people are hell, esp. if the circumstances are cloudy.
@@iceicejay9569 No, it is hard to communicate in big meetings. Even meetings with as few as 6 or 7 other people are hell. Companies are harder to run than it seems, especially with dire circumstances.
@@HappyGick again false. Companies choose ti have issues because a dozen people believe they are important enough to be involved instead of using deligate and do
@iceicejay9569 while my statement might be wrong, it's also wrong to say their assessment on the plausible cause is incorrect as we aren't the ones on the ground. While we don't have the exact info, we're mostly assuming the possible causes with the current information that we have as of current
the sleuthing here is mad impressive ngl, to not only find threads from almost a decade ago and link up the sequence of events that have no clear connection to come to an understanding is mad cool af!
A company who has their source code leaked, due to that they get spam DDOS, and they can't fix it.... but they want their players to download a Kernel Level Anti-cheat... Right.
Not to erm actually, but just an FYI, the problem isn't the Kernel-Level Access (every anti-cheat does that), it's the fact Vanguard launches itself in the background every single time your PC launches and stays open even if you don't play a Vanguard-protected game. THAT'S what makes it pseudo spyware. Just reminding you before there's 5 more comments going "uhm did u kno every anticheat is kernl level u stopid"
@@ultimaabyssal2484 Yeah I know lol. I'm a computer engineer. I'm not referring to the Spyware issue, which yes, it IS an issue. But in this case I'm talking about the fact that Riot is using a proprietary cheat engine when company code was leaked and the full extent was never (at least that I know of) disclosed. The leak has caused problems (DDoS on competitions) that Riot hasn't fixed. That makes it installing a proprietary kernel level anti cheat quite a risk. EVEN MORE SO with the whole other issue you mentioned.
What? The entire point of Vanguard is to make sure something like this doesn’t happen. Riot KR is doing nothing right now cos once Vanguard Is enabled they will get rid of their anti cheat
Amazing job Ryscu! I've had the pleasure of watching your videos for a long time now, and seeing you continue to create amazing content makes me very happy!
I gotta say i love ur new takes on being a somewhat documentary channel now instead of, idk, a normal league channel with clips of ur own games and mostly short vids about some news that happened in league. I love the new longer format videos
During 2023 my account got hacked. I was extremely curious considering I only used that particular pc for league and nothing else. I sent in a ticket and was able to recover my account. The customer support informed me of various ways to keep my account safe and general security tips. I let them know that the only logical way my account could have been hacked was through a leak on their end. They told me no such thing had occurred. Funny, very funny.
And that my friends, is the reason you shouldn't install vanguard. Not because "omg tencent will steal my data", but because something like this or worse can happen if a hacker manages to get his hands on the code.
Maybe it will become a future randomware "Pay up or I'll install Vanguard!" Besides League is just a moba, it's not a rare game, there's countless of copies out there! it's not something worth risking.
if that actually happens, vanguard will become Ransomware, For now it's Spyware but if hackers dig a hole on that shitty anti-cheat, it's Joever madafaka.
I love the amount of effort and quality that go into these videos! Thanks for keeping us all in the loop on these things. And can't wait to see the next pog quality video
From the sounds of it a Riot Games Director clicked a suspicious link and that was enough to leak the source code for their anti cheat giving hackers the ability to see any user's IP and ddos them. And they want me to install an app that can fuck with anything on my computer at any time? yeah no.
different teams. Only few ppl have access to Vanguard, with those being IT-Security experts. Other than the source code of league to which only few users have access to.
Even worse. It was a social engineering attack. Someone acted like they were someone else within Riot to obtain a developer's credentials to do so. Riot clearly doesn't train their employees on cybersecurity or has meaningful controls in place to prevent social engineering attacks like MFA or geofencing. It's one of the reasons why I'm not going to continue playing League once Vanguard comes to live. After the cyberattack, Riot expects me to trust them with 24/7 ring 0 access. Incidentally that is the second. Vanguard is needlessly intrusive. It doesn't need to run at system boot with the highest possible privilege level. That's just asking for a privilege escalation attack to occur. Or something similar that happened to Genshin Impact that also had a 24/7 ring 0 anticheat. I actually wouldn't necessarily mind Vanguard if it didn't require 24/7 access. I understand the need for kernel level anticheat, I heavily disagree with the requirement to run it at system boot.
@@riven4121 It really doesn't matter if it runs at system boot and it also doesn't need to, level 0 is a rootkit afterall. EAC, VAC, Battleye, Ricochet and many more AC that use kernel are just as dangerous and damaging to your PC as Vanguard. Difference is that those AC are in the hands of westerners so unless they sell out to CSTO or China directly (which there is a likelyhood, but it's much smaller than the CCP abusing their power over Tencent) we have much less to worry about those AC. Needless to say if you work at any place, installing any 0 level will get you immediately fired because it already bricked your system and has access to the entire network.They're all equally intrusive and destructive even without being permanently active on your device. Giving any app access to level 0 rings makes your entire network a liability, at any point, even if you uninstall said program.
If only code was from Riot. Demacia was developed by an actual competent developing studio. If Demacia was developed by Riot I do not believe hackers would be able to decipher the nonsense coding.
Doing DDOS attacks is one of the easiest things to do with a computer lmao. Which makes it kinda puzzling to think that they don't have better protections for it in the LCK. Or in league servers in general.
I find it extremely sus that the same year, when professional chinese players are being investigated for fixing matches, you have DDOS attacks basically ruining the LCK side of things.
My rough asumption said the DDOS came from one or some of the "€h1n3$3" team that really don't want to see T1/Faker taking appearances on the big turney so they may think they have bigger chance of winning without T1/Faker being in the competition, since our small indie developer owned by big daddy 10€ they just told rito to "hush... we want team from our motherland to win" or just basically sleeping on it up until any negative uproar happens.
Can't believe you dove this deep into the scandal, I thought it'd just be one of them where Riot sweep it under the rug. Awesome stuff shedding some potential light on things!
Good video, small thing I would like to point out is that vanguard is able to access any files on your computer, it is the max level of inteusive program and being able to see anything in the last 48 is a limitation implemented by the developers themselves, as vanguard is not open source there is no reason to believe this or more is not able to be done within any given system
Anyone else find the timing interesting? The only team to roll china. T1. Where is MSI this year? China. China's only major competition, has been rekt from constant attacks. Probably looking too much into it but still.
Thats the stupidest shit ive seen all day. The ddos started before lck playoffs. So you saying china dont care about any other lck teams? No Geng Hle just T1. And some people were playing on the China server with no problem
@@Rosawwwyeah thats what makes it suspicious, Chinese servers not having trouble is just plain sus. The timing of it all is just too convenient to be a coincidence. Im pretty sure riot and LPL has nothing to do with this, its probably some devious chinese party
Obviously it’s China. Why else would Riot do nothing bout it. Makes no sense. Chinese flipped after the last worlds and they’ve been exploiting and abusing the Korean system too long
Man Ryscu, I have to say you've gone from a well researched news RUclipsr with nice personality to a top notch content creator. I love your new style of videos, keep up the phenomenal work ❤
The fact that Riot is not taking this seriously is actually very expected outcome. They don’t take ANYTHING seriously for many years by this point. Client and game have dizens of obvious bugs for 3-4 years straight or more. Game’s purchases become more and more expensive. LoL is a cashgrab dead lamb. We play only because there is no alternative.
Behold: Dota 2. Please play Dota 2 instead. Don't have to spend 20 dollars for pretty cosmetics, report system actually works, and balance is cared about instead of whatever the devs use to climb.
The reason why league is not played on LAN is cost and physical security. When league is played on LAN riot has a 24/7 guard on the server. Most studio locations are close to live servers so they don’t normally require LAN servers for the pro leagues.
Insanely well put together. Even tho there's no hard confirmation, there don't seem to be any other possibilities. Like seriously, anti cheats should stop requiring access to everything on your PC and check interference with the game instead. The hack just exposed how much data the company is collecting from its users and how easy it is for them to access whatever they want.
I think Riot will not address this issue. If Hackers can get the IP address, which is kind of personal information (or at least the news outlets/reddit would call it personal data), through Riots anti-cheat, what do you think would be the news and opinions online for Vanguard. Vanguard is already a hot topic and something similar failing like Demacia (similar enough for news and reddit) would only spell disaster for Vanguard. The best move would be probably to stay silent and just replace Demacia with Vanguard.
Wow video essays are one thing but this is legit great journalism and borderline pro investigative sleuthing… all while being entertaining, and not 2 hours long. Very nice 👍
Nuclear weapon was probably mistranslation because the word for ‘nuclear’ and ‘hack’ are homophone words. And hack in terms of gaming in Korean means cheat softwares like aimbot
To me the fact that Riot isnt talking about fixing the issue is a GOOD sign. In case like this you don't want the opponnent to know where you are currently at by fixing the issue and maybe it have more to do about legal act they want to do on the attackers so obviously it will take some more time before we will ear about the mesure they will take about the problem. It's not because they are silent about it that they are doing nothing, assuming that would be a wrong way to get to the conclusion
Great message for those, who think Vanguard won't be hacked and "we are not important to steal our data". Who's still excited to install a rootkit for hackers with unlimited access on your PC?
"Riot Korea either doesn't know the solution or worse they don't care" you are forgetting the 3rd even worse option: they are the attackers...I've seen it happen in big companies too many times to not think about it....
I highly doubt Riot Korea is intentionally trying to harm their own playerbase by stopping them from playing the game they made. It's without a doubt the dumbest and anti-money strategy to have ever existed
@@ComaDoccYT thinking only at surface level and not deep enough but its normal for people who don't know how big company works and profit. Then maybe it's not like that but trust me it could be possible and way more than you think.
@@ComaDoccYT You can find angry employee in every big company (that's why HR is a thing). It's not impossible thought that this might be an insider job that aim for a revenge act or something like that
@@ComaDoccYT XIGNCODE is bad anti cheat tho. It have been used in every online games i played back then & always there are cheaters. Atleast Vanguard surprisingly had lowest cheaters population on Valorant comparing to other Online games
Likelyhood that if you installed PBE before, you already had Vanguard on your PC. There is also a chance that Riot has implemented such a rootkit in any earlier patch throughout the last 14 years and since Tencent is not to trust very much, I'd argue it's safe to say that anyone that has had League on their PC installed, might have a bricked network regardless.
@@라마현명한 I agree with the sentiment here, I have a certain risk tolerance, Vanguard goes beyond that. Also I do not have Vanguard, I did not install PBE or Valorant.
Nice investigation, this is an extremely compelling explanation. I think it's safe to say Demacia and the sourcecode leak is the cause. It's a perfect explanation and nothing else really fits quite right as far as traditional IP sleuthing methods. At this rate it's probably fastest for them to just pull the trigger and switch Korean servers to Vanguard instead of Demacia as the permanent fix. I can't imagine they ever get ahead again in the hacker vs developer race now that the entire anti-cheat has been reverse engineered, unless they switch to a new program altogether.
Hey, you know how people keep saying Vanguard is a potential security issue? This kinda shit is why. Remember, Vanguard runs _all the time,_ even when you're not ingame, so if a similar exploit is found for Vanguard, you get to choose between having your IP address leaked or uninstalling the Riot Client entirely.
IP address leak would be the least of your concerns 😂 Vanguard will have access to absolutely everything. Your passwords, saved/typed credit cards, etc
Damn I can't believe that I'm just watching today. This is an unbelivable fuck up Riot needs to address especially since vanguard was implemented. Props to you for giving a proper history lesson on how players used to ddos players to by the way through skype and malicious links, as most gamers these days really don't understand how fucked it was in the day when someone obtained your IP info. There are games that I've played in the pass where players would get so upset to the point of ddosing the entire server for days on end so no one was abl eto play at all If this is built into their anti cheat system, then vanguard as I've feared may also be exposed to allow players to be able to obtain people's IPs by simply knowing their usernames. I got a lot of shit back when Riot made changes back in the day for removing usernames out of games, because I believed it to be an unnecessary piece of information towards winning the game that league players winned about it's removal due to the unusual amount of data league provided to players to allow then choices to run in games. This piece of info genuinely further supports that argument, not only for pro players, but for all players in general probably shouldn't get that information, if they're not able to fix the issue in their code. The main priority therefore needs to be tha tRiot has to implement a streamer dashboard to hide usernames on the client as well as in game. I imagine if this is true, this will spead over to all servers to also not only pro players, but also to streamers, where eventually they will be losing their livelyhoods being ddosed by deranged fans.
I'm so happy that finally we have a video talking about riot's source code leak last year. I am suspicious of the very first purpose of riot's ip-gathering. Do they really need to do that?
I've said this before, but Riot will never be silent when Faker is involved. UNLESS IT'S SOMETHING BIGGER THAN FAKER. LCK is not bigger than Faker. But LPL? China specifically?
Such a good video. Also with the fact that people are able to aggregate the usernames so quickly seems like it's also partially an inside job plus the hackers having access to the anti cheat.
I'd like to keep reiterating I could easily listen to 30-45 minute YT content from you (if your content ever shifts gears towards something like that). Thank you so much for keeping me up to date, King. I don't play anymore, but it's good to keep up with the competitive scene. P.s. love the outdoor studio.
Just waiting for the class action law suit now. “We don’t keep your private data / we’re not interested in your private data” … *gets hacked* “we’re confident everything will be fine!!!”
Going by this logic. If we allow Vanguard to be downloaded on our PC's, and IF there is a sucessful hacker that is able to get the source code of Vanguard, it is possible that everyone's ip address could be shown because of Vanguard's kernal level access to our PC. Even worse than what Korea has. This looks worse in terms of security breach for all of us. This looks like a super big weakness for LOL if they want to keep it secure.
Before I even get 5 min into the video... this is ENTIRELY Riot's fault. It's the same typical behavior from them from the last decade. They only do enough to get by... rather than what they should do to ensure quality going forward. Just like with anything else, it takes massive bad PR, backlash, etc from big names, orgs, streamers, pros, w/e for them to actually acknowledge and do anything of substance. The player experience being shit... yeah, they don't care until voyboy had to make a video that everyone from pros to iron's agreed with... and even then it took two seasons for anything substantial to be good.. and we still struggle with bots, cheaters, and game ruining behavior and now we have even less ways to communicate with our team without fear of bs bans. You want LOL to be secure... they should start with fixing their shit client rather than making excuses that 'most ppl couldn't play anymore' if they fixed it. We don't need a client with ray tracing and cyberpunk level graphics, we just need it to stop being buggy all the damn time. It's basically just a damn chrome browser/java session. You want your connection in pro league to be better... then why the eff do you still send comms/etc through the internet instead of a local server/subnet only? How about that easy and simple change... rather than it being just a response? You want Teams to not be having their players DDOS'd? How about you invest in some more cybersecurity measures. Actually, almost every one of these issues were things pointed out by the community before, long before, the issues became major ones. What the hell kind of change management does riot have? Sure the game goes on, but it's getting less and less new players every single year. It's going to die of attrition one day when it could be much more. It could be better... but they'll always settle for status quo or less when they keep getting money for being lazy.
Ok, finished the video.... everything I said still stands. They've had DDOS issues in the past and never fixed it... (ahem, cough, Jensen doing it to get high elo).
You're all over the place. You talk about security, but then go on about how "buggy the client is". That is not a security issue. Stay on topic, next time.
Simple explanation, riot is owned by tencent, a chinese company. And since LCK is from Korea, which is the direct competitor to LPL they would not want to do anything about the DDOS attacks. You have to wonder why the DDOS attacks are only affecting LCK and not other regions, its because most of the attackers are from china.
Most IP addresses these days are absolutely not dynamic as the way we would use the word dynamic to understand other things that are dynamic, your public IP address will almost never change until you tell your ISP you are being attacked, then it is on the ISP's shoulder. Most if not all medium to small businesses that are not geared for DDOS will be easy DDOS targets, which means location,network infrastructure, client, streaming are all your weaknesses that needs to be covered. Which is overwhelmingly complicated for any team which don't have a dedicated network engineer who is familiar in this field.
Download Outplayed for FREE today! ✅
www.influencerlink.org/SHKJn
The fact that Riot isn't taking this seriously is crazy, you have the most competitive well loved server in your game not being able to play the game. what do you think will happen? less tournament appearances, less streaming views, less bought skins etc. Riot needs to take a serious look at this before it's too late.
Though on hindsight, I would say Riot probably are working on it undercover and don't want to publicly announce it in the fear that the DDOSERs are going to go into hiding. We'll just have to see, though I wish they weren't doing radio silence as it can look off-putting.
Are we really surprised they're not paying attention to this? I'm always confused at these comments when riot has showed for years they don't give a fuck about there game as long as money is still coming in.
But thats the thing it will affect money flow. Like it or not the lck is a huge part of lwagues income. So I agree with bb they probably are keeping hush to avoid being found out. Even if it does make them look bad visually.
@@coldsun29 Kekw, sure they don't care lmao
Really those kind of comments are always so ridiculous
The fact that you think that Riot isn't taking this seriously is the truly crazy thing, lol. How inane.
I honestly never expected this level of production value when I first started to watch your vids in summer of 2022. This video is really interesting and informative, thanks Ryscu! :D
Agreed. The editing, music, and graphics are top notch. An actual professional production here, great job Ryscu and editor(s)!
Ryscu is the GOAT
Its not just the production value he also seems to know about what hes talking about which is actually quite refreshing to see tbh, its not really required as long as the info provided is accurate to the research done, but it sure is a nice bonus 👍 (im talking about how he seems to know about computer science, and such).
It's 2024. You can lose the mask now
I could not agree more! I was about to write the same exact comment beside I joined this community 2023! I appreciate the work putted in for such a great and very informative video!
DOS Attack = Large amount of packets sent to client to crash.
DDOS Attack = Large amount of packets sent from a lot of other places (like a botnet) to crash a client.
To add on, DOS is denial of service, whereas DDOS is distributed denial of service
😅this is actually a good thing , you have to care to fix something , Riot wiil have to care 😮 oh no riotards what you gonna do now?
@@LightAndShadow90 what is bro yapping about
@@LightAndShadow90?
DOS hasn't been used for a long time as your modem itself can block incoming useless empty packets from a single ip. Even now DDOS with only 10-20 computers most likely won't work.
I know Faker wouldn't do it, but imagine if Faker said unless they fix DDOS issue that he wouldn't attend MSI or Worlds, how fast would you think Riot would fix the issue?
I guess, he's contract jailed. But that would be a true GOAT move.
t1 are the most screwed by the ddos out of every pro, i wish they did that.
@@ImaskarDononope.he simply can't join another team until 2025,but the contract can't force him to play.he can choose whether he wants to attend or not
@@aaabbb-zc7sx contracts with sponsors can force a lot of things. "To force" is relative, of course.
@@ImaskarDono True, T1 and Faker specially has a lot of sponsors. T1 itself would encourage or in worse case, force Faker to play due to pressure from those sponsors.
Unless those sponsors and T1 itself are in line of Faker's actions, he just can't do that because every one will suffer (financially).
12:45
As someone who works in IT-Security for companies.
Most likly scenario is communication hell, left hand right hand problem.
3 Seperate entities are involved with this so i'm pretty sure "bureaucracy" is the main reason for the slow responses.
Meetings with too many people are hell, esp. if the circumstances are cloudy.
The problem isnt the beaurocracies being involved. They choose to have poor communication.
@@iceicejay9569 No, it is hard to communicate in big meetings. Even meetings with as few as 6 or 7 other people are hell. Companies are harder to run than it seems, especially with dire circumstances.
@@HappyGick again false. Companies choose ti have issues because a dozen people believe they are important enough to be involved instead of using deligate and do
@iceicejay9569 while my statement might be wrong, it's also wrong to say their assessment on the plausible cause is incorrect as we aren't the ones on the ground.
While we don't have the exact info, we're mostly assuming the possible causes with the current information that we have as of current
@@iceicejay9569 ...Isn't that just saying "bureaucracy" in a different way?
the sleuthing here is mad impressive ngl, to not only find threads from almost a decade ago and link up the sequence of events that have no clear connection to come to an understanding is mad cool af!
A company who has their source code leaked, due to that they get spam DDOS, and they can't fix it.... but they want their players to download a Kernel Level Anti-cheat... Right.
So real. This game company is so pathetic and so is this game.
Not to erm actually, but just an FYI, the problem isn't the Kernel-Level Access (every anti-cheat does that), it's the fact Vanguard launches itself in the background every single time your PC launches and stays open even if you don't play a Vanguard-protected game. THAT'S what makes it pseudo spyware. Just reminding you before there's 5 more comments going "uhm did u kno every anticheat is kernl level u stopid"
@@ultimaabyssal2484 Yeah I know lol. I'm a computer engineer. I'm not referring to the Spyware issue, which yes, it IS an issue. But in this case I'm talking about the fact that Riot is using a proprietary cheat engine when company code was leaked and the full extent was never (at least that I know of) disclosed. The leak has caused problems (DDoS on competitions) that Riot hasn't fixed. That makes it installing a proprietary kernel level anti cheat quite a risk. EVEN MORE SO with the whole other issue you mentioned.
What? The entire point of Vanguard is to make sure something like this doesn’t happen. Riot KR is doing nothing right now cos once Vanguard Is enabled they will get rid of their anti cheat
I'm uninstalling
I dig this style of content! Thanks for all your effort
Amazing job Ryscu! I've had the pleasure of watching your videos for a long time now, and seeing you continue to create amazing content makes me very happy!
I feel like I should be paying to watch a video like this
I mean... He has a patreon 😛
Society got u rl bad
I also feel like that when watching Lemino and ColdFusion.
Ewww
I gotta say i love ur new takes on being a somewhat documentary channel now instead of, idk, a normal league channel with clips of ur own games and mostly short vids about some news that happened in league. I love the new longer format videos
During 2023 my account got hacked. I was extremely curious considering I only used that particular pc for league and nothing else. I sent in a ticket and was able to recover my account. The customer support informed me of various ways to keep my account safe and general security tips. I let them know that the only logical way my account could have been hacked was through a leak on their end. They told me no such thing had occurred. Funny, very funny.
Sometimes, passwords can be just guessed/iterated. And your email, that one's interesting. Maybe, lol-related websites?
If you used the same password and email on other websites a database with your data could have been sold on the darkweb.
They are using combo sets of mail and passwords to crack accounts you’re using the same mail and password somewhere else
@@spaceshipradio2810 nope
Had the same problem and resolution. What's more, I had my account 2FA'd but they still managed to hack it.
And that my friends, is the reason you shouldn't install vanguard. Not because "omg tencent will steal my data", but because something like this or worse can happen if a hacker manages to get his hands on the code.
Maybe it will become a future randomware "Pay up or I'll install Vanguard!"
Besides League is just a moba, it's not a rare game, there's countless of copies out there! it's not something worth risking.
Both concerns are valid, actually.
Perfect time to quit this shitty game
if that actually happens, vanguard will become Ransomware, For now it's Spyware but if hackers dig a hole on that shitty anti-cheat, it's Joever madafaka.
I love the amount of effort and quality that go into these videos! Thanks for keeping us all in the loop on these things. And can't wait to see the next pog quality video
Dom and thorin saying "gO To PC BaNg" 😂 like that will fix the problem
@Jerome_111 yeah thats the reason you are not a pro player xdd
@Jerome_111ikr mental training. Fucking pros making lazy excuses.
@Jerome_111 average IWtencent and orange dude fan
Hahaah this is funny 🤣
Send this to them.
From the sounds of it a Riot Games Director clicked a suspicious link and that was enough to leak the source code for their anti cheat giving hackers the ability to see any user's IP and ddos them. And they want me to install an app that can fuck with anything on my computer at any time? yeah no.
It’s a private company.
different teams. Only few ppl have access to Vanguard, with those being IT-Security experts. Other than the source code of league to which only few users have access to.
Even worse. It was a social engineering attack. Someone acted like they were someone else within Riot to obtain a developer's credentials to do so. Riot clearly doesn't train their employees on cybersecurity or has meaningful controls in place to prevent social engineering attacks like MFA or geofencing.
It's one of the reasons why I'm not going to continue playing League once Vanguard comes to live. After the cyberattack, Riot expects me to trust them with 24/7 ring 0 access. Incidentally that is the second. Vanguard is needlessly intrusive. It doesn't need to run at system boot with the highest possible privilege level. That's just asking for a privilege escalation attack to occur. Or something similar that happened to Genshin Impact that also had a 24/7 ring 0 anticheat.
I actually wouldn't necessarily mind Vanguard if it didn't require 24/7 access. I understand the need for kernel level anticheat, I heavily disagree with the requirement to run it at system boot.
@@riven4121 It really doesn't matter if it runs at system boot and it also doesn't need to, level 0 is a rootkit afterall. EAC, VAC, Battleye, Ricochet and many more AC that use kernel are just as dangerous and damaging to your PC as Vanguard. Difference is that those AC are in the hands of westerners so unless they sell out to CSTO or China directly (which there is a likelyhood, but it's much smaller than the CCP abusing their power over Tencent) we have much less to worry about those AC.
Needless to say if you work at any place, installing any 0 level will get you immediately fired because it already bricked your system and has access to the entire network.They're all equally intrusive and destructive even without being permanently active on your device.
Giving any app access to level 0 rings makes your entire network a liability, at any point, even if you uninstall said program.
@@MisterAssasine lol they got the anti-cheat of korea. How long will it take them to get Vanguard eventually?
the video quality is amazing!!! great at explaining
when you want to build you own Fat Boy, but instead you stumble on some RIOT spaghetti
If only code was from Riot. Demacia was developed by an actual competent developing studio. If Demacia was developed by Riot I do not believe hackers would be able to decipher the nonsense coding.
The fact that riot is taking this seriously is extremely unpredictable...WHEN HAVE THEY EVER DONE ANYTHING FOR THERE PLAYERS
Bro, amazing quality of the video, so fun to watch and from a structure perspective the video is god. Hope to see more content like this
People who DDOS should be removed from ever being able to use a computer that can connect to servers.
i mean, its illegal so it's time to track them down
Doing DDOS attacks is one of the easiest things to do with a computer lmao. Which makes it kinda puzzling to think that they don't have better protections for it in the LCK. Or in league servers in general.
And who are you to get to say people who do "x" should be "y"?
It's a federal offense if they press charges, so they do lose their access to a computer in prison. Most of the time they are just never caught.
@@Nateyoddos from one pc yes. This is the lowest efford of ddos and most Commonly people use botnets of infected clients
I have never seen Faker look so....defeated :(
Never in my existence on this rock have i ever seen a company so incompetent so deaf so afraid of facing challenges than Riot Games absolute shit show
And yet T1 won despite it all, one of the greatest bird flips at the people involved in the whole DDoS situation.
I find it extremely sus that the same year, when professional chinese players are being investigated for fixing matches, you have DDOS attacks basically ruining the LCK side of things.
My rough asumption said the DDOS came from one or some of the "€h1n3$3" team that really don't want to see T1/Faker taking appearances on the big turney so they may think they have bigger chance of winning without T1/Faker being in the competition, since our small indie developer owned by big daddy 10€ they just told rito to "hush... we want team from our motherland to win" or just basically sleeping on it up until any negative uproar happens.
Can't believe you dove this deep into the scandal, I thought it'd just be one of them where Riot sweep it under the rug. Awesome stuff shedding some potential light on things!
Good video, small thing I would like to point out is that vanguard is able to access any files on your computer, it is the max level of inteusive program and being able to see anything in the last 48 is a limitation implemented by the developers themselves, as vanguard is not open source there is no reason to believe this or more is not able to be done within any given system
Anyone else find the timing interesting? The only team to roll china. T1. Where is MSI this year? China. China's only major competition, has been rekt from constant attacks. Probably looking too much into it but still.
nah its china
Thats the stupidest shit ive seen all day. The ddos started before lck playoffs. So you saying china dont care about any other lck teams? No Geng Hle just T1. And some people were playing on the China server with no problem
@@Rosawwwyeah thats what makes it suspicious, Chinese servers not having trouble is just plain sus. The timing of it all is just too convenient to be a coincidence.
Im pretty sure riot and LPL has nothing to do with this, its probably some devious chinese party
@@Rosawww I am not saying they did it but China is very well known for using very dirty tactics to get what they want. Be it land or recognition.
Obviously it’s China. Why else would Riot do nothing bout it. Makes no sense. Chinese flipped after the last worlds and they’ve been exploiting and abusing the Korean system too long
Tbh the Chinese doing ddos to t1 in retaliation for the worlds humiliation seems kinda legit
As much as I would love to just turn my brain off and go China bad, there is literally zero evidence lmao. Fun conspiracy idea tho.
How Riot isn’t taking their biggest and most popular team seriously is crazy
great vid, the quality of these vids keeps increasing compoundly from one to the other. can't wait to see what's in store :D
Riot’s owned by a Chinese company. Chinese abusing and trolling on the Korean server has been an unaddressed issue for years. Now this
Man Ryscu, I have to say you've gone from a well researched news RUclipsr with nice personality to a top notch content creator. I love your new style of videos, keep up the phenomenal work ❤
The fact that Riot is not taking this seriously is actually very expected outcome. They don’t take ANYTHING seriously for many years by this point. Client and game have dizens of obvious bugs for 3-4 years straight or more. Game’s purchases become more and more expensive. LoL is a cashgrab dead lamb. We play only because there is no alternative.
Behold: Dota 2.
Please play Dota 2 instead. Don't have to spend 20 dollars for pretty cosmetics, report system actually works, and balance is cared about instead of whatever the devs use to climb.
@@ultimaabyssal2484 "TIs prizepool is sponsored by YOU guys!" - "sike we take half of it for ouselves, later idiots". Truly not a cashgrab. :^)
The reason why league is not played on LAN is cost and physical security. When league is played on LAN riot has a 24/7 guard on the server. Most studio locations are close to live servers so they don’t normally require LAN servers for the pro leagues.
“The DDoS didn’t affect T1” -IWTencent and Gen G fanboys
I absolutely love the deep-dive style content. Thank you and well done.
Insanely well put together. Even tho there's no hard confirmation, there don't seem to be any other possibilities.
Like seriously, anti cheats should stop requiring access to everything on your PC and check interference with the game instead. The hack just exposed how much data the company is collecting from its users and how easy it is for them to access whatever they want.
I think Riot will not address this issue. If Hackers can get the IP address, which is kind of personal information (or at least the news outlets/reddit would call it personal data), through Riots anti-cheat, what do you think would be the news and opinions online for Vanguard. Vanguard is already a hot topic and something similar failing like Demacia (similar enough for news and reddit) would only spell disaster for Vanguard.
The best move would be probably to stay silent and just replace Demacia with Vanguard.
Wow video essays are one thing but this is legit great journalism and borderline pro investigative sleuthing… all while being entertaining, and not 2 hours long. Very nice 👍
Actual investigative journalism!
Mad respect man! What a fantastic video, it was a blast to watch!
Nuclear weapon was probably mistranslation because the word for ‘nuclear’ and ‘hack’ are homophone words. And hack in terms of gaming in Korean means cheat softwares like aimbot
To me the fact that Riot isnt talking about fixing the issue is a GOOD sign. In case like this you don't want the opponnent to know where you are currently at by fixing the issue and maybe it have more to do about legal act they want to do on the attackers so obviously it will take some more time before we will ear about the mesure they will take about the problem. It's not because they are silent about it that they are doing nothing, assuming that would be a wrong way to get to the conclusion
Great message for those, who think Vanguard won't be hacked and "we are not important to steal our data".
Who's still excited to install a rootkit for hackers with unlimited access on your PC?
the production and the quality of the narrative is amazing keep it up !!!
holy shit i love investigative Ryscu. I've never heard of all of this, damn
"Riot Korea either doesn't know the solution or worse they don't care" you are forgetting the 3rd even worse option: they are the attackers...I've seen it happen in big companies too many times to not think about it....
I highly doubt Riot Korea is intentionally trying to harm their own playerbase by stopping them from playing the game they made. It's without a doubt the dumbest and anti-money strategy to have ever existed
@@ComaDoccYT thinking only at surface level and not deep enough but its normal for people who don't know how big company works and profit. Then maybe it's not like that but trust me it could be possible and way more than you think.
@@ComaDoccYT You can find angry employee in every big company (that's why HR is a thing). It's not impossible thought that this might be an insider job that aim for a revenge act or something like that
Wasn't not so long ago a massive layoff?
@@ComaDoccYT XIGNCODE is bad anti cheat tho. It have been used in every online games i played back then & always there are cheaters. Atleast Vanguard surprisingly had lowest cheaters population on Valorant comparing to other Online games
Chinese hackers who are mad that T1 stopped LPL Golden Road
i hope all this Hacking continues until Riot starts to take things seriously or they break
great video. thanks for covering this topic
yeah, i've seen enough, the update that brings vanguard is gonna be it for me lmao
also good video
Likelyhood that if you installed PBE before, you already had Vanguard on your PC.
There is also a chance that Riot has implemented such a rootkit in any earlier patch throughout the last 14 years and since Tencent is not to trust very much, I'd argue it's safe to say that anyone that has had League on their PC installed, might have a bricked network regardless.
@@라마현명한 I agree with the sentiment here, I have a certain risk tolerance, Vanguard goes beyond that. Also I do not have Vanguard, I did not install PBE or Valorant.
@@라마현명한you will definitely notice an attempt to install a kernel driver. There would be unusual confirmation windows.
Great piece of journalism, really informative. This a disaster for the competitive integrity.
Such a good documentary. Loved it :) Keep up the great work and the high qualitly of these documentarys :)
topic aside, the video production is pretty insane. i love this documentary and infographic style of editing
esport matches are the only thing they're fixing. 💸
I see what you did there 😂
This is really the best insight since I've been thinking abt this issue for weeks none stop... 🤔
brilliant video mate. I felt like I was watching a documentary.
Nice investigation, this is an extremely compelling explanation. I think it's safe to say Demacia and the sourcecode leak is the cause. It's a perfect explanation and nothing else really fits quite right as far as traditional IP sleuthing methods. At this rate it's probably fastest for them to just pull the trigger and switch Korean servers to Vanguard instead of Demacia as the permanent fix. I can't imagine they ever get ahead again in the hacker vs developer race now that the entire anti-cheat has been reverse engineered, unless they switch to a new program altogether.
Incredibly well written and reasearched video! This deserves a lot of attention!!
The way you said “or otherwise I wouldn’t been able to b*tch about this” that made my day. Thank you lol
This video was sooooo well made holy fuck, everything was perfect and its not even that long
Hey, you know how people keep saying Vanguard is a potential security issue? This kinda shit is why. Remember, Vanguard runs _all the time,_ even when you're not ingame, so if a similar exploit is found for Vanguard, you get to choose between having your IP address leaked or uninstalling the Riot Client entirely.
IP address leak would be the least of your concerns 😂
Vanguard will have access to absolutely everything. Your passwords, saved/typed credit cards, etc
There is an insanely high chance that this is someone from China.
i cant wait for people to find exploits in Vanguard and use it to their advantage lol
Damn I can't believe that I'm just watching today. This is an unbelivable fuck up Riot needs to address especially since vanguard was implemented. Props to you for giving a proper history lesson on how players used to ddos players to by the way through skype and malicious links, as most gamers these days really don't understand how fucked it was in the day when someone obtained your IP info. There are games that I've played in the pass where players would get so upset to the point of ddosing the entire server for days on end so no one was abl eto play at all
If this is built into their anti cheat system, then vanguard as I've feared may also be exposed to allow players to be able to obtain people's IPs by simply knowing their usernames. I got a lot of shit back when Riot made changes back in the day for removing usernames out of games, because I believed it to be an unnecessary piece of information towards winning the game that league players winned about it's removal due to the unusual amount of data league provided to players to allow then choices to run in games. This piece of info genuinely further supports that argument, not only for pro players, but for all players in general probably shouldn't get that information, if they're not able to fix the issue in their code.
The main priority therefore needs to be tha tRiot has to implement a streamer dashboard to hide usernames on the client as well as in game. I imagine if this is true, this will spead over to all servers to also not only pro players, but also to streamers, where eventually they will be losing their livelyhoods being ddosed by deranged fans.
Very impressive journalism Ryscu, makes us aussies proud!
Im so happy Vanguard is coming.
No way Riot can screw things up right?
....
....right?
💯
They fucked it up 🤣
I'm so happy that finally we have a video talking about riot's source code leak last year. I am suspicious of the very first purpose of riot's ip-gathering. Do they really need to do that?
damn your editing has gotten really good, gives your content that little extra despite it already being very very good
I've said this before, but Riot will never be silent when Faker is involved.
UNLESS IT'S SOMETHING BIGGER THAN FAKER. LCK is not bigger than Faker.
But LPL? China specifically?
These deep dives are amazing! Ryscu seriously putting the work in.
Such a good video. Also with the fact that people are able to aggregate the usernames so quickly seems like it's also partially an inside job plus the hackers having access to the anti cheat.
Never in my life i wouldve thought a company would match the NSA and the security of boeing at the same time and same scale
Impressive research. Congratulations!
This video is extremely high quality. Great stuff
i fw the music and i fw the direction the channel is heading. keep up the good work!
this is a whole new level of documentary.. more of this i love it!
I'd like to keep reiterating I could easily listen to 30-45 minute YT content from you (if your content ever shifts gears towards something like that). Thank you so much for keeping me up to date, King. I don't play anymore, but it's good to keep up with the competitive scene. P.s. love the outdoor studio.
Just wanna say your videos have been getting crazy good with all the new production
this was an amazing video!!! the editing and info was very entertaining
Ryscu this video was amazing. i did not expect this level of research and digging from you, well done :) appreciate you!
Ryscu, this is an incredible video! The organization and the editing is really high quality!
Bro this is awesome I love when you're taking your channel keep up the good work
Sorry guys, riot cant fix this major issue, team is too busy nerfing rewards and making skins cost more all for our enjoyment 😜
This is some quality investigative journalism! Amazing!
Just waiting for the class action law suit now. “We don’t keep your private data / we’re not interested in your private data” … *gets hacked* “we’re confident everything will be fine!!!”
What an amazing video, OMG This is peak journalism. Very well done Ryscu!
Going by this logic. If we allow Vanguard to be downloaded on our PC's, and IF there is a sucessful hacker that is able to get the source code of Vanguard, it is possible that everyone's ip address could be shown because of Vanguard's kernal level access to our PC. Even worse than what Korea has. This looks worse in terms of security breach for all of us. This looks like a super big weakness for LOL if they want to keep it secure.
IF -> WHEN
IP address -> potentially all your data, including passwords, credit cards and so on
Extremely high quality videos, sir. Well done 👏
Before I even get 5 min into the video... this is ENTIRELY Riot's fault. It's the same typical behavior from them from the last decade. They only do enough to get by... rather than what they should do to ensure quality going forward. Just like with anything else, it takes massive bad PR, backlash, etc from big names, orgs, streamers, pros, w/e for them to actually acknowledge and do anything of substance. The player experience being shit... yeah, they don't care until voyboy had to make a video that everyone from pros to iron's agreed with... and even then it took two seasons for anything substantial to be good.. and we still struggle with bots, cheaters, and game ruining behavior and now we have even less ways to communicate with our team without fear of bs bans.
You want LOL to be secure... they should start with fixing their shit client rather than making excuses that 'most ppl couldn't play anymore' if they fixed it. We don't need a client with ray tracing and cyberpunk level graphics, we just need it to stop being buggy all the damn time. It's basically just a damn chrome browser/java session. You want your connection in pro league to be better... then why the eff do you still send comms/etc through the internet instead of a local server/subnet only? How about that easy and simple change... rather than it being just a response?
You want Teams to not be having their players DDOS'd? How about you invest in some more cybersecurity measures. Actually, almost every one of these issues were things pointed out by the community before, long before, the issues became major ones. What the hell kind of change management does riot have? Sure the game goes on, but it's getting less and less new players every single year. It's going to die of attrition one day when it could be much more. It could be better... but they'll always settle for status quo or less when they keep getting money for being lazy.
Ok, finished the video.... everything I said still stands. They've had DDOS issues in the past and never fixed it... (ahem, cough, Jensen doing it to get high elo).
You're all over the place. You talk about security, but then go on about how "buggy the client is". That is not a security issue. Stay on topic, next time.
Simple explanation, riot is owned by tencent, a chinese company. And since LCK is from Korea, which is the direct competitor to LPL they would not want to do anything about the DDOS attacks. You have to wonder why the DDOS attacks are only affecting LCK and not other regions, its because most of the attackers are from china.
Damn, your contents recently became so professional. Keep it up!!!
GREAT production value!!! loved this video!
Most IP addresses these days are absolutely not dynamic as the way we would use the word dynamic to understand other things that are dynamic, your public IP address will almost never change until you tell your ISP you are being attacked, then it is on the ISP's shoulder. Most if not all medium to small businesses that are not geared for DDOS will be easy DDOS targets, which means location,network infrastructure, client, streaming are all your weaknesses that needs to be covered. Which is overwhelmingly complicated for any team which don't have a dedicated network engineer who is familiar in this field.
I'm glad I quit this game because of Vanguard. I know this problem isn't with Vanguard, but something like this could happen to it too.
Yeah can't wait to see this game fall
Its best for all of us
Great video, very well edited and insightful!
Excellent production value and great video!!!