Was Apex Legends Hacked Live?
HTML-код
- Опубликовано: 12 июн 2024
- Apex Legends was hacked live during one global series, one of the largest esports tournaments. How did the hackers do it? Is Apex Legends safe to play? Let me know your thoughts in the comments. It is important to watch the last video to understand why some comments were made: • Is Valorant Spyware? Get Crowdsec for free and block DDOS attacks: www.crowdsec.net/?mtm_campaig... (sponsor)
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact 
Наука
Just want to reiterate that this is a developing situation and nobody knows the full extent of the vulnerability. If you want to be safe, do not play the game. Here's the referenced Tech Crunch article featuring the hacker who "took responsibility": techcrunch.com/2024/03/20/apex-legends-hacker-said-he-hacked-tournament-games-for-fun/
and no one will ever know
Apex is a sht game anyway thanks to EA
@pcsecuritychannel
It's possible to restrict access on pc by any application outside of virtual machines ? The same way antivirus does to virus but in fonctional way ?
Because we can control in and out internet flux with firewall but i'm not aware on application level
@@brigluernos u asked a wrong question and i dont think hed have answer to ur question
@@mattlai443 Why ? 🤔😉 I saw a lot of thing people judge impossible to do in informatic stuff wich was possible to do.
I don't expect so much about it. Though we can notice for exemple Windows who can now limit some usage like hardware or gps. Through panels. On the same way any smartphones do.
So... It may be possible to forbidden some access in a way or other. You can't stop virus, spyware with that but for a "legit" application ? It don't sound to me so crazy.
If some layer of security can be accessible or develop everyone win. Of course that type of stuff may work with this game for exemple and not Valorant due to the 0 kernel access.
But i don't know. I'm not a security expert 😵💫
This very same guy was spawning several bots that could follow and attack a single player under his command. Also Hal stated to PirateGames that this would normally happen when he had the Performance stats displaying in his screen on scream, apparently there is a server or session identifier that shows in that corner of the screen that the hacker used to target them. In my opinion you only scratched the surface of the hack. There's also the messages he has sending and some connections that Hal also discovered after running malwarebytes using the remote desktop ports. Please check em out and expand the video, there's a lot of people still interested due to the silence of Apex Legends developers.
Yeah, but that's the issue in talking about this topic, there are people in the comments suggesting the game wasn't hacked at all and others suggesting it is a deadly RCE that will affect everyone; and both are mad at me for not taking their side. I tried to take a different approach by exploring the nature of the game itself, comparing it to Valorant in how much access it has to your system, which really is going to be much more relevant in the long term, but of course, most missed that point. :)
My theory is that the Apex server doesn't have a strict enough client-server controller where the client can send specially-crafted inputs (spawn AI bots, draw GUI information to the screen, etc.) to the server and the server is accepting them rather than rejecting them. Now, how is he able to specify the target of these commands (ImperialHal in this case), I don't have any best guesses here. Thor/PirateSoftware mentioned this as a possibility as well during one of his livestreams.
The cheating/harassment only occurring when Hal shows his lobby identifier is a good argument to support my theory, there's most likely a command that the client can send to the server to allow them to join that specific session, and most likely some options for that command to bypass max player limits and things of that nature.
It really seems like Respawn Entertainment left in some debug or admin commands for the server to accept and Destroyer was able to figure it out and exploit it, where the ability to spawn in AI bots on-demand is something that developers would be using when debugging or playtesting features, and joining a specific lobby-in-progress being something that admins would use.
@@Chaooo That's a similar problem to one that World Of Warcraft had many years ago, where people would craft multiple level one mages and stack them one on top of another in Stormwind. All because there was insufficient client/server validation.
That hack box title TSM ImperialHal-al Hook always makes me laugh 😂
Two important things to remember about the hacker's statements though:
1) They are the attacker of this system. Even if they claim that they had good intentions we cannot take anything they say for granted or as fact. We cannot believe anything they say. Am I calling them a liar? No, but we need to be extremely careful about trusting anything they say without any proof to back up their words.
2) I've heard that the hacker predominately communicates in Russian, which if that's true then there is a translation barrier where some of the things they say could be either lost in translation &/or mistranslated by mistake. Again, another reason not to full trust all of the words that they say b/c they might not even be 100% accurate to their original intention.
1)4:20
2)see 1
Halal cheats noway 💀💀
"Vote Putin" 😂💀
Why is RUclips trying to translate ‘vote putin’
@@thecarcreator9002This is the way
This heavily reminds me of the RCE that affects classic Call of Duty titles such as COD4, Modern Warfare 2, 3, as well as Black Ops, and a few other classic games from that era.
same but i was thinking of the rce exploit that elden ring and all dark soul's titles had. the older CoD titles are another good example
GhOs7-Operator yup sounds about right. Fuck Activision
All of the older cod games on steam are riddled with security issues. It's insane almost nothing has been done about it
@@BoxOfMysteriezlol
Didn't they fix it on cod bo3
PirateSoftware had a great few discussions about this. The streamers either had their devices compromised (there was a screenshot of one of the streamers installing Malwarebytes and it was blocking an incoming remote connection from a known jump box) and it's unrelated to Apex, or it was the server that is compromised and has nothing to do with the Apex Legends processes on the PC. I believe the latter was the case, there was nothing to worry about for a regular user as it's targeting a server and the hacker must have the server ID to target you.
Can you do an analysis on Helldivers 2 and how/when/where the anticheat lives on the system.
Great video, any chance you could cover the helldivers 2 anti-cheat n-protect game guard?
can you do helldivers anticheat next please ❤
It's a 'user space, rootkit-like' anticheat. Wouldn't touch it until there's lan play unfortunately.
Bro I just saw a short of Tony Romero’s apex game getting hacked and in that they were even able to open his browser and search so does this mean that hackers found an exploit in Apex legends or apex legends anticheat and can use it to hack our computers too? Please can you tell if this is possible and if we should just uninstall Apex legends? And should I link a separate email ID to apex account so in case if my email and password linked with apex gets compromised?
Could u check out the Surfshark AV in ur 2000 Malware test, I wonder how good it could be?
Could you do a video on Call of Duty's ainticheat Ricochet? Over the years as that franchise has gotten more scummy and all the issues with false bans, shadow bans, chat and VOIP monitoring, and the seemingly 100 page terms and condition agreement on their data collection policies, I wonder if it would be interesting.
Hey one question. What antivirus do you personally use?
Can you make a video on the Echo Pc Checker. Recently we participated in a tourney and they pc checked us with this program and after 2 days he was looking at some program at his pc and found a spyware which was looking at his files and was able to do screenshots of the desktop whenever the program wanted.
I’d like to see a response from the company that makes easy anticheat because a lot of games use it. If it can be used as a vector even when games are running that’s still a security concern.
They did. They sent out a tweet (not sure of any other official response) where they have no knowledge of any EasyCheat exploits, nor any reports other than that single Apex Legends match.
What about those AAA title games such as EA's Battlefield used to play that but never seen or heard any security holes
Thank you for shining a light on Vanguard, :)
Thank you for covering topics like this. It will definitely raise people's awareness and feed their curiosity.
Some League of Legends (Riot games) teams have had problems with DDoS attacks, making it hard for them to practice.
XD
That's what they get for not using a local server with custom clients
Can you do AV's against rubber ducky attacks?
Can I get hacked If I am using a cloud gaming service to play? Not including compromise to my steam account.
What i do if my win11 het hackt and how i now the is no app in background running ??!?!
Maybe you should cover the one Article claiming that a single connection DDoS is now possible.
hi pls do a video about mario forever ( its an old game on PC and its a malware ) i want to hear ur explaination
I just been Band off of your server and Because I was exiting and reentering the call, but wasn't my fault. My discord was crashing over and over again Was closing on his own I wasn't getting the chance to exit the call for good and If anybody sees this comment, do you know why my Discord was closing on his own or crashing?
help pls
@Franklinworrell What do you mean on Instagram?
I must say this Hack looks most like the players machines were compromised to me.
Destroyer2009 have done other things to the same players/streamers in the past.
He was able to join a match with more than 10 accounts and attacking the streamers with simple bots, basically making a zombi mode for the game.
He seems to be a bit of a troll that likes to make jokes on others expense.
The fact that it affected multiple people and tournaments like this have a lot of physical security and can easily replace PC's if one has an issue, makes me doubt this hypothesis.
@@pcsecuritychannel I was under the impression that:
Only 2 players was affected in one match.
Both players seem to be popular streamers.
The tournament was not a LAN tournament, but the players was playing on there personal pc's connecting through the internet.
The players was streaming the match while playing and there was also a "official" live stream.
The tournament was cancelled and later (days later) replayed in secret.
The players affected changed there entire pc, before playing the tournament in secret.
But I might have misunderstod something, heard wrong information or not heard all of the new information.
It does not look like it has effected the number of players in the game, but I still feel it is a little weird that "Respawn Entertainment" have not made a statement on this.
@@Petch85 I wasn't aware the players were playing on personal PC's. That changes a lot, cause then they could have just been hacked by something else earlier. The article I linked seems to suggest something else, but they are likely going off what the hacker said which may or may not be accurate.
would love to see Logitech's Ghub analyzed
Anything could be possible and scarily enough, is. Never underestimate the determination of the scorned. Unfortunately not a unique situation, while grander in scale, even dark souls have some critical server exploits running around.
Anti-Cheat software should never run at kernel level. You'll never find that crapware on my system.. I agree with most your videos, but honestly this one feels rushed and not factual. If the hacker could get dll menus into other players games, he can do far worse.
basically root access to your pc like what happened to all dark souls games servers (elden ring uses eac which spared it as it also had the vulnerability) an RCE exploit was found and after 1 of only 4 people who knew about this tried contacting the devs and was ignored so did it to a popular streamer to draw attention to it. if you were online connected to their servers and some one joined your game, you'd be at that persons mercy
true he is just rushing things over this anticheat thing without proper research probably u can see it on his video as well
also praising a game company that got hacked live is so disgusting
Also cheats run in kernel level. Bet they won't be signed either. They could easily do anything on the system without your knowledge.
Why don't we do cloud gaming to prevent cheats. We would need to protect against visual cheats and manipulated inputs. That way most of the stuff happens server side.
"Anti-Cheat software should never run at kernel level". Basically every anti-cheat for a competitive tournament like this does. It is easy to make sweeping claims detached from reality to please some aficionados who do not play or understand competitive esports but it doesn't help the actual users.
@@ArthursHD cloud gaming is trash
pls teach us how to create a windows vm for gaming
really love ur vida
Please, do helldivers 2 with GameGuard next!
video idea :
defender ui vs ( bitdefender or kaspersky)
would be interested in another video that takes a deeper dive. glad you put this one out tho
Can you check the background running of kernel Anti-cheat for other games. To show how invasive they are?
All kernel level anticheats are invasive. It's literally the kernel
@@BanditLeader Hey it could be worse, it could be Kernel and not even block any cheats at all (call of duty) lol.
Great Video! ty for the info
Can you do helldivers 2's anticheat please 🙏
Thank you so much!
thank you for being transparent
What's the app that you use for process monitoring?
Handicapped? Read
@@gullible119 I read it but couldn't find the app online so asked for the name, incase it's something else.
Process Explorer
I just watched your valorant video and there's less comments here so I figured maybe you would see this comment in this section rather than the other section lol. I'm an avid Counter-Strike player and the cheating situation is out of control. Do you have any experience with anti-cheat? If so I feel like it would be an interesting video to do. Clever ideas, pros and cons of an invasive kernel Anti-cheat, etc. Many Counter-Strike RUclipsrs are quitting until Valve release an anti-cheat. You seem very opinionated on kernel level access, what would it take to sway you? Idk I just think you have unique perspective on things and it could be an interesting video.
I hope you also cover PUBG (it has driver level AC, too). And GTA 5 (some people were able to hack PCs and even remote shutdown with some paid cheat for the game).
i think mallwarebytes anti rce or anti exploit program could do someting
Could you make a video on how to recover files after a .tuow attack?
All my files have been corrupted by the .tuow Ransom attack.
You can't
There is no decrypting it, just wipe your PC and learn a valuable lesson
If anyone tells you they can decrypt your files, they are lying and likely just trying to scam you
@@sylussquared9724 Damn!
Its kinda ok I guess, 70% of my data was backed up
But all of my work on Premiere Pro, PSD are fucked up.
Thanks for reply bro
Ain’t no way he asked “can you play the game” well he was getting hacked
Analyse helldivers 2 please, its very popular game and its not even pvp, it doesnt need intrusive anticheat
can you make video about tiktok live studio if its spyware
I don't get why ppls think this guy is trolling when he claims he just does things client side, knowing how bad and broken apex source code is I doubt he's lying. Way before all this "incident" there were many exploits and hacks that would let you join and play on official servers with completely moded weapons. There's even vids on tube, and anyone who has slightest idea know that this should be impossible. You can mod and edit weapons but they are in 99% cases client side, meaning only you see changes or it's special modded private client that allow this, but in apex case this would run on server itself . I guess nothing changed since when game was in beta.
can you review rockstar launcher, especially GTA Online hack account
Please analyze TLauncher for minecraft
agreed, that would be funny.
Isn't already widely known that TLauncher is a spyware?
It's straight up malware
@@draculemihawk10 yeah but it would be cool to know exactly how it works and where it goes yk?
this is the first channel i go to
I normally enjoy your content, but this video is just an excuse for you to advertise a sponsor; I'd spend some time finding people who can reverse engineer these games and understand the inner vulnerability that has caused it rather than pointing out that the the process is infact an exe in process explorer and that EAC unloads when you close the game (which by the way is not always the case, as EAC will intentionally sometimes sit in the system after the game has closed to monitor people who open the game too often which is typically a good indicator of some form of malicious intent), I've been reverse engineering anti-cheats for nearly 10 years now and I'd even be glad to help you indulge into the inner workings of these drivers, but your content just seems to be the same thing remixed, no offence.
Bro can you help me download escape rosecliff island for free. I'm skeptical of the link in Google I'm not sure it's real can you please test it please
It's my childhood game and I want to play it again. I can't buy the game cus we are poor. Please help me download it
I'm a CS 2 player, but that 10 minutes played hurts my feelings
you should see my cs2 hours, I bet I have more than you. 😂
That's the spirit!
Perhaps check the security of VRChat?
vrc also uses EAC
Lmao the hacker is a first class troll
still funny seeing all that panic while someone on RUclips just proved that one of the streamers just installed malware on his own computer after seeing "free download" live
The hacker hacked the process of Apex after getting connected to the guys PC.
Gaming keeps me stable
That's not healthy
What do you think of 010 Editor?
EA simply doesn't care about their games or the players. All battlefield games and apex are plagued with hackers for yrs. Hackers even demonstrated how EA ignores titan fall 2, but still they didn't care
Always say no to Kernel level anti cheat.
Is he Algerian
Khwati ?
no
that windows 11 is a vm right? i won't believe someone like you would use windows 11 for daily tasks
the funny part about all of this is that though vanguard is probably spying on you at least it does its job, your praising epic for being less invasive but its still kernel level and apex is notorious for cheaters and most data about val cheaters says they get banned in 3-10 games or so, also consider doing a vid although not pc, on tiktok. to edit I want to say that I still dont like what val does I think the situation is overstated.
They are still doing much better at protecting the game than COD does
3:45 if valorant gets hacked its gonna be bad so i hope they dont brag.
this video just feels like it has no content or whatsoever😊
More wireshark videos. Linux vs Windows.
Does Genshin has male malware? Just curious
Wdym male malware?
Naw if its able to modify the running process then its guaranteed an RCE. Super high risk, i'd be super worried. Even if the process isn't "open" arbitrary code during exploitation could simply run a stager to install a new payload with additional persistence.
I remember back in the day embedding RATs into my Combat Arms DLL Injectable hack menus. I made some interesting life choices back in the day. 100% agree with you though. If it can connect to the apex process remotely, its RCE in some form or another.
There are multiple scenarios here. There is an RCE that can install an additional payload, in which case the actual malware payload could be detected. Another is it uses the game process to do something malicious, if EAC is affected of course it will be much worse, it is hard to know the extent of the damage until you know the nature of RCE it is and how an attack can be carried out. I still doubt it will be used as a mass attack vector, especially given the nature of publicity it has received, but I guess if you want to be safe, best to not play it until a more official vulnerability announcement is made.
Easy anti cheat on twitter said that it wasn’t an RCE vulnerability.
please do call of duty mw3
👍
malware EA
I have a question, is windows 10 better than windows 11? i have a lot of people saying windows 11 is better and windows is better, which i still don't know which one to choose
well yah its ramadhan but..... cheating at any means never halal bro what the fish 💀💀💀
3:48 May be less invasive on your system, but they sure would like to invade your wallet
Ones I try to play apex and I got there acc 35 lvl and permanent ban for cheating 😂😂😂😂didn't play at all 😂😂😂
fortnite?
Click bait thumbnail. You didn't tell us how it was hacked.
easy anti cheat = easy to cheat ❤
Server sided cheats that were activated remotely. I bet they were already hacking and the cheat provider activated them while they were in game for an Advertisement. Showing thousands of people how their cheats won't get these players banned.
tools cheat?
First 1K views
2009 kid XDDDD
Vote putin 💀💀💀
Finally someone reverse engineers drivers.
source engine is full of rces
Well the engine wasn’t to blame for this hack at all but you’re right it’s pretty bad compared to source 2.
People still play this boring, dead game, in 2024? Even TF2 is more creative & fun, than Apex
Let’s start comparing player counts, oh wait..
Apex wasn't hacked
I love you and this channel
Good video , very helpful. Those pesky hackers ruin everything. 🤬
Amazing content, possible to decompile fortnite and a new upcoming game called hell drivers 2