The Apex Legends Hacker: Destroyer2009
HTML-код
- Опубликовано: 28 мар 2024
- All of the information presented in this video is to be considered purely speculation and not to be perceived as fact. Special thanks to SkeletalDemise and foilman for their hard work and allowing me to share this investigative story. Check out their blogs: skeletaldemise.github.io || / foilman
Learn Cybersecurity with Name Your Price Training with John Hammond: nameyourpricetraining.com
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥RUclips ALGORITHM ➡ Like, Comment, & Subscribe!
John went dad mode for a second there. Kinda scary ngl
Fr 😂 I thought he was talking to me for a second there.
Actually incredible cover of the overall story. I love your final thought "We do it for the love of the hunt, not for the thrill of the kill". I think it is rather easy to sometimes fall in these bad places because we are so deep in the "hunt" that we may think that the reward is the only thing that there is left. But there will always be a bigger and more amazing hunt.
We want a collab between John and Jack Rhysider ❤️
What would they even do? Jack is a storyteller
@@IT10T Yeah but he also was a security guy iirc
John needs to go on Darknet Diaries
@@IT10T I'm sure John has plenty of stories to tell lol
That would be sick
in russian timoxa can be read as timoha, short for timofej(Тимофей)
13:56
))
Как больно было слушать тимокса, когда ты Тимофей 🙄
This is proof not to mess with cyber security professionals. You literally found out everything!
Why the guy would care anyway? He's in Russia
If you have good opsec even cybersecurity professionals won’t be able to find anything
@@cleava959its hard to have perfect opsec, very few have that as history shows
@@malborboss 1 singular Hellfire R9X would be a small price to pay so he will never interrupt another tournament again?
@@rakis69lmfao bruhs ready to go to war over apex legends
I love the breakdown of this and would love to see more like it. Thanks John!
In the end, even if you identify him, he's Russian, so you'll never be able to sue him
when John made direct contact with destroyer in the video, loved the seriousness and the stiff rightfulness on your face brother.
This is a fantastic video and investigation!! Thank you to all involved.
I thought Destroyer2009 stated that he did this specifically during a large event to force EA to fix the vulnerability?
He did as they have no bug bounty program which was mentioned previously. He possibly burned a way to make an easy buck since he could execute server-side commands and give people in-game currency and packs just for the shits and giggles, what he got for it? He got doxxed and witch-hunted by one of the biggest cybersec RUclipsrs and schooled about "moral compass" as if doxing an 18 yo in the name of a soulless corporation is morally correct.
Yeah. Also that he would report the issue directly to EA if they offered bounty for finding of the exploit.
It has to be right? All be did was target two players for a short time and even put in the game chat that it was him so the blame wouldn't be on the pros! Like if he really wanted to he could've caused some crazy shit in the ALGS like 1000 bots and flying and shit but he didn't.
You really buy that?
@@Gavtoocoldits publicity to sell his cheats. Why would a person who makes a living selling cheats and has been for years want to fix the exploit. He doesnt care about the state of the game at all he just know that respawn probably wont fix it and he will have his name permanently linked to apex cheats
This is solid OSINT work from SkeletalDemise and foilman, and great reporting emphasizing the appropriate caveats to this work. This was very enriching educational content. One way I think it could have been moreso is if those caveats were explored and extended to their logical conclusions, as in explaining how if at any point the assumptions made were incorrect, how it could unravel the (very convincing) narrative, which for the record I believe.
Great video, John!
Cool to see you covering this topic! I'm on my cyber security journey. I find all your videos super interesting! :)
Maybe I missed something, but who confirmed that destroyer2009 actually did this whole thing? I might just be someone using their handle.
Very interesting. Great covering of this.
Curious, what website/service did you used at 9:33? I kinda want to search my own email with this.
I don't think I'd ever make content like this where I personally call out a threat actor and put my face to it; even just someone making game hacks. In any case, your heart seems in the right place and it made an interesting watch. Thanks for the video John. Stay safe.
This just opened my eyes to how wildly easy it is to find this information
Ikr he literally just googled his name and found out where he lived lol
EA will probably never go into detail about what happened but there are interesting threads on UC on this topic going back to 2019.
Do you have any links to the affirmationed articles ?
Thank you John, I really enjoy all of your content. I must admit, I think of hacking in tournaments a bit like athletes using PED's in sports. In sports they utilize drug testing to try to deter those from using PED's and I equate that to online gaming using anti-cheat software in an attempt to deter cheating. Ultimately it is up to the developers to make sure the gameplay is secure as can be. You will always have those looking for the competitive advantage and we must do everything to combat that.
It was so fun to watch John! Great investigation! :)
Seems like he did a public service. This is how you get big companies to make changes. I'm still interested to know if the 2 affected gamers are squeaky clean or not.
I’m just a fan of both, so you can I’m biased but I say this with complete certainty, they are clean. Apex is their profession, you can say that that’s a reason to cheat itself, I disagree with that for Hal and gen and every apex pro currently.
I do agree with your 1st statement 100%
what do you mean by squeaky clean?
If you're suggesting that you don't know if they're 100% innocent - well they probably are. They're some of the most watched players in their industry and have had significant success at LAN events. Unless they somehow continued their cheating offline during LAN events for many years consecutively, I'd say they're probably clean. Also, with thousands watching them every day, we would probably have seen some weird moments that might prove they're cheating in some way. Not to mention among those thousands, there are many looking to finally find a reason to throw them under the bus and prove they're cheating
@@EmbeddedNickgood thing destroyer2009 didn’t want to frame someone like genburten cause it would’ve worked so many would’ve believed and spread misinformation like a plague
@@EmbeddedNick Fair points. I don't play apex. I guess I was just coming from the angle of, how did two of them get their machines compromised by the same hack vendor? It's easy to be cynical when you don't have all the info.
As an apex legends player who grinds it a lot, thank you for making this video. Super entertaining and educational. I watched yours and pirate softerwares vids, so awesome!!! Ty Ty Ty❤️❤️❤️🔥🔥🔥
Hacking video games should be allowed in dedicated cheater-allowed servers. Hackers will not disappear by just saying it's not allowed. This would allow hackers to have fun, and the game developers to try to fix exploited bugs. Cheating in competitive games will always happen, so the developers needs to keep up with the hackers on detection software.
Nahh, part of the thrill is that it's not allowed/illegal. Nothing's preventing them from cheating on the non-cheater-allowed server. He could've responsibly disclosed it but he didn't. It's a shame and if he gets caught, quite honestly a waste of his talent. But that's totally on him
The point of cheating is for the real game.. Why would anyone cheating want to play with other cheaters 💀
@@spicybaguette7706 this isn't really that true. in games where you can do hvh easily (csgo), hvh is way more popular and closet cheating/legit cheating is seen as lame
Keep up the good work* been watching you a long time: learning a lot".
after EA deleted my accounts for not logging in for a while because I did have internet at the time, and expect me to buy the games again, I'm siding with destroyer2009
Apex is FREE-to-play.
???
Did this happen on the ea app? Cause why were you using the ea app primarily for your games, I blame you if that’s the case lol
@@Pikkoroo it's still ea's fault for making it dogshit
@@lfcbproprobably other ea games
This sounds a bit strange. Companies usually want to retain players because retaining is cheaper than getting new ones. How long were you gone for?
Timoxa watching this video:
A drone will find it...
How did you get access to the data breaches that had his information? Are those publicly available?
Yes. I personally know of 2 that were both breached and took down by the FBI.
@@catnip202xch.how can I access thjs
Holy f, this was a beatiful job John.
Thank youuu
John Hammond covering this story? Im intrigued.
what a fantastic video and an absolutely remarkable investigation - hats off!
just a few clarifications on this topic from a native russian-speaking perspective:
1. timoxa is actually pronounced as timoha, with an accent on "o". it serves as a shorthand for the russian name Timofey.
2. it's essential to recognize that not everyone who speaks the russian language identifies as "russian" (with aprox. 380kk speakers worldwide).
3. this one is mostly related to the Mande's mistake (who made that inverview video) - dude explicitly stated "I'm Russian". it's worth noting that Belarus (as mentioned in the subtitles) is distinct from Russia. this distinction is further supported by your gmaps activity review, which only spotted locations in Russia. Belarus lies far away from the left pointer on the map.
If these big game companies don't wanna listen about cve, then they get burned by hacker's memory foam.
Honestly this wouldn't be an issue in ALGS if they had the tournament on a LAN and then streamed from another PC that isn't directly connected to the game somehow and would make the game more fair due to connection issues.
Apparently some are done that way since people have mentioned the two streamers have previously won LAN tournaments. Not sure why it isn't being done for seemingly the biggest competition.
Of course there is still of the issue of these cheats still being in play for the rest of the players if it doesn't get fixed ...
I did not know I wanted a true crime like thing for cyber sec... but now I need it.
You know what you the best? Because you talk slowly and explain from zero, thank you❤
He's probably open about this because game hacking isn't as serious as stealing user data or money, etc. I've never heard of a cheat dev being arrested
You have never googled "cheat developer arrested"
@@CypherNL Those are mostly from devs who have done other stuff or live in areas like china.
There have been even cheaters who have been sued by companies.
There was this one kid in early Fortnite days who got sued by Epic Games because he counter claimed Epics DMCA takedown of his youtube video where he promoted his cheats.
He probably does not care because he lives in a country that wont do anything about it.
Russia is notorious for not doing anything about cyber criminals unless they target Russian citizens.
@@CypherNLThose guys were making millions, probably gang related too
@@hexlocation this guy hacked two major streamers computers, but granted did not do much with their access
Knowing how his hack worked, would be fascinating 🤨
great investigation !
When John H. joined Thor (PirateSoftware) and said: "OH I guess this is just going to be a talk"
... at that point, I knew this video was around the corner.
he's probably (& rightfully) proud of his achievements. kid has skills
I applaud this guy for showing how much work anticheat needs to a larger community. Timoxa is a hero for trolling these publishers with the garbage regular players deal with every day. EAC is a joke right now.
If someone manages to get their hands on destroyer, I'm really torn between offering them a position in an internal offensive security team for either EAC/Apex and enforcing punishment
Hes 18 and ea wouldnt be able to stop the fbi from charging him so its unlikely hed be allowed too. He has to be super careful now. If he was in the states his life couod be over be for it begun and i dont think thats fair.
LMAO EAC... why do you think they havent posted for 5 years? Becuase that's when they woke up to themselves and gave up trying..... Real game hacking is done on the hardware
No company like that will hire him, he is a high risk person, that could go berserker one day and start leaking things
When Valve hack happened around 2003 - Valve also "offered" position at company to hacker, hacker moved to U.S. and fbi got him because Valve protect own interests and dont care about "humans", Valve care about millions of dollars they making.
Same here - if that person get offer - it will be "fake and just to trap them".
Corporation is your real enemy.
bro's email is the most obvious thing a hacker would guess
Great work to the two guys spending time on this, it’s not always fun and a lot of resources and time goes into it. Also don’t forget - Don’t fact drive (dive) under the influence of speculation 😊 OSINT’ers only real hangover 😅
had fun watching the stream with PS, gotta ask him for more colabs lol. and as usual, great video.
The video covered one image saying the IP connection was through a RAT so does that mean they SSH into their PCs from obtaining their IP before the live tournament, or did the end user downloaded something before hand?
that what i thought personally , piratesoftware said the cheat window that appears on gen screen are just "graphics"
and thats wrong,
gen wouldn't get wallHacks just by an image presented on his screen,
those hacks won't function without a driver level application installed on his pc,
and how that could be done and how the hacker get his ip address to remote install it on his pc ?
he did it thought exploiting : either ssh or one of the 0 day vulnerabilities most likely after he get access to their ip addresses trough the server id itself using reverse tracking,
worth mentioning that Microsoft is still Patching 0 day vulnerabilities till today so it could been used instead of ssh.
I still think these players hacked and there was a back door in the software
To address the format window that popped up it wasn't graphics or apart of apex they're not technically wrong saying it's graphics. If you have your graphics card unlocked which the guy admitted he had FPS unlocker installed you would have to unlock your graphics card from windows tamper protection and isolation. You can make format windows transparent and overlay other applications but as soon as you do that the windows pane will be sent back behind the application you clicked on which is what happened he clicked back on apex after seeing that window pop up. The fact John Hammond and pirate software missed that part and jist focused on the fact the window of cheats hacks was transparent and had apex styled text means they forgotten about windows 95, XP days where options like making your format windows transparent and summed up that conclusion by not taking into account the guy said he had fps unlocker software installed not realizing the implication of what that means.
@@DoctorMGL ^
Hands down favorite part was the discord conversations and making your avatar an Anime avatar 😂 why did you choose to do that?
Having bad opsec and then there's an osint investigation: "That man is playing Galaga. Thought we wouldn't notice, but we did" (Avengers)
it's hard to believe that there was no motivation other than for the lulz. I mean i understand that, as a kid I was oppening my friends CD rom on LAN using some trojan for the lulz, but that was against a friend and very innocent in comparison to this apex hack.
Netbus for the win
The "lulz" aren't a proper excuse, don't go around hacking, end of story.
Promotion for his hacks?
thanjs Joe Cyber
I think what he did is exposing most of corporation or game ondustry of how their games pretty much has lot of security exploits on it
Russian is not the only language that is written with the Cyrillic script. It can be perfectly Belarusian language.
Hes actually said in an interview before that he is from Belarus
Functionally no difference in the current Geo-political environment.
@@spartan1986ogthere is difference you cant say all eu are the same. dont be stupid
But... Isn't Belarus part of Russia?
;)
Or Ukrainian. Visual difference is in just few letters.
At least based on his speech i would not throw this possibility off head. But way he pronounced word "кто" (as "hto", instead of "kto") slightly skews me to either Ukraine or border region of Russia? Timoxa ==> pronounced as Ti-mo-ha (not ~ksa), is diminutive and familiar form of name Timofei. Not very popular name in Russia i might say, but with amount of people, plausible possibility.
But, i will note... Imo, but his uploaded video of cheat, and voice in interview do not sound that same for me. Pitch is way different. I guess it is plausible if there is 3+ year difference and he was like 14 to 18 years... Still hard to prove if it is same person. Especially hard to parallelise them as they spoke on two different languages.
About emails with different numbers. It may be him, but may be another person. A lot of people are required to register here and there for school work nowadays, and as children they often create accounts with name+number (often suggested).
But these discord conversations surely do hint on link between his current discord name and his previous account name. No definitive proof as he denied that cheat forum involvement, but still big piece enough.
are you not making the xz video ?
This is a masterclass in OSINT
John Wick, when does he get on board?
The moment that Regulators or Federal law makers touch gaming or online gaming is the moment it dies.
BT
love to see how the hacks actually work. like an overlay on just that users machine?
I mean a witch hunt and potential dox or an 18 yo kid is not really worth bragging about. As you said yourself he did it for the shits and giggles and not to gain any monetary income, if your game's security is so bad that an 18 yo can execute server-side commands and give streamers in-game currency and packs you should be happy that all they choose to do is play a stupid prank on a tournament instead of capitalising it to ruin the game. Corporations are not your friends.
I agree with this, due to the fact that the corp already faced previous hacks before on Titanfall 2 (I could be wrong, but pretty sure it was also server side) and moments across Apex's lifespan.
I don’t think age matters. Just because they were hacked by an 18 year old, that doesn’t mean that Respawn has bad cyber security. That could just mean that the 18 year old is really good for his age
Firstly, it's not a "witch hunt." It's bringing justice against a hacker with only harmful intentions; the "shits and giggles" aren't a proper excuse. And if he gets doxed, who cares? He is an adult; he should've known better. And finally, this doesn't signify that the corp has bad security, and maybe they aren't your friends, but neither are adults who go around hacking and causing frustration for the fun of it.
You could argue that exposing their shitty security to the world is a good thing, but yes there are better ways to do it
Do we know if like he possibly used some cross site scripting? I’m not like full immersed into Coding and Such but I did understand that, cross site scripting I wasn’t sure if it would have anything to do with it
Props to foilman and demise for figuring all this out, fantastic detective work
I don't think he deserves to be doxxef
very good I will be waiting for the report on doxbin
This video was so good, it felt like 5 minutes :D
Good intention? There is one. EA should fix their shit and not be that greedy
This was a great video but my real question is... picoCTF 2024 series? 👀🤣
5:45 There is a high probability that Timoxa is a name derived from shortened russian name Тимоха pronounced as Timokha. It might indicate that the guys full name is Timofey which is Тимофей in russian.
btw, that alphabet is Cyrillic, it's the alphabet used for Russian, but it's not only for Russian.
Has it been ruled out that the players weren't using cheats created by Destroyer/Temoxa containing a backdoor and he just trolled them hard publicly? It seems strange that a global event involving millions of dollars in prize money isn't being conducted on private servers on a segmented network. Or are multimillion dollar gaming tournaments just hosted on public internet where they can be hacked by anyone? Is that because the servers always have to be connected to the internet for dynamic anti-piracy/anti-cheat stuff?
I guess it doesn't matter anyway, cause cheaters are gonna cheat and hackers gonna hack. Unless you fully lock down tournaments with segmented networks, no external devices allowed and player searches it's going to keep happening.
You’re amazing 🙌🏾
can we get some timestamps John? thank you
What games do you play John
sir my Gmail account has been recently hacked which was linked with youtube so how could i recover it can you please help me in doing this
how these teenagers manage to do all these things.
I know it’s cliche to say but he had to be smarter than this regarding his cyber trail right? Why wouldn’t he go through a transfer/offloading phase for all of his work and potential PII?? And we all have multiple emails, accounts, etc…. Once he was done preparing his attack or developing it, he should have isolated and masked all of the potentially identifiable information for ANY entity involved while falsifying things like locations, IPs, VMs etc. Also seems that Destroyer2009 understands his position in Russia is beneficial for hacking purposes to say the least..
Some people don't care... like me... opsec my toaster
Whats the point if your in a country that wont let the US violate your rights (thats their job..)
I take the old gamer stance... GET GOOD! Security just needs to step up.
whoever done the osint that guy is beast
The OSINT here is crazy🙌🏾
Honestly on one hand I hate cheaters. However on the other hand if doing so in such a public way forces EA's hand into putting resources behind fixing the cheating problems in Apex, I'm for that.
18:47 I can’t beleive Respawn as a company can’t sue him
For doing that that’s crazy.
Companies have a lot of money they only want to give to the top executives. They deserve to get meme'd
Personally any type of hack that is used to gain advantage over the normal person should be a crime, whether you are the buyer or the seller, it should be treated the same. its to easy for kids these days to pick up a cheat and run with it coz whats the worst that can happen in most games? you get banned, start a new account and just continue. if the youth start to learn that your decisions and actions have actual lawful repercussions then they might think twice before doing this shit.
Thank you very much for the video, i just subscribed
Timoxa - probably poor transliteration of Timoha- Timothy
this kid gets the attention he wants.. that dad mode is bone chilling
You hear about the XZ utils backdoor yet?
as someone with over 1k hours in apex im glad he hacked the game because he proved that respawn and EA dont care about the game or people playing the game when the hack happened they put out a sale in the in game shop to say sorry who the fuck cares we dont feel safe having our banking info on the game anymore I am happy he did this and i hope he does it again to stop a mega billion dollar corparation form exploiting their players
Well, as far as I am aware, he hasnt broken any laws.
The guy is cheating at video games FFS.
No video on the xz backdoor hack yet?
it didn't go far as it was noticed before being pushed to stable build. It was a dude that social engineered to get his code edits pushed to production on XZ Utilities GitHub. That would later hook into openSSH connections on server environments like in Debian.
This is why we CTF 🏴☠️
Apex should discipline the hackers. But not with jail time, or fines. Block access to all their Servers for the Hackers.
What Apex now should do, is learn from that mistake and upgrade their security, ASAP.
Oh you innocent soul. That isn’t how that works at all.
not suprised that he get busted noob-blood.
You juz gave how to do real time analysis for free there
But that’s was juz classic!!
Im glad he cant get caught. Its EA fault for running a 5 mil tournament with bad security. Thats negligent, plain and simple. Yes he did damage, but in the way I would do damage to my muscles to make them stronger.
He's Kristimoxa, AS WRITTEN! Apex Al-Ghaib!
This is what hackers do! If I could do this I would
bros gone track him down to the last thing he has eaten
His good intention is make it public which got the exploit fixed
Judging by the way he speaks russian - he's not from russia, based purely on his accent he's either from belarus or ukraine, and since he said he's from belarus, I would be inclined to believe that I guess
this deserves more views ❤❤❤❤
This video is sounds like a little bit darknet diaries podcasts...🙂
Waiting for the video on xz backdoor