Hackers disrupt Apex Legends esports tournament | Kaspersky official blog
Credit to Author: Alexey Sadylko| Date: Wed, 03 Apr 2024 11:13:51 +0000
The esports industry is booming: prize pools for top tournaments have long surpassed $10 million, with peak online viewership exceeding one million. This naturally attracts hackers, who typically either steal game source-code or target individual gamers. Recently, cyberattacks have gone beyond the pale: hackers disrupted a major Apex Legends tournament.
This post explores why gamers need cybersecurity, and how they can get it.
What happened
During the final match of the North American leg of the Apex Legends Global Series (ALGS) tournament between the Dark Zero and Luminosity teams, a cheat configuration window suddenly popped up on a player’s screen. The bewildered player also gained the ability to see in-game opponents through walls (“wallhack”) — a capital offense in competitive gaming, usually punishable by a multi-year or even lifetime ban. The player was disqualified, and their team received a technical defeat.
The tournament organizers didn’t adjust the rules or implement additional security measures on players’ computers, leading to a repeat incident a few matches later: another pop-up cheat window, wallhack, and even aimbot functionality this time. At this point, the organizers suspected something was up: cheaters can indeed be found in esports, but brazenly opening a cheat window mid-game seemed beyond belief. The match was stopped, and the tournament postponed indefinitely.
Shortly after, a user nicknamed Destroyer2009 claimed responsibility on social media, stating they exploited a remote code execution vulnerability. However, the supposed culprit didn’t specify where the vulnerability resided: in Apex Legends itself, the Easy Anti-Cheat software mandatory for esports tournaments, or another program. Easy Anti-Cheat representatives declared their software secure. Gamers worldwide await a similar statement from Respawn Entertainment — Apex Legends’ developers — but so far there’s been no word; however, Respawn did announce that it has already released the first in a series of security updates.
This case is unprecedented in esports. Internet issues? Sure. Hardware problems? Those happen too. But never before has a tournament been interrupted and postponed due to hackers.
Esports needs protection
Of course, it’s premature to draw conclusions before the investigation concludes: the tactics and methods used by the attackers, the vulnerability exploited, and the software at fault all remain unknown. However, it’s likely that the Apex Legends players’ computers lacked robust protection, which could also have prevented other embarrassing situations in esports. For example, in the summer of 2023 during the Bali Major 2023 Dota 2 tournament, Russian player Ivan “Pure” Moskalenko found himself at the center of a controversy. Mid-match, Ivan accessed his own game’s Twitch stream, potentially gaining an advantage as the stream displayed both teams’ positions. Tournament organizers weren’t pleased, disqualifying the gamer and handing his team a technical defeat.
The tournament rules stipulated restricted internet access from gaming terminals during matches: only Steam, Dota 2, and TeamSpeak were allowed. But simply blocking specific websites — or all extraneous resources altogether — could have been achieved with security solutions.
Nuances of protecting esports players
Gamers often consciously reject cybersecurity, guided by the outdated belief that “antiviruses slow games down”. But the reality today is that this isn’t the case: tests show that protection has no impact on gameplay whatsoever.
Skeptics also like to cite instances where annoying antivirus notifications popped up on the screen at crucial moments during games. Our products offer a special gaming mode, which activates automatically when games (and some other applications in fullscreen mode) are launched, pausing anti-virus database updates, notifications, and scheduled computer scans. Your computer remains protected — even during the most intense esports matches, while Kaspersky Premium works in the background.
Though it’s not known for certain where exactly the RCE vulnerability used by the hacker during the ALGS tournament is hidden, we recommend that all fans of this game install reliable gaming protection on their combat computers.
And to protect your privacy while gaming, use our ultra-fast VPN — either standalone or included with a Kaspersky Premium subscription. Special VPN servers in a separate “Gaming” locations list use the optimized Catapult Hydra protocol to reduce latency, which is crucial because the lower it is, the better the gaming experience.