Hackers Demand 10 Million Dollars from Riot Games
by Emily Chu, Reporter
Culture, Informational
Photo Courtesy of Riot Games
Riot Games, the developers of several popular PC games, confirmed a security breach on January 20th, 2023. The company reported that the source code for League of Legends and Packman, an anti-cheating software, had been stolen. According to Riot Games, the hackers were able to gain access to the company's development network by executing a social engineering attack on one of the employees over text. Social engineering refers to a scenario where hackers manipulate or influence the victim with psychological tricks in order to gain sensitive information that could be used in a security breach. Riot called these hackers ‘threat actors,’ and they claimed to be in the development network for roughly 36 hours before being discovered.
In a ransom email that Vice Motherboard got a copy of, the hackers demanded 10 million dollars in exchange for keeping the hacked content private. Their fanbase was rightfully worried, and Riot Games went to Twitter to reassure fans, saying “we remain confident that no player data or player personal information was compromised.” The only thing stolen was the source code, which could potentially “increase the likelihood of new cheats emerging.”
Many have questioned whether or not Riot was going to pay the ransom, and they responded in another tweet, “we received a ransom email. Needless to say, we won’t pay.” In an effort to scare riot games, they said they would be auctioning off the source code on a popular hacking forum.
The bidding started at one million dollars. Pacman, however, they were willing to sell for only half a million, a huge down-bid from their initial ten million. Whether or not the source code is worth a million is still up to debate, and Riot seems confident they’ll be able to patch any cheats before major damage is inflicted.
Riot Games is still in the process of investigating the full extent of the breach. In a Twitter thread, the company stated, “We’ve made a lot of progress since last week and we believe we’ll have things repaired later in the week [...]. The League and TFT teams will update you soon on what this means for each game.” Over the years, cyber attacks have become increasingly common. Major organizations are far from immune—they are often the target. All companies, regardless of size and industry, are possible victims to cyber-attacks. Riot Games is just one case of many other cyber attacks. The majority of the big companies who have already been attacked publicly would not pay any ransom. By paying the ransom, they would then encourage more attacks. Cyber security needs to be taken seriously because the potential consequences can be devastating. In our digital age, when data and information is more valuable than ever, companies have to prioritize cyber security to protect both their platform and their users.
DISCLAIMER: The opinions, beliefs, and viewpoints expressed by the various authors in this paper do not necessarily reflect the opinions, beliefs, and viewpoints of Kamiak High School or The Gauntlet.
Sources
Hackers auction alleged source code for League of Legends. (n.d.). Retrieved February 6, 2023, from
https://www.bleepingcomputer.com/news/security/
hackers-auction-alleged-source-code-for-league-of-legends/
Hackers Demand $10M From Riot Games to Stop Leak of 'League of Legends' Source Code. (n.d.).
Retrieved February 6, 2023, from https://www.vice.com/en/article/qjky8d/
hackers-demand-dollar10m-from-riot-games-to-stop-leak-of-league-of-legends-source-code
Riot Games on Twitter. (n.d.). Retrieved February 6, 2023, from https://twitter.com/riotgames/status/
1617900236172857345
Riot Games refuses to pay ransom to avoid League of Legends leak. (n.d.). Retrieved February 6,
2023, from https://www.malwarebytes.com/blog/news/2023/01/
stolen-code-from-riot-games-already-being-auctioned-off#:~:text=Last%20week%2C%20Riot%20Games%20revea
led,Valorant%20and%20League%20of%20Legends
Riot Games says League of Legends source code stolen in cyberattack. (n.d.). Retrieved February 6,
2023, from https://www.axios.com/2023/01/24/
riot-games-league-of-legends-source-code-cyberattack
Social Engineering. (n.d.). Retrieved February 6, 2023, from https://www.cmu.edu/iso/aware/
dont-take-the-bait/
social-engineering.html#:~:text=Social%20engineering%20is%20the%20tactic,or%20giving%20away%20sensiti
ve%20information.
Stolen League of Legends source code being ransomed, and Riot Games won't pay. (n.d.). Retrieved
February 6, 2023, from https://arstechnica.com/gaming/2023/01/
riot-games-confirms-ransom-demands-for-league-of-legends-source-code/