The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company’s popular League of Legends online game.
The company has also confirmed that source code for TFT (Teamfight Tactics) and a legacy anti-cheat platform (Packman) were exfiltrated by the attackers, but said they won’t be paying the ransom.
It all started with social engineering
Last week, Riot Games said that systems in their development environment were compromised via a social engineering attack and promised more details soon.
“We’re committed to transparency and will release a full report in the future detailing the attackers’ techniques, the areas where Riot’s security controls failed, and the steps we’re taking to ensure this doesn’t happen again,” the company said this Tuesday.
The operator of malware repository vx-underground has professedly spoken to the attacker, who said they got in by social engineering a Riot Games employee via SMS, that they managed to pivot through the company network and escalate privileges by social engineering a company director, but that they did not deploy malware (e.g., ransomware) on company systems.
We are currently speaking with the individual responsible for the breach on Riot Games.
They have informed us they have also stole Riot Games anti-cheat, Packman. Packman is the anti-cheat for both Valorant and League of Legends. pic.twitter.com/3jtAAhKWp0
— vx-underground (@vxunderground) January 25, 2023
The attacker also said they have been unable to compromise the Domain Controller and that Riot Games’