Last week, video game developer Riot Games, which is behind popular games such as League of Legends and Valorant had its development environment compromised by threat actors through a social engineering attack. This week, the attackers demanded a $10 million ransom for source code stolen from League of Legends.
The LA-based publisher took to Twitter to declare that they will not pay the ransom.
Today, we received a ransom email. Needless to say, we won’t pay.
While this attack disrupted our build environment and could cause issues in the future, most importantly we remain confident that no player data or player personal information was compromised.
— Riot Games (@riotgames) January 24, 2023
Details on the Breach
As per BleepingComputer, the breach affected Riot’s ability to publish patches for its games. The source code for the Teamfight Tactics (TFT) auto battler game, a legacy anti-cheat framework, and the League of Legends (LoL) multiplayer online battle arena were all taken by the threat actors when they were inside the company’s computer systems.
The LoL and TFT teams are examining whether any fixes are required to prevent such malicious attempts and how cheat makers might utilize the stolen data to create new tools.
The source code stolen includes some features for LoL which are yet to be released, according to the game developer.
While we hope some of these game modes and other changes eventually make it out to players, most of this content is in prototype and there’s no