Following Riot Games' public admission that the source code for its primary products, League of Legends, TFT, and Legacy anti-cheat platform, had been stolen, the infamous hacker is now auctioning it off for $1,000,000 as a starting bid.
The hacker, known as "Arka" or "ArkaT," advertised the transaction on a famous site that deals in stolen datasets. They provided a large PDF file that includes all the directories and files purportedly stolen from Riot Games as proof of the sale.
Riot Games openly disclosed on January 21 that it was the victim of a social engineering attack in which the infiltrators were able to exfiltrate the source code of League of Legends, TFT, and the Legacy anti-cheat platform.
Looking for Crossword hints & solutions? Check out latest NYT Mini Crossword Answers, LA Times Crossword Answers, and USA Today Crossword Answers
Following that, on January 24, the company informed the community that it had received a ransom email from the hacker, unequivocally saying that no payment would be made.
The hacker stole at least 70 GB of data from the game developers, according to the PDF. Furthermore, Arka claims to have obtained files pertaining to "Packman," a League of Legends anti-cheat software.
Further information was also shared on Twitter by VX-Underground, which tracks cybercriminal activities. They are as follows:
- The hacker Social engineered an employee through SMS.
- Their first goal was to steal Vanguard.
- They moved through the network but were unable to get access to Domain Controller.
- The SOC (Security Operations Center) discovered them after around 36 hours.
- The hacker did not introduce malware into the network.
- They managed to increase privileges by social engineering a company director.
- The hacker indicated that they would not offer VX-Underground any further information at this time, but that more information will be given in the coming days.
Riot Games declines to pay $10,000,000 ransom to League of Legends' source-code hacker
The Motherboard received a copy of the hacker's ransom email to Riot Games, in which they asked for $10,000,000. They stated in the ransom email that they had gotten important data, which included League of Legends, TFT, and Packman.
They sought $10 million for all of the sensitive data related to League of Legends and other game entities' source code.
The hacker also gave Riot Games two big PDFs proving their access to Packman and the League of Legends source code. Providing they are paid, the hacker offered to clean the code from their systems, provide insight into how the intrusion occurred, and offer recommendations on how to prevent future attacks.
According to the ransom note, the hacker does not aim to ruin Riot Games' reputation because their only objective is monetary gain. They also warned that there is a 12-hour limit after which the compromised data would be made public.
The hacker also provided a link to a Telegram chat where they said Riot Games could interact with them.
Are you stuck on today's Wordle? Our Wordle Solver will help you find the answer.