Hackers have stolen the source code for League of Legends and are demanding $10 million from developer Riot Games in exchange for not leaking it. They sent a ransom email to the company, providing evidence of the theft and offering to share information about how the breach occurred and advice on preventing future attacks. Riot Games has said it will not pay the ransom and is investigating the hack, which it described as a “social engineering attack.” The company also said there is no indication that user data was affected.
Riot Games first announced the hack last week and later confirmed that the hackers had stolen the source code for League of Legends, Teamfight Tactics, and the company’s “legacy” anti-cheat platform. In a tweet on Tuesday, the company said it had received a ransom email from the hackers, but that it would not be paying the ransom. Instead, the company stated that it is focusing on investigating the hack and working to prevent future breaches.
According to the ransom note obtained by Motherboard, the hackers claim to have obtained valuable data including the anti-cheat source code and the entire game code for League of Legends and its tools, as well as Packman, the company’s usermode anti-cheat. They understand the significance of this data and the impact its release to the public would have on Riot Games’ major titles, Valorant and League of Legends.
The hackers have given Riot Games a deadline of 12 hours to pay the ransom, and have warned that failure to do so will result in the hack being made public and the extent of the breach being known to more individuals. They have also included a link to a Telegram chat where they claim Riot Games can speak with them.
It is unclear at this time if Riot Games will pay the ransom or if they will take any other measures to prevent the data from being leaked. The company has not released any further statements beyond the tweets already published. However, the incident highlights the importance of security measures and the need for companies to be prepared for such scenarios.
The situation is still ongoing, as Riot Games continues to work with law enforcement and cybersecurity experts to investigate the hack and secure their systems. The company has stated that they will not be paying the ransom, and are instead focusing on protecting their players and the integrity of their games. They have also urged players to be cautious of any suspicious activity or emails claiming to be from Riot Games, and to report any suspicious behavior to the company. The gaming community is also closely monitoring the situation, as the potential release of the source code for League of Legends and other games could have a major impact on the industry. It remains to be seen how the situation will be resolved, but for now, Riot Games is determined to protect its players and its intellectual property.
The full note, not including the Telegram link:
Dear Riot Games,
We have obtained your valuable data, including the precious anti-cheat source code and the entire game code for League of Legends and its tools, as well as Packman, your usermode anti-cheat. We understand the significance of these artifacts and the impact their release to the public would have on your major titles, Valorant and League of Legends. In light of this, we are making a small request for an exchange of $10,000,000.
We uploaded a tree list pdf file, which you can view the tree of Packman and League of Legends source. If you require any files for proof, message us and we will provide you the raw file.
In return, we will immediately remove all source code from our servers and guarantee that the files will never be released to the public. We will also provide insight into how the breach occurred and offer advice on preventing future breaches. We suggest communicating through Telegram, you can join us here:
[Telegram link]
We do not wish to harm your reputation or cause public disturbance. Our sole motivation is financial gain.
We have sent this message to the Directors only and have given you twelve hours to respond. Failure to do so will result in the hack being made public and the extent of the breach being known to more individuals.
We also want to remind you that it would be a shame to see your company publicly exposed, especially when you take great pride in your security measures. It is alarming to know that you can be hacked within a matter of hours by an amateur-level hack.
We urge you to take this matter seriously and consider our proposal.