Last week, video game studio Riot Games suffered a massive cyberattack. Cybercriminals have thus stolen a lot of data relating, among other things, to the publisher’s behemoths, namely League of Legends and Teamfight tactics. Yesterday, the studio said it received a $10 million ransom demand. Boris Larin, Senior Security Researcher in Kaspersky’s Global Research and Analysis (GReAT) Team, comments on the attack:
“Riot Games recently published an open letter to inform its fans of a major cyberattack, which occurred last week. It reports that data has been stolen, including the source codes of the anti-cheat client, popular games such as League of Legends and Teamfight Tactics, as well as those of other projects in development. Source code protection is of considerable importance to the company, as it is a prime target for cybercriminals when it comes to attacking the video game industry. Once threat actors get their hands on the source code of the game, they can easily learn all the features of it and the servers, study game logic, secret algorithms and anti-cheat technologies, which allows them to detect vulnerabilities and develop cheats and bots. They can thus get rich by selling cheat paraphernalia, mining and selling in-game currency, and circumventing the rules set by the game developer, all while ruining the experience of other players.
It should be noted that the cyber hackers behind the attack are demanding a $10 million ransom from Riot Games. The company decided not to pay this ransom, and that is quite commendable. Paying the ransom does not guarantee safe return of files, and only encourages malware developers to continue their operations. Indeed, acting according to the rules imposed by cybercriminals is never a good idea and only increases the potential risks posed by threats to the reputation and finances of organizations. »
The video game industry is an increasingly popular target for cybercriminals, especially given its strong growth and potential.