The North American finals of the Apex Legends Global Series (ALGS) concluded with a bang this weekend, but the twist in the story was one that no one expected (or wanted). Midway through the regional event, players were attacked by hackers who disrupted the “competitive integrity” of the match, causing the final stage of the tournament to be postponed.
Shortly after the incident, speculation arose about the origin of the attack and questions were asked about the Easy Anti-Cheat software. Epic Games has since issued a statement stating that there is no relationship between the remote hack and the EAC.
“We are confident that there ARE NO RCE vulnerabilities within EAC that are being exploited.”
Because the competitive integrity of this series is compromised, we have made the decision to postpone the NA Finals at this time. We will share more information soon.March 18, 2024
Making the decisions
The tournament was already underway when DarkZero's Noyan Ozkose (aka Genburten) and TSM's Phillip Dosen (aka ImperialHall) were hit with RCE hacks that allowed a bad actor to directly interfere with the game.
Ozkose and Dosen's tricks were activated suddenly and unexpectedly. Oskoze was able to see the position of enemy players through walls and strange messages (“Apex hacking global series by Destroyer2009 & R4ndom”) scrolled across the screen during the action. Oskoze reacted quickly, taking his hands off the keyboard and alerting his team to the problem.
Similarly, when Dosen aimed at a target, he did so with the help of an aimbot, although he had not activated the cheat himself.
Respawn canceled the match in response to the incidents, citing that the competition had been compromised, and postponed the NA Finals. More information on rescheduling will be provided in due course.
Exploring the anti-cheat exploit
Naturally, speculation ran rampant on Twitter, with players and spectators wondering how such an important tournament could be derailed by REC hacks. The volunteer group Anti-Cheat Police Department joined the conversation and warned players that their personal information could be at risk unless they took specific steps, such as updating old passwords and reinstalling their operating systems.
The Anti-Cheat Police Department postulated that Easy Anti-Cheat, the security system used by Apex Legends, was a possible cause of the problem. The group believes that bad actors could co-opt the EAC and use it to inject hacks into streaming PCs or infect them with ransomware.
However, Epic Games has refuted this claim, stating that:
“At this time, we are confident that no RCE vulnerabilities are being exploited within EAC. “We will continue to work closely with our partners for any necessary follow-up support.”
A problem to solve
So how can similar incidents be prevented? The last thing any professional player wants during a high-stakes tournament is to be the target of a remote hack, and casual players might wonder if the same threats could affect their games as well.
Gaming VPNs certainly have their uses, especially if you're looking to stop DDoS attacks, but they can't guarantee protection against remote exploits. However, VPNs can making it much harder for bad actors to attack you in the first place.
By masking your original IP address and routing your DNS requests through a middleman, VPNs provide an extra layer of security when you play online. A cybercriminal would have to work a batch more difficult to obtain your identifiable data.
Still, a VPN is no guarantee of complete digital protection, especially if you're worried about ransomware. NordVPN has its own security suite, with malware detection tools, and prevents secret downloads. This is useful, but VPNs are not the best protection against more persistent digital threats: think viruses, ransomware, malware, and other digital threats.
However, the best antivirus software can help you with real-time protection and scanning that isn't just browser-based.
