this post was submitted on 19 Mar 2024
468 points (92.4% liked)

Technology

59534 readers
3199 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
468
Apex Legends streamers surprised to find aimbot and other hacks added to their PCs in the middle of major competition via anti-cheat software (www.pcgamer.com)
submitted 8 months ago* (last edited 8 months ago) by catch22@programming.dev to c/technology@lemmy.world
89 comments fedilink hide all child comments
 

Wow it finally happened. So glad I switched to steam running on linux mint last week. I refused to install helldivers because it wanted to install some no holds barred god level permissions anti-cheat software. Windows 11 was the last straw for me. Good times..

The volunteers at the Anti-Cheat Police Department have since issued a PSA announcing, "There is currently an RCE exploit being abused in [Apex Legends]" and that it could be delivered via from the game itself, or its anti-cheat protection. "I would advise against playing any games protected by EAC or any EA titles", they went on to say.

As for players of the tournament, they strongly recommended taking protective measures. "It is advisable that you change your Discord passwords and ensure that your emails are secure. also enable MFA for all your accounts if you have not done it yet", they said, "perform a clean OS reinstall as soon as possible. Do not take any chances with your personal information, your PC may have been exposed to a rootkit or other malicious software that could cause further damage."

you are viewing a single comment's thread
view the rest of the comments
[–] Blackmist@feddit.uk 20 points 8 months ago (5 children)

Sounds fanciful.

EAC doesn't open up ports into your network as far as I'm aware.

Pretty much the only way to do RCE in games with no direct P2P connection is to send malformed data to the server, and then it sends that to the other clients, relying on things not being checked in two places. We've seen this a few times, in Dark Souls series and GTA Online.

I can't see for the life of me how EAC would cause that.

[–] 520@kbin.social 1 points 8 months ago* (last edited 8 months ago)

EAC doesn’t open up ports into your network as far as I’m aware.

No but the game code does. And that game code also interacts with EAC. You can argue it's a bug in Apex Legends, and it would be that too, but the fact is that EAC shouldn't be executing arbitrary commands based on what the game code has given it, so if that possibility exists in EAC, it is still an RCE in Apex Legends and a kernel privilege escalation flaw in EAC.

load more comments (4 replies)