Stolen League of Legends source code being ransomed, and Riot Games won’t pay

Stolen League of Legends source code being ransomed, and Riot Games won’t pay

Enlarge / The theft of Riot Games source code for League of Legends, TeamFight Tactics and an anti-cheat platform could have implications for future cheats and exploits.

Riot Games

Riot Games has confirmed that an attack on its development environment last week included stealing source code for its League of Legends and Teamfight Tactics games, as well as a “legacy anti-cheat platform”. The company has received a ransom demand but says it will not pay.

Release of source code by attackers, whether publicly or through sale, could have implications for cheat software, providing first-hand knowledge of game mechanics rather than relying on reverse engineering. Riot acknowledged that the attack, attributed to “social engineering”, “could cause problems in the future”, but added that it was confident that “no player data or personal player information has been compromised”.

“In truth, any source code exposure may increase the likelihood of new cheats appearing,” Riot posted in a reply tweet. “Since the attack, we have been working to assess its impact on anticheat and to be ready to deploy fixes as quickly as possible if necessary.” Riot added that the code “includes a number of experimental features”, although it is mostly “in prototype and there is no guarantee that it will ever be released”.

Vice’s Motherboard obtained a copy of the ransom email sent to Riot Games. The letter requests $10 million and offers to remove the code from the hackers’ servers and “provide insight into how the breach occurred,” according to Motherboard. The initial email called for a 12-hour deadline, noting that failure to comply “the hack would be made public.”

Source code leaks have become an increasingly common feature of the complex, multi-party nature of modern game development and maintenance. However, their use is much less frequent.


Valve, when faced with the release of source code for Counter-Strike: Global Offensive and Team Fortress 2 in 2020, said it had “found no reason for players to be alarmed”, but only addressed the Counter-Strike code in its statement. TF2 community servers temporarily shut down but reopened when Valve followed up with a similar “no reason” statement.

Source code leaks aren’t new to Valve, but it’s worth noting that TF2 has had longstanding issues with automated “bot” players and cheating. However, these issues existed before the source code leaked. To date, TF2 and Counter-Strike are consistently in the top 10 most played games on Steam, with hundreds of thousands of concurrent players.

CD Projekt Red fell victim to a ransomware attack in early 2021, which apparently exfiltrated the code for Cyberpunk 2077, Gwent, and The Witcher 3, as well as the red engine that underpins them. This code was later auctioned off after the developer and publisher refused to pay a ransom. More than one malware tracking account reported that the auction ended after sellers wrote that they had received an offer “outside the forum”. But Emsisoft threat analyst Brett Callow noted that the mysterious buyer could have been a fake or “just a way for criminals to save face after failing to monetize the attack”.

No particular cheats or exploits have emerged from CD Projekt Red’s source code, though the company largely makes single-player games, with the exception of online deck builder Gwent, which is a fairly minor target for software. malicious.

Most famous among the source code leaks is Axel Gembe’s theft of the source code for Half-Life 2. Gembe posted the code online, Valve head Gabe Newell wrote about it, and the fact that Half- Life 2 was far from ready for release. when it was originally suggested, it was made clear to the world. Gembe contacted Valve and asked for a job, Newell persuaded him to call, the FBI recorded that call, and the rest is history.

We’ve reached out to Riot Games for further comment on the cheating implications of the source code leak and will update this post if we have a response.

Leave a Reply

Your email address will not be published. Required fields are marked *