It’s been a rough week for Riot Games.
The “League of Legends” developer and publisher was hit with a hack Jan. 20, and the company announced Tuesday that its analysts confirmed the hackers stole source code for “League” and “Teamfight Tactics,” a popular chess-like battling game with over 33 million monthly players. In particular, the hackers also gained access to the code for one of its anti-cheat platforms.
Riot noted in a tweet Tuesday that the hack could lead to more cheats. And players are already bracing for an influx of cheaters in their favorite titles. Anti-cheat software is something video game companies invest in because it keeps the games fair, and prevents anyone from gaining an outsized advantage over their competition. Nearly every game built on online competition has it, and most PC games including Riot’s top titles require players to download a specific anti-cheat software before playing.
The concern, apparent in numerous Reddit and Twitter threads about the hack, is that if the code to prevent cheats is out there now, it’ll be easy for some players to exploit it.
In reply to a Reddit comment, a few users listed examples of how players could exploit the games. This included gaining better movement in the game and showing players information about their opponents to give them a competitive advantage.
\u201c@Sgtspacedad76 There are, but Riot's anti-cheat's pretty good enough to detect them, which is why they want to work on updating the anti-cheat because it will actually show vulnerabilities\n\nPlus "suspected" cheaters get grouped with other suspected cheaters in games, along with the fact that\u201d— Ash (@Ash) 1674575381
The redditor also noted the anti-cheat could possibly be exploited to give players infinite gold or items in “Teamfight Tactics,” lending them another unfair advantage.
When asked about these specific vulnerabilities, Riot spokesman Joe Hixson said he was confident Riot could handle the issues, noting, “many of the elements discussed are controlled server-side and wouldn't be something that could be impacted by this [hack].”
That said, in the initial tweet, the company said that “any exposure of source code can increase the likelihood of new cheats emerging.”
On a positive note, one Riot fan on Twitter noted that the hack could help beef up Riot’s security eventually, even if it could lead to more cheating at first. They said, “it's a 2 sided sword, it may mean more cheats but also mean more security due to anonymous people being able to report security bugs which may cause other people to execute remote code (which is bad in any way).”
\u201cSo this is why all the mf cheaters are out in force\u201d— Realm (@Realm) 1674583159
\u201c@Sgtspacedad76 its hard to detect a movement scripter if you dont know how it works, the dead giveaway is the jitter the character model makes while dodging, because the script is overriding the players imput in real time to make him dodge as a priority\u201d— Ash (@Ash) 1674575381
\u201c@Sgtspacedad76 It is, there was something like an autohitting skillshots cheat going around sometime ago, don't know if it's still possible and never found it personally as far as I know but I remember ppl talking about it and showing clips\u201d— Ash (@Ash) 1674575381
Another redditor pointed out that gaming firms like Riot typically keep all info about anti-cheat software under wraps for fear of this very scenario happening, which is why we don’t typically hear a lot about it. “For games specifically, you don't talk about your anticheat because if people learn ANYTHING about it, they can and will use that to make cheats. Anticheat development is a war of attrition that neither side will ever concede,” they said.
Hixson confirmed the anti-cheat platforms were built in-house, meaning Riot has complete control of – and responsibility for – the software and its security.
- Why Riot Games Is Suing a Chinese Mobile Gaming Rival—Again ›
- Don’t Call It a Comeback: Riot Games Names Co-Founder Marc Merrill President of Games ›
- In Gaming's Workplace Reckoning, Riot Takes A Different Approach ›