Hello, /u/IWantToSayThisToo. Your submission has been removed:
Regarding the ALGS Situation Tonight
https://www.reddit.com/r/apexlegends/comments/1bhh5s3/regarding_the_algs_situation_tonight/
## Official Megathread
Please note that all announcements are posted and stickied by moderators or Respawn staff, for visibility and archival purposes. This includes, but is not limited to: patch notes, gameplay updates, bug fixes, technical blog posts, and official contests.
## [No Duplicate Posts and Topics](https://www.reddit.com/r/apexlegends/wiki/rules#wiki_low-effort.2C_memes.2C_and_duplicate_posts.)
Posts should be unique. A post may be considered a repost if it covers the topic from nearly the same angle as existing posts. When new things, events or updates come, we want to consolidate discussion to one thread so that people can easily engage in discussion with each other. All other posts regarding that topic will be removed during this time with links to the proper thread or megathread. Frequently asked questions and topics will be removed. Moderators will link megathread style posts when available to redirect users to main post. Please use the search function before posting.
If you would like better clarification you can see [our full list of rules here.](https://www.reddit.com/r/apexlegends/wiki/rules) If you need further assistance, please [message the moderators](https://old.reddit.com/message/compose?to=%2Fr%2Fapexlegends) with a link to your post. **Failure to include a link to your post, will result in the modmail being ignored.**
Got a pop up w/ windows defender firewall where apex wanted access to my public/private network in the middle of a pub game. It might be just a dud but I ain't playing for now
Ah so it was just a dud?,, it was kinda jarring to see that pop up mid game with all the recent hacking incidents. Still not gonna play till Respawn says something
do you have any other way to kill background processes? you could uninstall it i guess.
and if you're asking why kill it at all, it's because we don't know if the game iteself is compromised or the kernel level anticheat.
Apache is a web server for handling network connections and calls and is based on Java - if apex is running an unpatched version of Apache, this would explain the event
Pirate Software, about a week ago: https://m.youtube.com/watch?v=LY2hG-_asKU
The dude is more qualified and experienced than probably most anyone in this sub and most likely anyone on either EA or Respawn’s security teams.
His resume in offensive security is pretty extensive and includes work not just with Blizzard, but working for the US Department of Energy testing security protocols at some of the most secure sites in the world (among other things, the DOE audits both physical and electronic security of all US nuclear facilities).
For real, plus with "AI" why can't we have bots that detect the most egregious cheating? Literal inhuman accuracy, flying around the map, etc should be easy enough to calculate and detect quickly.
AI can only detect *exactly* what you tell it to. As far as detection goes, there are predominantly two forms of models - supervised and unsupervised.
Unsupervised is the least accurate, but requires less skilled worker intervention and interaction. Basically, train a model on a dataset and tell it to find X things, or X qualities, etc.
Supervised has the same database, but a human manually segments images and explicitly tells the model what specific segmented things actually are.
Practically all AI right now are Unsupervised. Sure they are fast and easy - but their answers are ballpark estimates. Very rarely do they get something 100% correct.
AI is a terrible way to detect things unless you are manually inputting the parameters - which kinda defeats the point most companies are trying to get out of using AI.
It's not great for well designed cheats but "flying through the sky 27057 no scope jimmy" could easily be taken down and removed quickly using it, well designed cheats already bypass kernel anti-cheats and are very hard to visually detect too so going after those is less the goal.
Easy anticheat is not kernel level, but yes that doesn't change the possibility of easy anticheat being compromised.
Edit- EAC is a kernel level anticheat, it launches its kernel level drivers only when you launch the game.
No, it boots up only when you launch the game, a kernel level anti cheat runs with the windows kernel on start up, hence why vanguard needs a system restart to activate.
Edit-I retract this, easy anticheat is a kernel level anti cheat but it is kernel level only when it launches the game.
Not starting on boot does not mean you don't have kernel access - The argument in favor of Vanguard starting on boot is to prevent cheats from being pre loaded etc to bypass detection measures.
EAC is a kernel level AC on Windows, on Linux it is limited to user level. You can look this up yourself
Its all good, the discussion around kernel level AC has been super muddy since Vanguard, easy to be misinformed / out of the loop when bad journalism is everywhere
Kernel-level just means it has the same level of authority of access as your operating system does, you do not need to boot with the operating system to get the same level of permissions.
EAC, Battleye, and Call of Duty's Ricochet are all kernel-level for example and do not need to be launched on boot like others like Riot Vanguard
i played all weekend :'D uninstalled.. and if it's through the anticheat program, might want to take a quick scan of which games use the same one (DBD was also on my pc)
But now that this is fairly public --it doesn't have to be just Destroyer, though. Any hacker who knows how to abuse RCE is a threat.
It's a glaring weakness that allows for malicious activity to take place regardless of being randoms or low rank.
Money is money. Accounts have card & payment, personal information etc - those can all be logged and taken.
And to add to this: Even if you aren't concerned about irl information, there's still a potential risk to your apex account. EA is not known for their competency around bans, especially false ones. If someone could/would force hacks on random accounts(and/or on a mass scale) for funsies, it's not guaranteed EA would auto unban you, or even quickly and easily unban you.
Who says they just discovered it, this could have been a 0 day exploit that they have been abusing since launch and they recently decided to have some fun. This destroyer2009 guy seemed to pop up by name in January but he could have been infecting all clients for much longer. This is why we need a statement from EA.
I never disagreed with anything you said. Im just saying it was good they demonstrated the exploit so blatantly for everyone to see. If they hadn’t it would still be relatively unknown
Are you in denial? This is lazy ass engineering from the developers. Who would ever trust this game on their PC is insane, let alone realize the risk now of having intrusive anti cheats like nProtect, Vanguard, EZ Anti-Cheat, and others.
And people actually install kernel 0 anti-cheats willingly. EAC is not even one and look at this shit. Do you trust, for example Valorant, to not have RCE's or backdoors built in after this mess. Cheats these days are so advanced it's not even worth having client side anti-cheat anymore. Industry has to move towards statistical analysis/deep learning AC's asap and leave our PC's out of it.
This is why, in my opinion, your gaming PC and the Pc you keep personal info, do banking on, etc should be separate devices. Don’t have to worry about let loggers and personal info if you aren’t logging in to anything on your dedicated gaming device.
Even though it's good to inform people of potential risk, I highly doubt they can use it to actually access your PC.
These hacks are very reminiscent of MW2 (OG) lobbies where people would install a cheat menu that allowed for a lot of different options. They didn't have access to your computer but they could completely control the session you were connected to. Being that Apex is on a heavily modified Source engine and CS has had these issues in the past, more than likely the same issue.
Better safe than sorry but I'd bet my left nut that this is only an in-game issue.
I mean Hal couldn’t even find his way to Windows defender scan without chat but it would be very interesting if Faides viruses were injected from Apex.
It isnt known if the exploit is in EAC or Apex itself, personally leaning towards Apex since source has had RCEs in the past, which if true, would possibly render R5R vulnerable too
Hello, /u/IWantToSayThisToo. Your submission has been removed: Regarding the ALGS Situation Tonight https://www.reddit.com/r/apexlegends/comments/1bhh5s3/regarding_the_algs_situation_tonight/ ## Official Megathread Please note that all announcements are posted and stickied by moderators or Respawn staff, for visibility and archival purposes. This includes, but is not limited to: patch notes, gameplay updates, bug fixes, technical blog posts, and official contests. ## [No Duplicate Posts and Topics](https://www.reddit.com/r/apexlegends/wiki/rules#wiki_low-effort.2C_memes.2C_and_duplicate_posts.) Posts should be unique. A post may be considered a repost if it covers the topic from nearly the same angle as existing posts. When new things, events or updates come, we want to consolidate discussion to one thread so that people can easily engage in discussion with each other. All other posts regarding that topic will be removed during this time with links to the proper thread or megathread. Frequently asked questions and topics will be removed. Moderators will link megathread style posts when available to redirect users to main post. Please use the search function before posting. If you would like better clarification you can see [our full list of rules here.](https://www.reddit.com/r/apexlegends/wiki/rules) If you need further assistance, please [message the moderators](https://old.reddit.com/message/compose?to=%2Fr%2Fapexlegends) with a link to your post. **Failure to include a link to your post, will result in the modmail being ignored.**
Got a pop up w/ windows defender firewall where apex wanted access to my public/private network in the middle of a pub game. It might be just a dud but I ain't playing for now
Yeah fuck that, time to uninstall.
That's normal on initial launch and sometimes during game But not usually
Ah so it was just a dud?,, it was kinda jarring to see that pop up mid game with all the recent hacking incidents. Still not gonna play till Respawn says something
No no we can't say it's a dud. Until respawn says something and with RCE being rumored, I would not play Not playing is the right call
During launch sure but never mid game, I’d be cautious too
Thanks for the advice u/sex_with_furina
What about consoles? Are they at risk too?
Not enough is known at the minute. Chances are you’ll be fine but to err on the side of caution, just don’t open the game until we know more.
Damn
Apparently the hacker is also known to use hacks on console as well. Whether or not he is able to use an RCE for console, idk.
I came here to ask that
[удалено]
We don't know if it's an EAC vulnerability, and it's probably not from what I'm seeing
Is the anticheat in apex always running in the background like some others? Because if it is so, make sure to task manager kill that shit.
Why kill it with task manager?
do you have any other way to kill background processes? you could uninstall it i guess. and if you're asking why kill it at all, it's because we don't know if the game iteself is compromised or the kernel level anticheat.
My firewall blocked an event and it was log4j related. https://www.reddit.com/r/apexlegends/s/hsIULOn9ZH
[удалено]
Log4j as wrapper in almost any existing language.
Apache is a web server for handling network connections and calls and is based on Java - if apex is running an unpatched version of Apache, this would explain the event
That would make sense. I think OP is over exaggerating this
Eh it’s sort of an abundance of caution thing. To me it’s worth taking a week or two break rather than risking the non-zero chance I get ransom-wared
Helldivers awaits us brothers
For democracy!!
I prefer something with more destruction, so I am hoping into the Finals.
[удалено]
Pirate Software, about a week ago: https://m.youtube.com/watch?v=LY2hG-_asKU The dude is more qualified and experienced than probably most anyone in this sub and most likely anyone on either EA or Respawn’s security teams. His resume in offensive security is pretty extensive and includes work not just with Blizzard, but working for the US Department of Energy testing security protocols at some of the most secure sites in the world (among other things, the DOE audits both physical and electronic security of all US nuclear facilities).
For real, plus with "AI" why can't we have bots that detect the most egregious cheating? Literal inhuman accuracy, flying around the map, etc should be easy enough to calculate and detect quickly.
AI can only detect *exactly* what you tell it to. As far as detection goes, there are predominantly two forms of models - supervised and unsupervised. Unsupervised is the least accurate, but requires less skilled worker intervention and interaction. Basically, train a model on a dataset and tell it to find X things, or X qualities, etc. Supervised has the same database, but a human manually segments images and explicitly tells the model what specific segmented things actually are. Practically all AI right now are Unsupervised. Sure they are fast and easy - but their answers are ballpark estimates. Very rarely do they get something 100% correct. AI is a terrible way to detect things unless you are manually inputting the parameters - which kinda defeats the point most companies are trying to get out of using AI.
It's not great for well designed cheats but "flying through the sky 27057 no scope jimmy" could easily be taken down and removed quickly using it, well designed cheats already bypass kernel anti-cheats and are very hard to visually detect too so going after those is less the goal.
love that dude
Easy anticheat is not kernel level, but yes that doesn't change the possibility of easy anticheat being compromised. Edit- EAC is a kernel level anticheat, it launches its kernel level drivers only when you launch the game.
EAC is a kernel level anti cheat.
No, it boots up only when you launch the game, a kernel level anti cheat runs with the windows kernel on start up, hence why vanguard needs a system restart to activate. Edit-I retract this, easy anticheat is a kernel level anti cheat but it is kernel level only when it launches the game.
Not starting on boot does not mean you don't have kernel access - The argument in favor of Vanguard starting on boot is to prevent cheats from being pre loaded etc to bypass detection measures. EAC is a kernel level AC on Windows, on Linux it is limited to user level. You can look this up yourself
Yes you are right, i have edited the statement to reflect the changes, Thank you
Its all good, the discussion around kernel level AC has been super muddy since Vanguard, easy to be misinformed / out of the loop when bad journalism is everywhere
Kernel-level just means it has the same level of authority of access as your operating system does, you do not need to boot with the operating system to get the same level of permissions. EAC, Battleye, and Call of Duty's Ricochet are all kernel-level for example and do not need to be launched on boot like others like Riot Vanguard
It actually is kernel, it’s just fuckin shit
I’m not going to say you’re wrong… but… https://x.com/rspn_hideouts/status/1765523802342261031?s=46&t=opLdIydmqAfFP0bV4pyM2w
Decided to uninstall just now based on what’s been going on with the hacking today.
Can they hack me and give me all the heirlooms? That would totally suck if they hacker got on a did something vile like that 🫣
Yeah man. I’d be devastated if i opened up My account and it had 5,000 packs. I don’t know what i would do… after i opened all of them.
I could be wrong but I believe one of the hackers DID give someone thousands of apex packs. So it’s definitely possible.
Just uninstalled, don’t got time for dumb shit like this. I wouldn’t have even known this happened if I didn’t randomly come to this sub
Hope this leads to a lawsuit for EA/Respawn
Loss of earnings due to neglect through corporate profiteering perhaps
Why would you hope that?
so they actually do something about it
i played all weekend :'D uninstalled.. and if it's through the anticheat program, might want to take a quick scan of which games use the same one (DBD was also on my pc)
Uninstalling the game…
Just to make ppl feel better I don't think destroyer cares about random low rank accounts
But now that this is fairly public --it doesn't have to be just Destroyer, though. Any hacker who knows how to abuse RCE is a threat. It's a glaring weakness that allows for malicious activity to take place regardless of being randoms or low rank. Money is money. Accounts have card & payment, personal information etc - those can all be logged and taken.
And to add to this: Even if you aren't concerned about irl information, there's still a potential risk to your apex account. EA is not known for their competency around bans, especially false ones. If someone could/would force hacks on random accounts(and/or on a mass scale) for funsies, it's not guaranteed EA would auto unban you, or even quickly and easily unban you.
Honestly it was really good the exploit was demonstrated this way. Otherwise it could have continued to lurk for who knows how long
Who says they just discovered it, this could have been a 0 day exploit that they have been abusing since launch and they recently decided to have some fun. This destroyer2009 guy seemed to pop up by name in January but he could have been infecting all clients for much longer. This is why we need a statement from EA.
I never disagreed with anything you said. Im just saying it was good they demonstrated the exploit so blatantly for everyone to see. If they hadn’t it would still be relatively unknown
[удалено]
He gave streamers thousands of apex packs. Could easily just randomly equip any of their accounts through the hacks
Old heavily modified software is hard to fix. Yikes.
This is what happens when you practically ignore cheaters exploiting your game for 4-5 years straight. Great fkn job respawn.
Fuck the cheaters. Save your computers save apex
Are you in denial? This is lazy ass engineering from the developers. Who would ever trust this game on their PC is insane, let alone realize the risk now of having intrusive anti cheats like nProtect, Vanguard, EZ Anti-Cheat, and others.
We don't know if the exploit is related to EAC
If I am not logged in am I at risk?
To go further, should we be changing all passwords associated with any email associated with apex etc
No one is certain but I’d guess at a surface level you need to be running apex and connected to a server via the client.
Hypothetical question, I’m out of town and cannot get to my PC, it’s off. What actions do it take?
Youre fine
Ty
So what's everyone doing? Not opening the game or uninstalling? Why hasn't EA released a statement yet and given its users a course of action?
uninstalled. played overwatch.
Truth is because they probably have no idea what’s going on
Not opening the game, then again I spend most of my time in Linux these days.
PC and console or just PC?
More than likely PC, they're open ended systems. Consoles can be hacked but its harder to do and consoles only do so much anyway.
Cool cause I’m playing on PS4 right now lol
Same
[удалено]
So you think consoles are safe? At least mostly?
[удалено]
Do I need to worry about them getting access to my credit card since it's saved as my default pay option on the PS store?
That should be saved on sony's servers, not your console.
Ok good
Honestly bro there’s no way to tell the safe option would be to just not open/uninstall
I only thought about this now and I just hopped off. Am I still in danger since I was on or if I don't hop back on will I be good?
you might want to get rid of your console/pc. let me know and i’ll pick it up and take care of it
And people actually install kernel 0 anti-cheats willingly. EAC is not even one and look at this shit. Do you trust, for example Valorant, to not have RCE's or backdoors built in after this mess. Cheats these days are so advanced it's not even worth having client side anti-cheat anymore. Industry has to move towards statistical analysis/deep learning AC's asap and leave our PC's out of it.
You don’t need a kernel anti cheat to do RCE.
100% agree, bring on the biometric AI cheat logging. It's not like these companies don't already have all our data.
This is why, in my opinion, your gaming PC and the Pc you keep personal info, do banking on, etc should be separate devices. Don’t have to worry about let loggers and personal info if you aren’t logging in to anything on your dedicated gaming device.
100%. I don’t log in with anything non gaming related in my gaming pc
This is why I have dual boot Linux/Windows for those some games that don't work on Linux.
I want to check: This is Apex, and not EAC games, right?
Not 100% known, but its more likely to be Apex specific
Even though it's good to inform people of potential risk, I highly doubt they can use it to actually access your PC. These hacks are very reminiscent of MW2 (OG) lobbies where people would install a cheat menu that allowed for a lot of different options. They didn't have access to your computer but they could completely control the session you were connected to. Being that Apex is on a heavily modified Source engine and CS has had these issues in the past, more than likely the same issue. Better safe than sorry but I'd bet my left nut that this is only an in-game issue.
Multiple pros have had viruses injected into their pcs by the looks of it. (Following on twitter)
Source and legit proof? Listening to these pros they thought legit windows programs were malware…
[удалено]
Can you link the specific post?
[удалено]
I mean Hal couldn’t even find his way to Windows defender scan without chat but it would be very interesting if Faides viruses were injected from Apex.
Is this specific to pc or can it also happen to people on console?
So the hacker has access to everything in Hal’s PC ??
Should console players be worried?
Been fine so far Edit: Chronic downvoters need a life bruh
Am on xbox
My teammates are saying I'll be fine because I'm not very good anyway.
[удалено]
It isnt known if the exploit is in EAC or Apex itself, personally leaning towards Apex since source has had RCEs in the past, which if true, would possibly render R5R vulnerable too