27 comments

[ 2.6 ms ] story [ 45.7 ms ] thread
It's not random bans, the nicknames are words from longer text. It's lyrics from Shaggy - It wasn't me.
https://x.com/vxunderground/status/2005008887234048091

Here's the word on the internet streets:

- THE FIRST GROUP of individuals exploited a Rainbow 6 Siege service allowing them ban players, modify inventory, etc. These individuals did not touch user data (unsure if they even could). They gifted roughly $339,960,000,000,000 worth of in-game currency to players. Ubisoft will perform a roll back to undo the damages. They're probably annoyed. I cannot go into full details at this time how it was achieved.

- A SECOND GROUP of individuals, unrelated to the FIRST GROUP of individuals, exploited a MongoDB instance from Ubisoft, using MongoBleed, which allowed them (in some capacity) to pivot to an internal Git repository. They exfiltrated a large portion of Ubisoft's internal source code. They assert it is data from the 90's - present, including software development kits, multiplayer services, etc. I have medium to high confidence this true. I've confirmed this with multiple parties.

- A THIRD GROUP of individuals claim to have compromised Ubisoft and exfiltrated user data by exploiting MongoDB via MongoBleed. This group is trying to extort Ubisoft. They have a name for their extortion group and are active on Telegram. However, I have been unable to determine the validity of their claims.

- A FOURTH GROUP of individuals assert the SECOND group of individuals are LYING and state the SECOND GROUP has had access to the Ubisoft internal source code for awhile. However, they state the SECOND GROUP is trying to hide behind the FIRST GROUP to masquerade as them and give them a reason to leak the source code in totality. The FIRST GROUP and FOURTH GROUP is frustrated by this

Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?

The attackers better hope they fully hid their tracks - this is a bold hack, and such an level of overt cybercriminality with financial damages will result in a decade in prison if caught.
It's a shame this game has to pander to eSports fanatics rendering it into a completely hollowed out soulless experience. From the early days of Operation Chimera to selling half of your stake and IPs to Tencent, Ubisoft has seen it all.
> It's a shame this game has to pander to eSports fanatics rendering it into a completely hollowed out soulless experience.

There have been many victims of the eSports neuroticism. League of Legends is probably the most extreme example I can come up with. You will eventually get banned from the game if you choose the "wrong" play style. You don't even have to cheat or play poorly. Overwatch suffered a very similar fate - They removed a player slot to force it to fit the "5 man" meta. In the case of OW, the changes proved so unpopular they had to literally delete the original title from everyone's PC to force use of the only remaining option.

A 9 year old random FPS game.

WTF happened to non-shooter games? I am so bored of these FPS variations.

I wonder if they could push out an update. That would be super scary.
That depends, they might just fix some bugs and call it a day. There would have to be a trial of the pyx for sure to figure out what got changed and by who.
Hard to have sympathy for Ubisoft the company as they are regularly used as an example of the most anti-consumer practices out there. But the whole situation is a mess, and if anything, it is probably the consumers that will end up suffering the most for this.
This is why security actually matters in game development.
Nice to see anti-cheats working and protecting Linux players from hacks, by preventing them from actually playing the game.
"kernel anti-cheat" is actually a re-branding of "anti-(non steamdeck)-linux" software, probably to please msft (since sole beneficiary). We all know they are inefficient and weaponized by hackers.

You know on linux there is a feature for a process to snoop into another process, that for the same user (non root), can be use for anti-tampering: with a proper "security" team, as all live-service games should have, you can give hell to hackers without a kernel module...

Games using Easy AntiCheat can opt in to Linux support. Arc Raiders runs on Linux (but not in VMs) whereas Fortnite does not, because Epic has chosen not to support Linux. Ironic given Tim Sweeney's supposed anti-monopoly stance.
This hack has nothing to do with client cheats.
These changes are occurring in a server backend database. They’re not client side cheats.

The people receiving the credits aren’t even the ones initiating the changes.

Also many anti-cheat packages do have Linux versions. The primary reason you’re not getting ports for Linux is because companies don’t want to do the port and support all versions of Linux clients they would encounter in the very tiny number of additional installs.

This is the nightmare scenario for live-service games: once the integrity of progression and bans is compromised, trust evaporates fast. Rolling back “billions of credits” is easy compared to undoing random bans.
Ubislop, Ubislop never changes. Never trust a Ubislop
"That wording has been met with heavy backlash from players, many of whom believe Ubisoft is attempting to downplay the severity of the situation."

Come on it is just a game (◔_◔)

My heart goes out to the devs forced to return to work to solve these issues. Numerous groups claiming numerous exploits - mostly MongoBleed.

One has to wonder: why didn't anyone anticipate this happening? Surely the moment this exploit was discovered the team would've locked it down immediately?

poured way too many hours into this game long back before it became too painful to play. this almost made me go back and check on the madness but unfortunately the servers are taken offline.

while i don't agree with how devs and the publisher works on community feedback, it is still miles better than what EA does. not that it is a high bar to clear.

I remember when gta5 was getting hacked left and right when it was released. People would just hand you millions in in game currency and you’d get to unlock all the hypercars and military vehicles. Really made the game fun removing the grind and pay to win and allowing everyone to do anything. And it gave people a chance if someone was dominating a lobby with something broken or overpowered to actually fight back fire with fire.