PvP.net hacked; League of Legends Unsafe
At this time I am reporting that League of Legends’ PvP.net client was hacked.
Although some believe it to be a simple DDoS attack (crashing the servers), many players have experienced spam messages from the culprits within the game client.
As I report this, the PvP.net chat system has been brought down. Riot has yet to comment whether they are even responsible for its downtime, but one would guess it to be the case since messages included links which directed to various unsafe websites.
Some speculate that this is another lulzsec hacking, while others point out the mention of ‘NoS’ (a brazilian hacking group, if I remember right) in the spam messages. In my opinion, it is probably some random messing around while hacking is ‘the in thing to do’. Hell, it might even be a script-kiddy (or ‘skiddy’, a pseudo-hacker who uses tools and programs a real hacker created to mimic them); there’s a fair amount of resources floating around on the internet right now.
Many of Riot Games’ clients are worried and paranoid thanks to several of the messages mentioning (in an almost cryptic fashion) that an excess of people have been exposed to keyloggers.
One of the more interesting side-effects can be found on the League of Legends 5×5 rankings page. I do not recommend going to Riot’s website for the time being, but I did so myself out of suspicion and grabbed you all a screenshot of my discovery:
Oh aren't you just the special children!
It wasn’t hard to guess that they would hit the site rankings after considering past hacks against gaming websites. Hopefully very few others thought to check this page and, again, hopefully it’s clean.
Luckily this is occurring on the afternoon of the 4th of July for American clients, so at least they are guaranteed to have a better use for their time.
I will edit this article as/if the story develops, but for the time being I recommend that all League of Legends gamers avoid the Riot Games website and game client for at least a few hours.
Update 1: It seems that Riot was responsible for bringing down PvP.net.
“Summoners! We’ve had to temporarily disable our chat system due to technical difficulties. This means you can currently not see the online status of your friends, talk to them, or queue up with them. We realize how disruptive this is and we do apologize. We’ll have the chat system back up as soon as possible.” ZenonTheStoic
It’s difficult to manoeuvre around the Riot Games’ site at the moment. This announcement wasn’t even linked in the forums or on the main page, I had to stumble across it. Either the site has been hit decently or their offices are in a bit of disarray.
Update 2: Somebody using the handle ‘Neonir’, seemingly stolen from an already existing member of the League of Legends community, has claimed a level of responsibility for the hacking.
Attempts have been made by this person to market the tools used, but capable individuals have pointed out that the program was probably created by somebody else. It’s currently assumed that the individual is using a RAT (Remote Administration Tool) and is using keyloggers to grant himself access to victims’ computers.
Update 3: A posting by Pendragon
“Summoners!
As you are aware we recently had issues with our chat services. Rest assured that we have no reason to believe any billing information has been compromised. Any impacted accounts will be fully restored.
Please always exercise caution when visiting any third party websites.
We will keep you updated with additional information as it becomes available” -Pendragon
Final Word: If you didn’t access any websites linked to you through either PvP.net or the Riot Games website, you should be fine. If you are suspicious, run a scan using an anti-malware program to hunt down any threats.
There are 3 programs which I recommend: Malwarebytes, Spybot Search & Destroy and AVG AntiVirus. One of any of those 3 should do the job, though I encourage you to use anti-virus software at all times. If they come up clean and you are completely convinced that you have been hacked, turn off your internet connection and wait out a few days to discourage RAT access, update your scanners’ definitions and scan again.
