Some further details from an article released after this video was uploaded (I also joined PirateSoftware's stream to discuss this, VOD available soon): techcrunch.com/2024/03/20/apex-legends-hacker-said-he-hacked-tournament-games-for-fun/ - Destroyer2009 claiming responsibility for the incident - Not sharing further details on "how" until everything is patched - Claimed they did it just for the lolz, but has nothing to do with the server and did not go outside the Apex process - Didn't do vulnerability disclosure process because there is no bug bounty/vulnerability disclosure program 🤪

@Jango1989

2 ай бұрын

"no bug bounty so I brought down the whole tournament" definitely a logical progression.🤦

@ollie_cs

2 ай бұрын

I still think there's a good possibility the first incident with the actual menu popping up on the guys stream was just an accident in which he pressed a button to toggle "Streamer mode," a feature in most cheats which changes how ESP and the cheat hud is drawn over the game so that it is invisible to OBS. Nobody I've watched has made note that in the top left, you can clearly see it says Streamer Mode disabled. For this reason I suspect the first guy to be cheating and he was able to use the scare of an RCE as a scapegoat to look innocent. While Destroyer2009 has commented in this article, there's no saying he isn't lying when he previously has made big claims on what he can modify in the Apex servers (ability to ban/unban any player at will, for instance) without showing any proof and without using these exploits. I still consider the possibility that the person who spoke in this article may not even be the real Destroyer2009, or he may be taking responsibility for something that wasn't necessarily his doing (I do believe he did create the TSM Halal Hook but I don't know if he was able to simply inject such a complicated menu into the game's process through game code, or if he had compromised the machines at an earlier time. )

@chris8206

2 ай бұрын

Thanks

@borgheses

2 ай бұрын

he must be in another country without extridition.

@borgheses

2 ай бұрын

tsm_halal_hook was TSM's custom cheats. he just exposed TSM for cheating.

Damn you know it’s real when John Hammond gets involved in this

@mohta.

2 ай бұрын

ikr

I agree with John H. opinion and Thor's. I can't wait to see the security report for this incident.

@abhishekajit1611

2 ай бұрын

bro where can you read security reports of this or other incidents?

@outlawnation5160

2 ай бұрын

@@abhishekajit1611it’s up the apex legends company to disclose it or not (if they even find out how it works). Otherwise, we rely on security researchers finding and showing the exploit or the hacker disclosing it

@FarewellOrwell

Ай бұрын

They both were wrong

@outlawnation5160

Ай бұрын

@@FarewellOrwell why?

Really enjoy these kind of videos where gaming and cybersecurity collide. Would love to see more of these videos breaking down things like game hacks 🔥

Seeing you and Thor aka Pirate Software talk about this as an apex fan that was watching this tournament live is great to see

Thank you for all your insigbt into the field. Yourr professional experience and field impressions are always greatly appreciated, Sir. I clicked immediately! Great and much needed to know info! I like the format and pacing 👍🏽 keep fighting the good fight

Something similar happened in Battlefield and Call of Duty (when it wasn't owned by Blizzard). Hackers were messing with OFFICIAL servers where players were joining from legal client. They could do literally everything for example "turn off gravity in entire lobby", "level up all players and weapons to max level", "unlock literally everything possible in the game for everyone in the lobby", "make ammo unlimited" etc and everyone who even accidently joined this lobby (you can't pick lobby yourself in CoD, game do it for you) was getting banned at later time (I was one of them, I still have VAC ban on steam because of this).

@Noctuu

2 ай бұрын

Not making accusations or anything but its weird cuz cod and bf’s anticheat is not Valve ac and only accounts flagged by valve ac get the vac ban flagging their steam profile

@cargojacker

2 ай бұрын

Prior to Ricochet , call of duty was using Valve from what i gather.

@product_of_august

2 ай бұрын

Was that during MW2 days because that happend to me on PS3 in 2011

@NetworkEscape

2 ай бұрын

@@product_of_august Yes, it was exactly on MW2, like 10+ years ago

@cargojacker

2 ай бұрын

Ricochet ac became a thing in around 2019 ..

Made some excellent points, Waiting to see how this all plays out. Kinda excited to hear more…from all vendors and analysts

A while back Secret Club claimed that one of their members discovered an RCE affecting ALL Source Engine games triggered by invites which they disclosed to Valve a few years back, but have been prevented from releasing a write-up on it as it is still yet to be patched. There also exists a video demo of the exploit in action, but no detailed information besides.

I'll be damned, nice collab with Pirate Software IMMEDIATELY after this upload! 😂

Well, Source based games that Respawn have developed in the past haven't been really well known for their security in the back end. Like it drove a few players to develop their own fully disconnected from Respawn multiplayer instance for Titanfall 2, where each induvidual could host their own servers because there was supposedly some vulnerability in the back end that dealt with the hosting of official servers. Sure they came along and fixed it but that took them over a year and probably the help of some graduate that asked to do it as a passion project on the side of other work. Hopefully the issue is discovered and the information can be dispersed out into the wider gaming community in the coming days or weeks.

@nordgaren2358

2 ай бұрын

Idk if this was because of the source engine. This situation sounds like it is unrelated to the Titanfall problems.

@kopuz.co.uk.

2 ай бұрын

@@nordgaren2358Apex is pretty much titanfall2 br, same engine/devs

@ETHANR26

2 ай бұрын

@@nordgaren2358 other commenters remember destroy2009 being popular in titanf2 hacking

@ETHANR26

2 ай бұрын

other commenters remember the 2009 guy being involved in tf2 hacking

@rorsie

2 ай бұрын

@@nordgaren2358 its a heavily modified version of the source engine, so I wouldnt chalk it up to just a "source engine" problem either

1:50 how can you NOT link to this moment in descriptions... I never ever seen you this perplexed!!!

I really like you theory on a vulnerability in the game API. It seems very realistic that the hacker found a way to manipulate api requests and control the server; just by joining the game and modifying their client's requests.

I would love to see a John Hammond and Thor colab video!

What keyboard are you using looks amazing

btw, Thor figured out that the IP is just from a scanner, but he is a bit concerned that it could actually reach their computer, since it shouldn't be able to do that by default, so maybe some messed up port forwarding, or maybe some remnants the hacker didn't clean up.

Half-expecting this to become a more common occurrence. Once something like this happens once, in this day and age, you can expect it to happen over and over again, especially on older games.

I hope to see a discussion between Piratesoftware and John on this subject among others that'd be amazing!!

You know the thing is getting real when Mr. Hammond speaks about it ❤ You, Thor, David Bombal and NetworkChuck should do a podcast about this one 😉 When this whole thing began to go viral most of the people started to abuse the word " RCE ", which kinda makes no sense since we have no official or correct info regarding to what kind of attack was it. Since the game engine is being an old one and being heavily patched; there might be a exploit with the client ( not offensively to EA..yk ). And when I saw the threat actor who claims to be " Destroyer2009 ", procceds to create a whole bot lobby using somewhat method ( I'm not a developer so I don't know about server or client side process that was behind this ) which began to follow a squad of 3 players ( ImperialHal and two more ) and in the end getting them eliminated, I thought " man, this guy got some real sh*t " 😅 So this seems this dude somehow has the ability to perform " Server-sided-actions " Assuming the server doesn't accept every command that the client sends, there'e been a server side error behind above action. And of course as Thor found out in Hal's PC, if there was access to the pc, this pc is most likely to be compromised using a server sided data strem ( like a reverse shell thing ) since this dude has no direct access to Hal's pc. There are lot of problems going around so as Thor and You said, we have to know more before concluding any statements. " The more you know, the better you become 😊 "

Wow you have gotten 300,000 views in a few months, awesome :)

As a crossover between gaming, coding and cyber security, I'd like to put a game called "BitBurner" on your radar. I'd be super interested in hearing your opinion on it as a way to learn the basics of coding and security.

Pirate Software actually went through some steps in a live stream yesterday showing exactly what you're taking about here, Mr. Hammond.

@szahw

2 ай бұрын

Is there is a video for that?

@Rogueferula

2 ай бұрын

@szahw If you go to pirate software's channel and check towards the end of yesterday's live stream you'll find it fairly easily

@Rogueferula

2 ай бұрын

@@szahw also thor and John hammond are live together on his channel right now

@lordfrz9339

2 ай бұрын

@@Rogueferula really? Gotta go watch that VOD

Those are the built in cheats shipped with the game. The interface is enabled if you sign contact with EA.

Nice video but I'm a little bit confused; you mention this could be directX hooking/hijacking and then say that's not code execution? To me, the fact that you're creating your own directX object from within the game process means you're running your own code. There's nothing preventing you from popping calc.exe instead of an in game window at this point. Am I missing something?

@user-mj8bg3fw8w

2 ай бұрын

Yes, you missed the very obvious fact that this guy records himself saying for 15 minutes "I don't know. We can't be sure. This article says there is nothing known." and he even doesn't know if it was a vulnerability or an exploit which means he has absolutely no real knowledge in this field if he can't tell the difference between those two. My guess is he thinks games are build like chromium where every thread is isolated in a sandbox with secured channels communicating outside lol

@hnielsen123

2 ай бұрын

@@user-mj8bg3fw8w "He doesn't even know if it was a vulnerability or an exploit which means he has no knowledge in this field if he can't tell the difference between those two" Lmao what are you talking about? First of all he never said that. Second of all, those two words are essentially interchangeable. They're two ways to say the same thing. A vulnerability is something that can be exploited. An exploit requires a vulnerability. The distinction you're alluding to doesn't exist.

@user-mj8bg3fw8w

2 ай бұрын

@@hnielsen123 Thats 100% the correct explanation. Now listen at 0:38 "There is a growing concern that there is an exploit or vulnerability" so we both now without an vulnerability there can't be an exploit and there can't be an exploit without an vulnerability. so why does he separate them?

@hnielsen123

2 ай бұрын

@@user-mj8bg3fw8w dude come on. It's a figure of speech. The same way someone might say "I'm trying to find a fix or a solution to this problem". Sometimes people say something in two different ways for emphasis. You're reading way too much into it. Serious question, do you know anything about john hammond? Or did this video just show up on your feed and this is the first time you've ever heard of him?

I wonder if their systems had something in particular. How come it didn't happen more?

keep us updated brother !

Email security add . . . That's a new one 😂

I remember that name destroyer... i got hacked by one with that name in Diablo 2 back when I as riding the top of the ladder in 2008-2010. I wonder if they are the same destroyer

I just want to know what shirt that is and where to get one

Wasnt that destory guy a well known titan 2 hacker? I swear he was doing this same shit there as well...

Something to note, the cheat gui looking like it’s part of the game actually makes it more likely there either an rce or someone put a backdoor on their system, often for internal cheats (cheats that involve force loading a DLL into the process which either contains the cheat code or communicates with a corresponding driver to run the cheats) often will use whatever drawing apis are already used by the target, making it very common for the gui to be ingrained in the game (and makes it easier for the gui to have similar visuals to the game)

@linear_pub

2 ай бұрын

It's a menu drawn with a Nuklear, and yes is given through RCE, but the cheat that has it is ONLY a developer/private build, and this isn't made public at this point.

@ToniMorton

2 ай бұрын

@@linear_pubit has to be a bug in the anticheat client unless they found some way to inject code into the process remotely either directly targeting your client with traffic or sending data to the server that somehow executes code on the client id say anticheat. because it would likely already have network capacity for downloading uploading files and has the privs to do anything on the system. its basically a free rootkit.

@nordgaren2358

2 ай бұрын

Idk how any of that points to it being an RCE. The cheat menu has nothing to do with the attack vector.

@nordgaren2358

2 ай бұрын

This is a kernel level anticheat. That would be a payday for the hacker who finds that vulnerability. Not likely. The hacker who is claiming responsibility said that it was a bug in the game, but that doesn't mean RCE. If it was just some trickery with the scripting engine turning on QA features and displaying a "fake cheat menu.png", that is not an RCE. They are limited to what the scripting engine can do, so, at that point it becomes a question on if you can escalate to arbitrary code execution from there.

@ToniMorton

2 ай бұрын

@@nordgaren2358 not impossible at all. ACs are sloppy sometimes due to corporate issues. not to mention this isnt an image. its fully functional and also highlighted other players with ESP

Thanks John for the information. It's possible to test the Apex video-game client in services like "Triage" and "App Any Run" ? Thanks!

@linear_pub

2 ай бұрын

Not sure that would be possible, seeing as there are time limits on AnyRun so you wouldn't be able to even get a copy of the game before the times up. On top of that, if you did manage to, you'd have to run around lobbies waiting for this to happen to you, and that's unlikely seeing as this is a feature used by 1 provider in a private build, not on a public provider.

maybe a tor collab that tor customises the browser with common stuff that you use

Looks like I've been living under a rock

@balsalmalberto8086

2 ай бұрын

Or only playing single player games

@ldandco

2 ай бұрын

@@balsalmalberto8086 Or no game at all lols

Primeagen + Thor + John i sense a great crossover incoming

@apIthletIcc

2 ай бұрын

The Leaugue Of Intelligent Hackermen

@apIthletIcc

2 ай бұрын

I need this in my life 😂 fr

The more interesting question is how does EAC behave if the game itself is compromised

I remember that once i was playing cod bo2 on ps3 and a hacker just gave everyone at the lobby a cheat menu

Perhaps the two users already had software on their system that would allow said access?

Reminds me of the PS Network vulnerability that was discovered not long ago. No wonder those get the highest bounties (surprised they were actually paid) considering you figure that out, their entire network is toast. Remember when the PS servers went down for a week or so? Fun times.

Could it be a schudled task as the time of tournament was known?!

Is there any published documentation on the alleged Source Engine vulnerability?

I think some kids (from 2009 in name) put malware on the computers before the tournament started

"This whole scene is just to big." You're an expert bro. The meaning is just less than people give it credit for. If you have expert experience in the industry, you're an expert in some way shape and form. My 2 cents: this wouldn't be the dumbest thing a 16 year old ever blew an RCE on. I do have to agree with your assessment in most other respects though. Also... why malwarebytes and no real IR? a pretty halfbaked velociraptor dump would be better. edit: Also games are just programs that are like a fungus with root systems touching tons of things on the internet with capability to send phishing or other malware loaded cheats or a ton of other tricks to get people to do things they shouldn't for threat actors of all kinds. Between tricking people into running stupid mods, to actual in game exploits, it's a massive attack surface and while those attacks aren't likely they can and will happen. Just my 2 cents after a bit more thinking.

What are your thoughts regarding League of Legends and Riot Vanguard being another Kernel-level anti cheat software? From the little research I've done so far, it seems like there's quite a bit of room for security problems. Some other games like Fortnite and Halo: MCC have kernel-level anti cheats, what makes Vanguard different? I'll continue looking into this but what's your take, and what are some resources I could help inform myself and friends. Thanks!

11:06 I am dying to see that collab

As someone who has been in IT and gaming for a lot of years i wont out of hand dismiss the possibility of an RCE, some of the anti cheat software that comes with these games hooks into the system deep enough to be a real concern.. but that said there are only a few big ones out there, and a 0-day RCE in one big enough to be used in a large game like apex would be worth a metric sh*t tonne. to burn it on trolling some streamer on a game even if it was at the professional level, i cant see that happening. The supporting redistributable that was mentioned by your co-worker is also part of a massive number of games, so i would consider that being the 0-day or attack vector unlikely for the same reasons as above. The streamers themselves being infected with a RAT is far more likely, when you take into account that a lot of the more modern RAT's are capable of silently installing and running anything you want, my money would be on this vector not anything to do with the game, it's engine, supporting redistributables or anti-cheat

@nordgaren2358

2 ай бұрын

I think the streamers being infected with a RAT is the likely scenario. If it was an RCE, that would mean that the attacker would have to also patch the anticheat and the game while it is running, and not trigger the anticheat at all. This is quite the tall order. I'm more inclined to think these players installed cheats long ago, and the cheat client installed a RAT. Patching the game while it's already running (but more importantly while the anticheat is running.) is not impossible, but it makes it much harder if your patch wasn't loaded in while the game was being loaded. I patch games while they are running, but if I needed to bypass the anticheat, I would want, and maybe even NEED, to have my patch loaded before anything else. Hell, I might even want to replace the anticheats PE entirely, so that my own code gets ran, and not the actual anticheat.

I believe Imperial Hal has chat disabled. Destroyer2009 purportedly said they "just did it for fun" and wanted EA/Respawn to fix the exploit.

Damn, as a security practitioner and forensic analyst i wish i had a chance to investigate the compromised clients :( My speculation is that they might have been compromised ahead of time via a different vector, and then the attacker used said compromise to showcase their tools capabilities. Yet i'm fairly sceptical that the game client could be abused to achieve RCE. unless that capability is coded in the client itself, but I mean.. come on? really? There's no way someone would code a game client in such a way that a backend service infrastructure could issue the execution of arbitrary code. And exploiting an RCE bug (memory corruption) in the game client by maintaining stability and preventing it from crashing? meh.. I know there are infinitely skilled hackers out there, but this would look REEEEALLY HARD.

@ToniMorton

2 ай бұрын

i dont think they did it directly via the game client. not without exploiting the server in some manner or directly connecting to game clients as a fake server. no i think this is an issue with the anticheat. they typically have self updating capacity and if they could exploit the anticheat client running on the system or exploit the C&C system to push an update into the game (or access the target kernel)

@nordgaren2358

2 ай бұрын

You should look up ds3-nssr-rce. It's a repo on GitHub that is a writeup of the dark souls 3 RCE.

@francescormp3163

2 ай бұрын

@@nordgaren2358I quickly read through that (thanks for the suggestion). It looks like a memory corruption bug, and as far as i can understand, since the execution flow gets redirected to arbitrary code through a rop chain, the game integrity gets compromised and crashes in order to execute the payload. This didn't at all happen in the apex incident, reason why i'm a bit sceptical about that being the attack vector

@nordgaren2358

2 ай бұрын

@@francescormp3163Well, it is an example of back end infrastructure enabling the execution of arbitrary code, is it not? The client had this behavior, but the back end also had the ability to reject these packets. In fact, that was the suggestion to FromSoft, except there were more bugs that needed patching on the client side, so they patched both. The point being that a bug is a bug. RCE in the game client is a possibility. It's just not likely here. But who knows.

@nordgaren2358

2 ай бұрын

@@francescormp3163also the game crashing is a side effect. Doesn't mean that all RCEs will cause a crash. I don't even think the game is guaranteed to crash. There are some RCE vulnerabilities where it's not guaranteed. Like EternalBlue .

Are you saying thats just a theory... a "GAME THEORY" :O

thinking: 1) it's an audition for employment? 2) they had at least some monual process to it and only had the manpower to do the two?

Same take as me, glad I'm not crazy!

John Hammond bro your the best for ever thanks for all videos & information security

There have been bugs in Titanfall 2 (the game the apex engine is based on) that allow anyone to inject scripts in the games scripting language (Squirrel) into other clients connected to the same server. This is a form of RCE but it might not allow Arbitrary Code Execution. Seems likely this is a similar situation given the Titanfall bug happened multiple times.

@nordgaren2358

2 ай бұрын

No. This was an entire cheat client being injected. I don't think this has anything to do with it.

@Alex-qq1gm

2 ай бұрын

@@nordgaren2358 the scripting in the game is good enough to let you implement esp and aim bots. It obviously took some work to pull this hack off and putting together a small cheat using it is not that hard. People did similar things in TF2 using these scripts. Please stop confidently stating things you have no clue about.

@nordgaren2358

2 ай бұрын

@@Alex-qq1gm how do you know that the scripting is what implemented the esp and aim bots, though?

@nordgaren2358

2 ай бұрын

@@Alex-qq1gm wdym I have no clue about. This is literally my specialization. You have no evidence of what you are claiming.

@Alex-qq1gm

2 ай бұрын

@@nordgaren2358 I have evidence, go and Google: northstar unrestricted script Also, compare the fonts used in the menus of the fake cheat to those of Titanfall 2. They are the same. Also pay close attention to which UI elements the cheat renders over or under. Compare this with footage of other Apex cheats that are easily found online. They are very different. Obviously none of this fully confirms anything but it does line up with it being a game scripting based attack.

I think it just came out last night that Thor found a rented server that was connected to ImperialHals PC. The thread begins to unravel.

@zxph

2 ай бұрын

Now I'm curious whether it's the same case for ther other guy that got hacked.

@teabola

2 ай бұрын

@@zxph the other guy said he was on a fresh install of windows (just hours old) when it happened. always reinstalls for tournaments to negate any kind of negative performance impacts or crashing.

@zxph

2 ай бұрын

@@teabola Ah good to know. Sounds like a good idea, if a bit tedious. Too bad it didn't help very much. The fresh install, hacking in public servers, EAC finding nothing on their end, the fact that the hackers reportedly said they were "jokers and not clowns" and didn't want to perform a mass attack at the risk of facing severe consequences (which would explain why they would be comfortable burning the exploit on a small-scale attack like this), the fact that the second guy didn't appear have the TSM halal tool loaded suggesting there is not malware installed on his system.... looks to me like it all points to an exploit affecting Apex servers directly.

@francescormp3163

2 ай бұрын

If you are referring to that RPC inbound connection.. that is kind of strange, because, as Hammond said, receiving an inbound connection on port 135 from a public internet address is very very unlikely, and that port must be exposed on purpose to the public internet, otherwise 99% of the times NAT would prevent it from working. Also svchost is really vague, since that process is, as the name suggests, a host for other executables that are meant to be run as a service on the system. At least knowing WHICH exact service was involved is a basic requirement for digging deeper in the root cause analysis of that malwarebyte alert.

@teabola

2 ай бұрын

@@zxph yep. A lot of people also fail to understand that apex runs on source which has been susceptible to rce and different exploits in the past. They also don't know that apex uses squirrel scripts, which if you have some access to the server, can be used to run said scripts.

I think a lot of it is Squirrel script execution. It's been around since Apex came out, and was present in past Respawn games. There was a huge vulnerability in TF2 where you could literally bind server commands to a key and execute them, and the server wouldn't do any checks and just do whatever you told it. Respawn tries to keep up and patch the methods, but people are usually able to find ways around it. But everything destroyer has annoyed streamers with has been around forever. It's documented and actually insane how badly the servers can be manipulated. But the only thing I've never seen is how destroyer was able to give them cheats if he claims to have never gone outside the Apex process. It's probably an internal cheat since the menu seemed to have been drawn in-game. But I would've thought you needed to have a RAT that could drop a DLL and inject it. So I'm very curious to see how that was done. Aimbot doesn't seem impossible, but silent aim is something else, and also the ESP that Gen had. Whatever the case, I wonder how it'll be handled and fixed. I've seen some people on forums suggest it's not a difficult fix, while others say Respawn should just rewrite all the server code. We'll see.

I am a player of Apex Legends and I personally think it isnt a RCE exactly as RCE vulnerability exploit will affect the server side! Not selected players. But on the same time I also think it can be a successful phishing attack on the employees of respawn or It can be a vendetta against respawn as they recently laid off bunch of employees who have been working on the game since Day 1. I am open for a security perspective discussion on this! If anyone has any other things to add or modify please reply!

@nordgaren2358

2 ай бұрын

What an RCE effects is entirely dependent on the bug, itself. The bug might not be in the server code. It might be a client only bug. It's hard to say what it was, really. It still might not be an RCE if the attack was unable to effect anything outside of the game process.

@mrityunjayadixit1821

2 ай бұрын

@@nordgaren2358 yeah thats true! Thanks for the info! Bro

I got infected by another online multiplayer fps game that I used to play, it was open source, the dev basically gave the hackers a free for all, they did a lot of damage and were involved in cp/voyurism/identity fraud/stalking/harassment and more.... people are disgusting...

This was inevitable.

Ironically I think this is one occasion people are right to blow it out of proportion, sure it's likely something less intimidating that is being portrayed but good on the people who actually avoided Apex for safety reasons - or any negative reason, legitimately some players are potentially addicted.

you should stream live ctfs like before. Used to enjoy them a lot.

Unless this was a test run for a larger attack.

I think it's insane to hold an event of that size with such a large cash prize online.

@Th3K1ngK00p4

2 ай бұрын

The really large cash prize isn't until the LAN matches at the end of the season. Regular season online matches have smaller prizes

@Armrongeddon

2 ай бұрын

​@@Th3K1ngK00p4ah okay thanks, another video I saw made it sound like this was a major tournament.

@Th3K1ngK00p4

2 ай бұрын

@@Armrongeddon it's the biggest match of the season so far, 1st prize is still $20k. But it's determining who goes onto the LAN playoffs where 1st prize is $300k

Great video

It's rather surprising that there hasn't been a Thor/Hammond collab yet. Would definitely like to see that 😃

@darkshoxx

2 ай бұрын

WE DID IT!

How embarrassing for Respawn.

It’s funny the cheat menu said “vote Putin”. It could be that other players were effected but stayed quiet

@datmanjay420

2 ай бұрын

well the dev is from Belarus so theres that

@Fuar11

2 ай бұрын

Destroyer2009 is a Russian troll clearly

@frostyhkd

2 ай бұрын

I think the majority of the players if not all are streaming during the tourney.

@sonofyupe

2 ай бұрын

@@datmanjay420 is that for sure? Thought they’re still looking for this “destroyer” person

@footballfan5048

2 ай бұрын

​@@sonofyupepeople like to believe in rumours without even verifying it because it's easier to believe. Making them sounds smart for knowing things eventhough it is just an unproven claim.

"in this industry there are no experts, just specialists"

Coming from the counterstrike 1.5/6 days where you could push scripts and compromise users who connect to a game server. Nothing is really impossible these days. Some European servers created their own banning system that wiped the users system 32. 😂

Congrats John your live with Thor rn!!!

@matthewbass8152

2 ай бұрын

You’re* don’t want to edit lol

The fact that he can spawn bots in the servers at will is very concerning.....If he figured out how to do that to all the servers...he could make the game unplayable by constantly filling all the servers with bots so no human players can get in.

They probably had it installed already!!! Some one just used a backdoor to get it activated in my opinion!!

I want that shirt.. Where??

Talk about Ivanti VPN hack. 😊

from what I’ve seen, you can play Apex on private and custom servers with a custom client ,so if they can have access to those files, they know the ins and outs of the game

@fixthat3269

2 ай бұрын

Wait isn't that how ALGs are actually set up?

Thor and Hammond next video? 😬

Just started playing this game on pc

the only way that's possible is if those streamers have a common enemy that is open to pay a lot of money for a 0day RCE to achieve this and hurt the reputation of the streamers. that's really unlikely but this is what's comming to my mind.

@lilililiililili6363

2 ай бұрын

apex legends uses the source engine, it is known to have such issues

@footballfan5048

2 ай бұрын

If they want to hurt the reputation then that message that kinda "tells" they were hacked is against this very idea.

Are consoles safe from this? Looks like it can affect pc users. This is why I’m asking

want a colab with Pirate Software!

@_JohnHammond

2 ай бұрын

me too 😝

@Cyberducky

2 ай бұрын

@@_JohnHammond That would be awesome. I only know him from his clips on yt but I enjoy them very much.

I wish the bot hackers for Team Fortress 2 got this much coverage... Then maybe something would be done about them after the 3+ years they been plaguing casual servers.

i am stumped on this

Thor sends goblins

Tbh in this case even if the pros will get unbanned they would have been unbanned very soon. Nothing really bad happened. So chapeau to the hackers, something like that isn't easy and depending on what it was could have been used much more malicious.

Wouldn’t Hal need port forwarding enabled on his router to allow connections inbound on port 135? I don’t for one second think RPC was exploited. I would understand an outbound connection (reverse shell) but not some inbound connection in a well known port (hoping port forwarding was enabled). Inbound RPC hack sounds so unlikely. Why would an attacker burn a million dollar exploit on RPC to hack a pro gamer? Not likely.

@thecyberadventurer

2 ай бұрын

I commented about this on Thor’s video. It makes no sense. He would in deed have to port forward or have his pc exposed to the internet. Which I just find very suspicious

It better to wait but those just idea but good to be creative.

More likely to drum up biz, and second if they bet a large amount of money on the game and they wanted to disqualify these people. It's almost always about money.

it was me , ze hackerman

Your last name the one your most commonly known by is literally on the map in the game Apex legends...

This guy says he's not a gamer as if he isn't a retired Meta Knight legend

@_JohnHammond

2 ай бұрын

But always bested by your Marth! 😎

He spared no expense

What if these guys had cheats installed and got into some sort of disagreement with the cheat providers? Wouldn't that be the most obvious option?

I know how its done, but not gonna give it away for free to EA. That's smartest response a hacker can give. They dont even do bounty rewards

He should have a job at Hammond robotics

The fact that a colleague of yours is working on a bug like this tells me, there exists a likely RCE in the `Source` engine. It might not have been used here.

@nordgaren2358

2 ай бұрын

That was just their best guess. There's definitely been RCEs in source engine in the past, which is probably why they guessed it.

It would be hella cool to see you collab with Pirate Software!

I beleave that they accidently turned on hacks UI and started shouting that they have been hacked :D

@Pikkoroo

2 ай бұрын

I “beleave” you are dumb :D

Have you not seen the zombie bot videos?

I wouldn’t say his machine got hack…

How to make TeddyEAC tweet after more than a year 😂

Bring out the bounty Respawn it's Zero Days on APEX LET'S GOOOOO