Cybersecurity Breach Halts Apex Legends Esports Event

In a surprising turn of events, the Apex Legends Global Series (ALGS) North American finals faced an abrupt postponement. This decision came after a cybersecurity breach directly affected players during the heat of the competition, prompting immediate action from Electronic Arts (EA), the game’s publisher.

The Apex Legends Global Series Explained

ALGS stands for the esports championship circuit centered around the popular battle royale game, Apex Legends. Participants from various regions battle through stages, from qualifiers to regional finals, aiming for the grand championship. The tournament is known for its intense, strategic gameplay and significant prize pools.

Details About the Cybersecurity Breach

The incident unfolded during the third match of the North American finals, pitting teams DarkZero and Luminosity against each other. A player named Genburten encountered an unexpected and alarming situation – his game client suddenly displayed a cheat tool named ‘TSM HALAL HOOK,’ complete with cheat configurations and bizarre references.

This unauthorized intrusion allowed Genburten to see the locations of all opponents, compromising the match’s fairness. Genburten chose to exit the game, which was disadvantageous to his team. Despite this disruption, the match’s outcome was not nullified; Luminosity was declared the winner, and the tournament proceeded to the next match.

However, the hacker struck again, equipping player ‘ImperialHal’ with an aimbot, leading to the intervention of tournament administrators and the subsequent halt of the match.

The Hackers’ Identity and Method

The intrusion was attributed to individuals using the aliases ‘Destroyer2009’ and ‘R4ndom,’ revealed through Genburten’s in-game chat during the hack. Following the incidents, an official statement on X from Apex Legends Esports announced the postponement of the NA finals until further notice, citing the need for heightened security measures.

Due to the competitive integrity of this series being compromised, we have made the decision to postpone the NA finals at this time.
We will share more information soon.

— Apex Legends Esports (@PlayApexEsports) March 18, 2024

A person claiming to be Destroyer 2009 later admitted to exploiting a remote code execution (RCE) vulnerability, allowing them to manipulate the game clients. However, the exact source of the vulnerability, whether within the Apex Legends client, the Easy Anti-Cheat system, or elsewhere, was not specified.

RCE vulnerabilities are critical security flaws that enable attackers to run malicious code on a target device remotely. These vulnerabilities can stem from various software bugs and do not require the attacker to have physical access to the device.

Theories about the hack’s methodology vary, including speculation about an RCE bug within the Apex Legends client, an issue with Easy Anti-Cheat, or pre-compromised player devices. Easy Anti-Cheat, however, has confidently stated that their software is free from RCE vulnerabilities, as per their latest investigations.

Final Word

This incident marks a first in the history of ALGS, where a live match was compromised due to a cybersecurity breach. The event raises significant concerns about the security measures in place for esports tournaments and the potential impact of such vulnerabilities on competitive integrity.