Tech

Hackers Demand $10M From Riot Games to Stop Leak of ‘League of Legends’ Source Code

Motherboard obtained the ransom note that hackers sent Riot Games on Tuesday, which threatened to release ‘League of Legends’ source code.
FnQirqKXEAUjPDu
Riot Games art via Twitter.

Hackers stole the source code for League of Legends, and now they’re asking for $10 million from developer Riot Games.

Motherboard has obtained a copy of a ransom email the hackers sent to Riot Games. “Dear Riot Games,” it begins. “We have obtained your valuable data, including the precious anti-cheat source code and the entire game code for League of Legends and its tools, as well as Packman, your usermode anti-cheat. We understand the significance of these artifacts and the impact their release to the public would have on your major titles, Valorant and League of Legends. In light of this, we are making a small request for an exchange of $10,000,000.”

Advertisement

As evidence, the hackers provided Riot Games with two large PDFs they said would prove they had access to Packman and the League of Legends source code. Motherboard also obtained these files; they appear to show directories related to the game’s code. If paid, the hackers promised to scrub the code from their servers and “provide insight into how the breach occurred and offer advice on preventing future breaches,” according to the ransom note.

In the message, the hackers included a link to a Telegram chat where they said Riot Games could speak with them. Motherboard joined this channel. Its members included usernames that matched those of names of Riot Games employees.

“We do not wish to harm your reputation or cause public disturbance. Our sole motivation is financial gain,” the ransom note said. The message has a deadline of 12 hours. “Failure to do so will result in the hack being made public and the extent of the breach being known to more individuals.”

Riot Games first announced news of a compromise last week in a series of tweets. The exact nature of the hack isn’t known, but Riot Games referred to it as a “social engineering attack”. It also said it had no indication that user data had been affected. On Tuesday, Riot Games said in a tweet it had confirmed hackers stole the source code for League of Legends, Teamfight Tactics, and its “legacy” anticheat platform. Another tweet said that on Tuesday “we received a ransom email. Needless to say, we won’t pay.” 

Advertisement

“We also want to remind you that it would be a shame to see your company publicly exposed, especially when you take great pride in your security measures,” the hackers said in their ransom note. “It is alarming to know that you can be hacked within a matter of hours by an amateur-level hack.”

In response to a request for comment from Motherboard, Riot declined to add anything further beyond the already published tweets. 

The full note, minus the link to the Telegram chat, is printed below.

Dear Riot Games,

We have obtained your valuable data, including the precious anti-cheat source code and the entire game code for League of Legends and its tools, as well as Packman, your usermode anti-cheat. We understand the significance of these artifacts and the impact their release to the public would have on your major titles, Valorant and League of Legends. In light of this, we are making a small request for an exchange of $10,000,000.

We uploaded a tree list pdf file, which you can view the tree of Packman and League of Legends source. If you require any files for proof, message us and we will provide you the raw file.

In return, we will immediately remove all source code from our servers and guarantee that the files will never be released to the public. We will also provide insight into how the breach occurred and offer advice on preventing future breaches. We suggest communicating through Telegram, you can join us here:

Advertisement

[Telegram link]

We do not wish to harm your reputation or cause public disturbance. Our sole motivation is financial gain.

We have sent this message to the Directors only and have given you twelve hours to respond. Failure to do so will result in the hack being made public and the extent of the breach being known to more individuals.

We also want to remind you that it would be a shame to see your company publicly exposed, especially when you take great pride in your security measures. It is alarming to know that you can be hacked within a matter of hours by an amateur-level hack.

We urge you to take this matter seriously and consider our proposal.