Amphomorpho Inversion

@AmphimorphoCollectorPointInversion

They/Them

《 Rain World fan 》

Amphomorpho Inversion @AmphimorphoCollectorPointInversion3/18/2024, 4:18 PM

Seaside @8bitdemongirl

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 2:32 PM

Cassandra Wept

A big headline circulating recently is that two big Streamers playing in a highly competitive Apex Legends Tournament were hacked mid-game to give them cheats. Which means their systems were compromised.

Obviously the debate rages on about how, exactly, this compromise happened. But a prevailing theory that has good support right now is that Apex's kernel level anti-cheat software, Easy Anti-Cheat (or EAC) has a vulnerability that can be exploited for remote code execution.

This is always a risk, and always a possibility, when kernel level anti-cheat software is involved. When such software is deployed, it is effectively dropping a rootkit onto a system. The level of privilege afforded allows bypassing and evasion of security software, installation of malware, eavesdropping on keystrokes to steal passwords, and yes - Even infection of the BIOS.

While there is not sufficient evidence to say that EAC was the culprit in this case, nor that any of the above risks were leveraged through EAC, it should still give us all extreme pause.

EAC is deployed with a wide number of games. Often without the explicit knowledge of the end user. Are you playing Helldivers right now? It uses kernel level anti-cheat (though noy EAC). And so forth. So many people don't know that they have this vulnerability, and security software cannot catch it.

And by the way, are you currently playing VRChat?

Yes, VRChat uses EAC. If this turns out to be a vulnerability in EAC, your computer could be compromised through VRChat.

Stay safe everyone.

#cyber security #EAC

You must log in to comment.

in reply to @PhormTheGenie's post:

Sock @the-Backdash3/18/2024, 2:48 PM

Wow I am so surprised a kernel anti cheat and specifically eac has a vulnerability this is so unexpected wow

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 3:08 PM

Who could have possibly seen this coming

Charlotte Ariel Finn @ByCharlotteFinn3/18/2024, 3:28 PM

I was pretty grumpy when HD2 wound up having it. I play it once in a while but after this... yeah.

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 4:46 PM

For sure, yeah. It's making me absolutely feel uneasy about any AAA game at this point. Which sucks!

Charlotte Ariel Finn @ByCharlotteFinn3/18/2024, 4:51 PM

I just find it stunning that cheats were installed on computers via the anti-cheat software. don_cheadle_you_had_one_job.gif

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 4:54 PM

I hope the irony isn't lost on the developers of these softwares. That's a once in a lifetime hubris payoff!

Xīn Jīn Mèng @xinjinmeng3/18/2024, 4:49 PM

I was a young nerd getting mad at "cyberpunk" genre-fiction. "No one would leave their online connection open twenty-four hours a day! They certainly wouldn't use commercial-grade security!" Now here are, on the blockchain.

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 4:53 PM

Honestly, reasonable at the time! Who would've thought we'd wind up here?

Why did we get all the stupid parts of cyberpunk science fiction?

Or was it actually that, the stupid parts were always with us, and now they're just RGB neon tinted? 🤔

Xīn Jīn Mèng @xinjinmeng3/18/2024, 4:55 PM

Too many people saying, "Some day, I'll be wearing the boot."

Sami Katz!@Samikatz3/18/2024, 5:00 PM

while im not fond of the anti-cheat situation, its worth noting that the game engine Apex runs on had several RCE exploits in the past. Apex's engine is heavily modified, but the same exploits could exist in it. should be treated with similar suspicion until theres more information

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 7:19 PM

This is true! There's no confirmation as to exactly what it was that was vulnerable.

However, I think it's worth considering that, with the privileges afforded to kernel-level anti-cheat software - That question can almost never be answered reasonably. The anti-cheat must always be considered a potential vector.

Dragaroth @Dragaroths-hideaway3/18/2024, 5:51 PM

glances at ps5
glances at grenade i keep next to ps5

i oke.

Ecter B.@ecter3/18/2024, 5:56 PM

Is there a way to check for commonly known "anticheats" in my system (fortunately turns out EAC is not there)? You know, ones that i never explicitly gave consent to, but were installed anyway. I don't know names of any. Is there a general purpose AC detection tool i could run to check what's in there?

Phorm The Vixdjinn @PhormTheGenie3/18/2024, 7:20 PM

If I'm being honest, I'm not entirely sure. I know there are guides available to walk through removal of EAC and similar, but I'm unsure of where to find an exhaustive list.

Also, you bring up a great point: All of these games should make it clear they require kernel-level anti-cheat BEFORE a purchase is even possible

Ecter B.@ecter3/19/2024, 1:47 PM

Yeah. There was drama at some point with Doom Eternal, i think. Where they added Denuvo after people already bought the game and all reviews were out.

Shame there's nothing for general detection (looked for it myself as well, didn't find anything), but yeah, gonna live with what we have.