Here's the word on the internet streets:
- THE FIRST GROUP of individuals exploited a Rainbow 6 Siege service allowing them ban players, modify inventory, etc. These individuals did not touch user data (unsure if they even could). They gifted roughly $339,960,000,000,000 worth of in-game currency to players. Ubisoft will perform a roll back to undo the damages. They're probably annoyed. I cannot go into full details at this time how it was achieved.
- A SECOND GROUP of individuals, unrelated to the FIRST GROUP of individuals, exploited a MongoDB instance from Ubisoft, using MongoBleed, which allowed them (in some capacity) to pivot to an internal Git repository. They exfiltrated a large portion of Ubisoft's internal source code. They assert it is data from the 90's - present, including software development kits, multiplayer services, etc. I have medium to high confidence this true. I've confirmed this with multiple parties.
- A THIRD GROUP of individuals claim to have compromised Ubisoft and exfiltrated user data by exploiting MongoDB via MongoBleed. This group is trying to extort Ubisoft. They have a name for their extortion group and are active on Telegram. However, I have been unable to determine the validity of their claims.
- A FOURTH GROUP of individuals assert the SECOND group of individuals are LYING and state the SECOND GROUP has had access to the Ubisoft internal source code for awhile. However, they state the SECOND GROUP is trying to hide behind the FIRST GROUP to masquerade as them and give them a reason to leak the source code in totality. The FIRST GROUP and FOURTH GROUP is frustrated by this
Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?
Find out in the next episode of... Tales from Cyberspace!
The source leak is really interesting, though. We don't often get to see game source, and it often has surprises in.
This read to me like the end of a soap opera. Tune in tomorrow to find out!
I bet it appears unchallenged at some point in a court (or insurance) document though.
But I agree with you that it would be put into a court document as "it cost us this much" for the full amount, vs the amount they were likely to ever be able to sell (and can't, now that everyone got it for free, so the value is $0)
The market is mostly reasonable about who can and will sell their shares. If a big mover does sell a lot of their shares at once, the price will fall. Most big holders will slowly sell off shares for this reason.
In the other direction, it’s also understood that the cost to acquire all shares of a company is more than the market cap of a company. This is why you see acquisition prices being significantly higher than the last funding round valuation, or public shares popping on announcement of an acquisition attempt.
Regarding the second group and access to source code; this is unlikely for a combination of four reasons.
1) The internal Ubisoft network is split between “player stuff” (ONBE) and developer stuff.
2) The ONBE network is deny by default, no movement is possible unless its explicitly requested ahead of time, by developers, in a formal request that must be limited in scope.
3) ONBE to “developer network” connections are almost never granted. We had one exception to this on the Division, and it was only because we could prove that getting code execution on the host that made connections would require a long chain of exploits. Of course that machine did not have complete access to all of the git repos.
4) Not a lot of stuff really uses git internally. Operations staff and web developers prefer git strongly; so they use Git. But nearly every project uses Perforce. Good look getting a flow granted from ONBE to a perforce server. That will never happen.
Siege, like The Division, worked against Ubisoft internal IT policies to make the product even possible. (IT was punishingly rigid) but some contracts were unviolatable.
The last I heard, Siege had headed to AWS and had free dominion in their tenant, but it would need Ubiservices (also in AWS) and those would route through ONBE.
I’m not sure if much changed, since a member of the board is former Microsoft and has mandated a switch to Azure from the top… But I am certain that these policies would likely be the last to go.
.. you don't have to tell me.
https://jacquesmattheij.com/microsoft-just-bought-nokia-for-...
I think I got one prediction wrong but the rest stuck.
How?
Regardless if this is true or not, and how it works exactly, I find it an interesting scenario.
For players: should I go online to maybe get gifted tons of ingame valuables while risking a ban? It turns playing into a gamble.
If I take on the hackers' view, I would find it exciting to dish out rewards and punishment at random on a large scale.
It was doomed.
That’s the statement they said when they shut it down. Ubisoft only had one goal all of 2010s, to turn item shop marketplace micro transactions into their primary business. They failed. They failed because they forgot why they existed. So let’s all make them remember.
There have been many victims of the eSports neuroticism. League of Legends is probably the most extreme example I can come up with. You will eventually get banned from the game if you choose the "wrong" play style. You don't even have to cheat or play poorly. Overwatch suffered a very similar fate - They removed a player slot to force it to fit the "5 man" meta. In the case of OW, the changes proved so unpopular they had to literally delete the original title from everyone's PC to force use of the only remaining option.
WTF happened to non-shooter games? I am so bored of these FPS variations.
FPS haven't been under the spotlights for a while, these days it's mostly MOBAs.
- Hexarchy / Rogue hex (Civ-like)
- The Last Caretaker
- Captain of Industry (factorio-like, was posted here on HN by dev awhile back)
- 9 kings
- Super Fantasy Kingdom
- Manor Lords
- Astronomics
- Heart of the Machine
The top of the list is Genshin Impact, although it'll probably be displaced by GTA6 soon - that one's estimated to come in at $1.5-2 million. There's multiple FPS games on there but there's some pretty expensive open-world games too.
You mean billion?
Sure, but 1 in 100 still gets you dozens of games a year now. There's plenty of genres where the top titles are nowhere near an AAA budget: Hades 2, Silksong, and Claire Obscura all being popular examples from this year, and Factorio being another well known example around here. Even simpler games like Balatro and Vampire Survivor are plenty of fun for some people.
The biggest studios have rarely been the ones producing the best work - budget gets you fancy cinematics and a beautifully rendered 3D world, but it doesn't make level design go any faster. It could plausibly buy better writing, but that requires all the executives to back off and trust the creatives.
And for what it's worth, the big studios are all happy raking in money on mindless remakes - it keeps working for them.
It isn't that the other games are bad, though. It isn't like we are talking "handheld camcorder student-written movie" vs "polished hollywood blockbuster" but more.... Beautiful painting by a mostly unknown artist vs beautiful large, publically displayed and privatly funded artist. Big budgets get you more assistance and more/better tools and more space and more human help and more connections.
It is probably important to remember that a large portion of a blockbuster's budget is advertising. Advertising is often 50-100% of the production budget and I'm guessing AAA games have similar advertising budgets. I'm not sure how a large advertising budget gives you better products, though it might get you more folks if your game is online.
Of course, I'm guessing if you limit your search to FPS games, your experience might be a different.
Finding them is slightly harder, but absolutely worth it.
In any case, complaining about how many games there are out there that are not your thing is a waste of time. Much better to define what you like and look for recommendations from people who like similar games. Who care how many FPSs are released if you don't like FPSs? If you like RPGs, find RPG gamers and ask them what's good. Substitute for any genre; there is no genre out there that's not getting more releases than you could possibly play.
You know on linux there is a feature for a process to snoop into another process, that for the same user (non root), can be use for anti-tampering: with a proper "security" team, as all live-service games should have, you can give hell to hackers without a kernel module...
Thats probably pretty difficult.
The default security measures on Linux are pretty bad compared to windows, it's not even close. People like to bash windows but they have a way better security model.
2 - if I recall properly, that linux feature is a direct mapping of the target user process allowing extreme dynamicity in time, performant, and much more powerfull mechanisms than basic 'calls'. Namely hell for hackers if a live service game has a proper "security" team, all that without a kernel module.
The parent is right.
I'm quite literally the first person to bash Windows for being a shitty operating system, but the requirement for signed modules puts a massive barrier to entry for cheaters, where Linux can load just about anything.
If every system call can lie to you, there's a few things you can do, but it's not many.
I know this because I've actually done a lot of due diligence on anti-cheat.
One mechanism I attempted to employ was to replay initalisation vectors and determinism of inputs; this means I could replay your session out of band and witness the same outcomes. If there was variation then there's a fault. Except as soon as you introduce floating point numbers there's no more determinism... Oh well.
The other was to watch for "impossible" things, but then you need to run full complex physics simulations for every client. If your game requires you to effectively buy an i7-11700k for every user then you'd have to sell your game for a lot more money, and limit how long they can play - nobody wants this.
The third option was to score our best players and anyone who performs better than that gets their behaviour tracked. The problem is, coming up with a scoring system that's server side is much harder than you think.
GameDevs don't actually like paying a shit load of money for anti-cheat (that also breaks their debugging systems and causes bugs: a wonderful combination)... so if you've got a better way: join the industry and fix it. You'll be a moderately wealthy person.
1 - kernel anti-cheats ARE weaponized by hackers. This is not a matter of discussion unless you are into the AI generated HN news conspiracy.
2 - this linux feature should provide (if I recall properly) a very complex and flexible (not limited to "calls"), and performant, set of interactions between a set of anti-cheat processes and the set of game processes. All that as being non-root priviledge (I think you must be have the same effective user id). The actual and real parameter is the level of competence and creativity of the "anti-cheat" team which is a requirement of any "live-service games" with frequent updates.
3 - for FPS games where aiming skill is critical, anti-cheat are close to useless due to "external" AI based aim assist hardware.
> "While the anti-cheats are allowed in the kernel by Microsoft, the study also revealed that cheat software commonly uses weaknesses in Windows protections to ‘inject’ itself into the kernel and gain higher privileges. Many techniques mirror what is commonly seen in the domains of malware and anti-virus, with a difference in motivation."
> "This kernel injection technique has previously been observed in advanced ransomware attacks to disable anti-malware protections before the main attack."
The goal of cheats is to make money not to hack PCs.
> Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
And we all know this is fully hypocrit. "Computer security" does not exist, but for sure, adding a "gaming" _kernel module_ won't improve anything there... (irony).
Are they moving faster than conceivably possible by a real player? Even the most basic (x2-x1)/t > twice the theoretical will catch people teleporting or speed hacking.
Is their KDR or any other performance metric outside 5 standard deviations from the mean?
Here’s one: is everyone they encounter reporting them for cheating along with one of the above? Do people leave their matches constantly?
Defining and detecting objectively impossible things is not impossible.
1) they’re not foolproof
2) there is a delay in aggregating the data
this has annoying effects when the game has a trial period/goes on sale/has lots of cheap CD keys floating around.
3) if you weren’t delayed then the cheaters get better at adjusting to how you catch them.
We actually do a lot of statistical analysis, but it works in tandem with endpoint anti-cheat, and would hardly work at all alone.
If we banned them, they just created a new account and kept doing the same things.
When we detected them and the isolated them from all other good standing accounts, only allowing them to interact with other shadowbanned users, it virtually solved the problem. Normal users went about their day and the cheaters/fraudsters wasted a lot of time never getting through to anyone.
In gaming it seems like creating a cheaters purgatory where they are stuck competing against other cheaters forever would probably end up being its own special league after a while. Like when people suggested steroids in pro-baseball should be legal.
That's what GTA5 did (though, they marked you with a dunce cap)...
.. even though it's a good idea (and we nearly implemented it actually), there's probably a reason that GTA5 is still plagued with cheaters.
Give this team server side data, user level 'traps' and 'pitfalls' with frequent updates (they do that for dota2 and probably cs2, they don't need a kernel module), and you should end up with a rather sane gaming experience.
It gives a score that is hard to use.
This is how I imagine Amazon ended up banning a large amount of players for speedhacking. The players were lagging. I'm guessing their anti-lag features ended up moving them faster than the anti-cheat expected.
But I agree that a combination approach would probably work.
I got a better way... just look at the past. Back in ye goode olde UT2004 times, there was no random matchmaking / ranking bullshit that removed the social element, game licenses cost money, people ran their own servers, and if you pissed off server mods enough, no matter if you were a cheater, a suspected cheater, or just an asshole, your serial got banned - sometimes, across a fleet of servers that shared ban lists. Cheating had costs associated.
But of course, that means you can't lure in whales with free to play games and loot them via microtransactions any more...
The truth is that UT2004 sold 234,451 units over its life according to Wikipedia.
The Division sold over 10,000,000 copies in the first weekend.
The requirements change drastically when you have a larger audience.
Primarily driven by my utter disgust for modern monetization mechanics, corporate greed and gambling. Cheaters, IMHO, are an inevitable side effect of combining gamification with gambling, with no barriers to entry, and with removing social barriers of entry.
> The requirements change drastically when you have a larger audience.
The market has exploded in the 12 years between UT2004 and The Division.
Yes, and you can’t assert that it didn’t happen at least in part due to efforts to make games more accessible.
You couldn’t release a game like UT2004 today with the same UX and expect competitive sales. Even if you did, the experience would scale very poorly.
You don't have a better way. You have a nostalgic memory of how games should be played which doesn't match what people in a modern audience expect. It's like saying the solution to cell phones tracking you is to use a landline, because that's how we used to do things.
You still see this with modern day servers. Modded GTA V, FiveM, had additional anticheat even before the unmodded game added anticheat. Part of the appeal of CS2 servers, Face-IT and ESEA, is the additional anticheats.
KACs exist because they want to have higher privileges to not be injected into, closed or otherwise touched by any other process. That's also why a bunch of them have started to ask for Secure Boot, so that they can guarantee at least some chain of trust that ensures you've probably not tampered with your machine.
Your Linux example 1/ turns anti cheats into not only something that analyzes what runs on your machine, but actively tries to attack it, which is the textbook definition of malware, but also a gigantic liability should you happen to say, write into word.exe because you fucked up and thought it was a cheat. 2/ turns it into an infinite game of chasing each others with you injecting into cheats, cheats injecting into you, back and forth. In addition, you're running on an actively hostile machine with a hostile user that _wants_ to fuck over your anti cheat.
Please do some proper research on the subject.
Name an exploit in EAC/BattlEye/Vanguard/FaceIT/whatever other big name anticheat middleware (though Vanguard and FaceIT don’t sell their services I think) that has actually been used for anything.
Genshin Impact’s driver got used as a vulnerable driver that one time, yeah. EAC had an exploit to inject your own code into processes, but that quickly got patched (https://blog.back.engineering/10/08/2021/).
So not an exploit, but even worse.
Unless you beleive in the conspiracy of AI generated news on HN.
You are the same type of guys who is going to try to sell 'computer security' as a deliverable, thing which does not exist.
Please, stop that.
This doesn't really make sense. If you are implying he is FOR monopoly, he would want the game on every possible platform right? He loses money by not having more players playing his game.
It’s not a bad business model if he can get the courts on his side: let others spend billions and take risks, then cherry pick the successful platforms and compete with their distribution using a cost basis that doesn’t have those up-front costs and risks.
Sure. Just as long as you agree Google and Apple let others do the work and investment to develop new games, apps and media, then swoop in and demand a cut if the risk and investment pay off.
Wait until you hear about how the entire entertainment industry has always worked!
You're right, customers don't really own an iphone, even if they've paid $1000 for it.
If that's not a flawless description of a walled-garden app store, I can't imagine what would be.
Because Epic doesn’t want payhack configs to be advertised in whatever leaderboards Fortnite has, like CS2 had for a while.
The people receiving the credits aren’t even the ones initiating the changes.
Also many anti-cheat packages do have Linux versions. The primary reason you’re not getting ports for Linux is because companies don’t want to do the port and support all versions of Linux clients they would encounter in the very tiny number of additional installs.
Come on it is just a game (◔_◔)
One has to wonder: why didn't anyone anticipate this happening? Surely the moment this exploit was discovered the team would've locked it down immediately?
If you're going to be in the business of running your own critical infrastructure, you better have spent a lot of effort planning for these situations, because they are inevitable. Otherwise, it's easier to just pay a vendor to do it for you.
while i don't agree with how devs and the publisher works on community feedback, it is still miles better than what EA does. not that it is a high bar to clear.
dvh•1mo ago
ZeWaka•1mo ago
Levitz•1mo ago
purkka•1mo ago
https://x.com/KingGeorge/status/2004902566434668686
Modified3019•1mo ago
>@KingGeorge
>Seems like R6 is completely fucked. It’s unreal how bad.
>Hackers have done the following.
>1. Banned + unbanned thousands of people.
>2. Taken over the ban feed can put anything.
>3. Gave everyone 2 billion credits + renown.
>4. Gave everyone every skin including dev skins.
>5:09 AM · Dec 27, 2025
vogtb•1mo ago
super256•1mo ago
https://github.com/joe-desimone/mongobleed
https://beta.shodan.io/host/212.104.194.153
mrklol•1mo ago
croes•1mo ago
https://x.com/vxunderground/status/2005008887234048091
nhinck3•1mo ago
Modified3019•1mo ago
>@vxunderground
>Clarification post, previous post about Ubisoft lead to some confusion. That's my fault. I'll be more verbose. I was trying to compress the information into 1 singular post without it exceeding the word limit.
>Here's the word on the internet streets:
>- THE FIRST GROUP of individuals exploited a Rainbow 6 Siege service allowing them ban players, modify inventory, etc. These individuals did not touch user data (unsure if they even could). They gifted roughly $339,960,000,000,000 worth of in-game currency to players. Ubisoft will perform a roll back to undo the damages. They're probably annoyed. I cannot go into full details at this time how it was achieved.
>- A SECOND GROUP of individuals, unrelated to the FIRST GROUP of individuals, exploited a MongoDB instance from Ubisoft, using MongoBleed, which allowed them (in some capacity) to pivot to an internal Git repository. They exfiltrated a large portion of Ubisoft's internal source code. They assert it is data from the 90's - present, including software development kits, multiplayer services, etc. I have medium to high confidence this true. I've confirmed this with multiple parties.
>- A THIRD GROUP of individuals claim to have compromised Ubisoft and exfiltrated user data by exploiting MongoDB via MongoBleed. This group is trying to extort Ubisoft. They have a name for their extortion group and are active on Telegram. However, I have been unable to determine the validity of their claims.
>- A FOURTH GROUP of individuals assert the SECOND group of individuals are LYING and state the SECOND GROUP has had access to the Ubisoft internal source code for awhile. However, they state the SECOND GROUP is trying to hide behind the FIRST GROUP to masquerade as them and give them a reason to leak the source code in totality. The FIRST GROUP and FOURTH GROUP is frustrated by this
>Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?
>Find out next time on Dragon Ball Z
>12:12 PM · Dec 27, 2025
squigz•1mo ago
esseph•1mo ago
Why would you think that?
Witcher 3 / Cyberpunk 2077 / Gwent / GTA 5&6 / FIFA 21 / Watch Dogs: Legion / etc.
dplgk•1mo ago