Attackers Caused So Much Havoc Inside Rainbow Six Siege, Ubisoft Shut Down the Whole Game
u/Inquisitive_idiot avatar
Inquisitive_idiot
•
4d ago
Source: https://www.bleepingcomputer.com/news/security/massive-rainbow-six-siege-breach-gives-players-billions-of-credits/
359
u/fork_yuu avatar
fork_yuu
•
3d ago
One group claims to have exploited a Rainbow Six Siege service to manipulate bans and in-game inventory without accessing user data.
A second group allegedly exploited a MongoDB instance using MongoBleed to pivot into Ubisoft's internal Git repositories, claiming to steal a large archive of internal source code from the 1990s to the present.
A third group claims to have stolen Ubisoft user data via MongoBleed and is attempting to extort the company into paying a ransom.
A fourth group disputes some of these claims, stating that the second group had access to Ubisoft's source code for a while.
Did they post this on some forum so every script kiddie went wild on them?
612
u/ClosetLadyGhost avatar
ClosetLadyGhost
•
3d ago
Lol the groups are fighting among themselves as well.
226
WeirdSysAdmin
•
3d ago
Who is the fourth group that is like “nah man we weren’t stealing anything but we were watching everyone else steal shit and they are lying”?
Also MongoBleed is massive right now, people wait for things like this and then hit the targets they know have mongo and have what they want.
124
GunnieGraves
•
3d ago
I swear, the people in charge of naming some of this software hang out with the people in charge of naming weed strains.
80
u/chop-diggity avatar
chop-diggity
•
3d ago
Telegram for Mongo.
16
maybe-an-ai
•
3d ago
This is called being thoroughly and complete pwoned.
8
u/Lettuce_bee_free_end avatar
Lettuce_bee_free_end
•
3d ago
So I wonder if their cyber attack is real ? I read 900GB holding all old and new titles was copied by infiltrators.
220
xstagex
•
3d ago
Seem not real. Someone used an AI to make article and it slopped wrong data from the past. So for now seem to be spreading misinformation, other then the fact that got hacked and players banned etc.
https://www.youtube.com/watch?v=g6iVim3QibA&list=LL&index=3
110
u/JoyousBlueDuck avatar
JoyousBlueDuck
•
3d ago
It was far more than players getting banned. The entire market got nuked (before the rollback) and millions of players temporarily became "billionaires" in game. They even hijacked the kill feed and global ban notifications to sing a song to every single player online LOL
63
u/varateshh avatar
varateshh
•
3d ago
Apparently multiple groups with different goals infiltrated Ubisofts network. First group were script kiddies that played around with rainbow six siege, second stole source code/tools from older games, third stole user data and is now attempting to ransom this data. An exploit (Mongobleed) made public in December 19th likely played a role in all these groups gaining access at the same time. Fixes are slow because almost everyone was on Christmas holiday. It's a mess and there could be more groups lurking in the background.
Vxunderground is an online repository for malware that has been around 2019 so I assume they know what they are talking about.
19
u/ColbyAndrew avatar
ColbyAndrew
•
3d ago
The font on that website is atrocious.
40
[deleted]
•
3d ago
Appropriate for the garbage writing
13
u/thatfreshjive avatar
thatfreshjive
•
3d ago
This reminds me of the ransomware attack on Colonial Pipeline 's payment system, where the company shut down their entire transport network, affecting millions, because there was a possibility they may lose a few bucks
203
u/Kastenbrot avatar
Kastenbrot
•
3d ago
I hate oil and gas companies as much as the next guy, but shutting down the pipeline was part of their response to ransomware. They didn't want it to jump the gap from IT to OT and protected their operational systems. They didn't want to try how well their recovery procedures worked for the OT side. Worst case the outage could have been a lot longer, because odds are, that backups wouldn't work if they even exist. This was not to save a few bucks, but the safest way to get back underway as quickly as possible.
247
davvblack
•
3d ago
and it’s conceptually possible that OT malware would cause permanent physical damage, as la stuxnet (but oilier)
84
u/Bodefosho avatar
Bodefosho
•
3d ago
What’s OT mean in this context?
29
u/Palimon avatar
Palimon
•
3d ago
That's how it should be done tho...
If it was an actual ransomware their infrastructure is at risk and remediation and recovery becomes at lot harder if it spreads.
It's better to shut everything down, let the cyber team do the forensics and then continue than risking having a week or two of downtime because every server on your infra got encrypted.
24
Nasmix
•
3d ago
Bad take. You need to get to a known good state and protect as much as you can from spread and larger damage. It’s not about saving a few bucks at that point - it’s about minimizing the long term damage and recovering as quickly as possible while doing so
45
grannyte
•
3d ago
Game as no service LOL
18
WorldlyPlace
•
3d ago
I'd kill to be a fly on the wall at ubisoft. How do you even respond to something like this. Like who makes the call to nuke the game.
11
u/RapidEngineering342 avatar
RapidEngineering342
•
3d ago
It would be really nice if this finally killed off siege. Fucking bastard waste of the R6 name.
65
u/Ghostfistkilla avatar
Ghostfistkilla
•
3d ago
Yes please let's go back to Rainbow Six Vegas or Rogue Spear the new generation doesn't know what they are missing out on R6 was solid back in the 2000s.
27
u/man__i__love__frogs avatar
man__i__love__frogs
•
3d ago
Used to play R6, Rogue Spear, Urban OP's, Covert OP's on MPlayer and Gamespy back in the day. Ghost Recon 1 was great too.
6
Vehlin
•
3d ago
Or back to the original R6. If things got loud you did it wrong.
10
ThankuConan
•
3d ago
If shareholders get stiffed the damage will be even greater and might be fatal. Nothing like investors losing confidence to put a dagger in your heart.
3
Long_Replacement3715
•
3d ago
No rollback? Wow.
89
u/ciaervo avatar
ciaervo
•
3d ago
No?
"In a final update, Ubisoft clarified that players would not be punished for spending the granted credits, but that it would be rolling back all transactions made since 11:00 AM UTC."
203
stamatt45
•
3d ago
In the article it says theyre doing a rollback
73
u/p0tsataja avatar
p0tsataja
•
3d ago
You presume ubisoft has working backups
130
u/Computer-Blue avatar
Computer-Blue
•
3d ago
No, rollbacks!
23
Psychological-Bad959
•
3d ago
In all my years of gaming, I have never seen developers as horrible on seige.
Seige used to have great events and freebies like operation outbreak, a completely new limited gamemode with a free limited elite skin. Nowdays, its some shitty snowball fight game where you literally have to spectate other players from 10 miles away for 5 minutes when you die. Oh also they gave jack shit for the launch of seige 2
The monetization is horrible. You used to be able to buy 1 year battlepass for like 36 dollars, which was completely fair. Now, they removed that to like 15 dpllars a season AND added a different VIP membership that costs 10 dollars A MONTH.
Oh also now they release 50 dollar skins. And also have limited event skins that you need to need to unlock every other single skin that event, costing hundreds of dollars or time. And the other skins are literal lazy recolours.
The game never was able to handle hackers. I remember a month long period where EVERY OTHER match had a hacker on it. Blatant boosting services were common as hell too especially with a duo. Also ranked 2.0 is a dogshit ass system. Perhaps if they spent the insane amounts of money not on getting overwatch streamers who will never play that game again to stream it and instead they used it to solve the hacking issue, we would not have had blantant hackers weeks intk the games release.
Dont even get me started on balancing. I have no clue why the game thought that reworking blackbeard was necessary, especially into a shield operator which are particularly devisive.
I wish I could feel bad about the state of seige, but it has become so clear that their prioirities have changed to a cash grab.
10
u/Lanky-Assistance-120 avatar
Lanky-Assistance-120
•
3d ago
I'm super impressed that not once did you spell Siege right
27
10
u/Lanky-Assistance-120 avatar
Lanky-Assistance-120
•
3d ago
I'm super impressed that not once did you spell Siege right
27
27
Psychological-Bad959
•
3d ago
In all my years of gaming, I have never seen developers as horrible on seige.
Seige used to have great events and freebies like operation outbreak, a completely new limited gamemode with a free limited elite skin. Nowdays, its some shitty snowball fight game where you literally have to spectate other players from 10 miles away for 5 minutes when you die. Oh also they gave jack shit for the launch of seige 2
The monetization is horrible. You used to be able to buy 1 year battlepass for like 36 dollars, which was completely fair. Now, they removed that to like 15 dpllars a season AND added a different VIP membership that costs 10 dollars A MONTH.
Oh also now they release 50 dollar skins. And also have limited event skins that you need to need to unlock every other single skin that event, costing hundreds of dollars or time. And the other skins are literal lazy recolours.
The game never was able to handle hackers. I remember a month long period where EVERY OTHER match had a hacker on it. Blatant boosting services were common as hell too especially with a duo. Also ranked 2.0 is a dogshit ass system. Perhaps if they spent the insane amounts of money not on getting overwatch streamers who will never play that game again to stream it and instead they used it to solve the hacking issue, we would not have had blantant hackers weeks intk the games release.
Dont even get me started on balancing. I have no clue why the game thought that reworking blackbeard was necessary, especially into a shield operator which are particularly devisive.
I wish I could feel bad about the state of seige, but it has become so clear that their prioirities have changed to a cash grab.
10
u/Lanky-Assistance-120 avatar
Lanky-Assistance-120
•
3d ago
I'm super impressed that not once did you spell Siege right
27
u/Virtual-Oil-5021 avatar
Virtual-Oil-5021
•
3d ago
The last nail in the ubichiote business?
3
3
u/Virtual-Oil-5021 avatar
Virtual-Oil-5021
•
3d ago
The last nail in the ubichiote business?
3
u/LeroySinclair avatar
LeroySinclair
•
3d ago
Maybe now they will put effort into a new installment instead of milking a 10 year old game
4