There's a little bit of history here with the hacker Destroyer2009. He's been terrorizing Apex public ranked lobbies since at least December 2023. He's done the usual cheats of aimbot, walling, rage hacking, flying around, speed hacking, etc. He's done all this without being successfully banned via the anticheat as well as circumventing manual bans from the dev team. He's also been able to gift thousands of dollars worth of Apex packs to streamers in addition to spawning in dozens of bots in-game that chase and try to kill their target[1].
It's also important to note that the 2 players targeted in yesterday's games are both multiple LAN champions from rival teams so the likelihood that they themselves were cheating is quite low. Per another streamer targeted via the Apex packs, Mande, claims to have had a conversation with the cheater and was able to glean that the cheater was motivated via "fun" or attention. It'd likely stand to reason that the 2 players were victims of a phishing attack rather than an RCE in Apex/EAC. If it's an RCE, why waste such a big bad powerful vulnerability on just 2 players and not target as many as you can if the motive really is "for the lulz"? There'd sure be a lot more lulz to be had if the hacker targeted as many people as he could. Using Occam's Razer without context, it's again likely phishing. Destroyer2009 does seem to have some sort of server-side access given the gifted Apex packs and ability to spawn in and control bots in-game. It'll be interesting to see what Respawn/EA have to say about this incident though we'll likely never get the full technical picture.
As an aside, if the first player targeted, Genburten, never had the in-game chat show up and the second attack on ImperialHal never happened, Genburten's gaming career would've been in the gutter. How would he prove an isolated one-off attack on his PC that remotely installed cheats and turned them on?
Interesting discussion from Thor at PirateSoftware[2]
Phishing was my immediate hunch as well, but what do you think the vector was to nail both Hal and Gen? I'm wondering if pros ever download third-party tools for gameplay analysis or something like that. (e.g., years ago I used to connect my Overwatch account to some ranking platform that let me see more granular data than what's visible in-game)
I think the hacker specifically targeted two players with largest audiences who were both live streaming for maximum lulz.
I also think that he specifically did it in a way that would minimize the risk of those players being accused of cheating cause he respects them and doesn't want to ruin their careers.
Angrave was very memorable for me for CS241 Systems Programming (2016?). To this day my threading understanding is unparalleled to that of my colleagues due to him and that class.
Looks like it still exists https://cs241.cs.illinois.edu/
and I can imagine this was a difficult course, you have challenging assignments on a weekly basis judging from the descriptions.
Couldn't recommend Jeff Erickson's lecture notes more for algorithms, DP, and the like. I too did rather poorly in the class so you're not alone! In a similar vein, Lawrence Angrave, a systems programming lecturer, has a wonderful crowd-sourced "book" [1] on all things systems programming. It is my go to resource for brushing up on these topics. Lastly, David Forsyth, a statistics/applied ML lecturer has a gold mine of a book for diving into ML and difficult concepts that come with it [2].
[1] https://github.com/angrave/SystemProgramming/wiki
[2] http://luthuli.cs.uiuc.edu/~daf/courses/AML-18/learning-book...
Good choice. This exact scenario just bit me this month. Fortunately the bill is less than $100 but I can't even figure out where some of the charges, specifically RDS, are coming from!
This hits home for me right now. I'm currently in the midst of fighting Frontier (bonded DSL 12/1) and frequent disconnects every 2-3 min. They're the only terrestrial ISP available at my home and the DSLAM has been oversold for two years per a tech lead. They have 0 incentive to upgrade the infrastructure here. The area I live in isn't even very rural, and it's one of the fastest growing towns in the Seattle area. New neighborhoods in the town are getting fiber but they're not upgrading any outdated infrastructure. Why would they?
It's also important to note that the 2 players targeted in yesterday's games are both multiple LAN champions from rival teams so the likelihood that they themselves were cheating is quite low. Per another streamer targeted via the Apex packs, Mande, claims to have had a conversation with the cheater and was able to glean that the cheater was motivated via "fun" or attention. It'd likely stand to reason that the 2 players were victims of a phishing attack rather than an RCE in Apex/EAC. If it's an RCE, why waste such a big bad powerful vulnerability on just 2 players and not target as many as you can if the motive really is "for the lulz"? There'd sure be a lot more lulz to be had if the hacker targeted as many people as he could. Using Occam's Razer without context, it's again likely phishing. Destroyer2009 does seem to have some sort of server-side access given the gifted Apex packs and ability to spawn in and control bots in-game. It'll be interesting to see what Respawn/EA have to say about this incident though we'll likely never get the full technical picture.
As an aside, if the first player targeted, Genburten, never had the in-game chat show up and the second attack on ImperialHal never happened, Genburten's gaming career would've been in the gutter. How would he prove an isolated one-off attack on his PC that remotely installed cheats and turned them on?
Interesting discussion from Thor at PirateSoftware[2]
[1]: https://youtu.be/7e3mia4b-_Q?t=192 [2]: https://www.twitch.tv/videos/2094227670?t=8h41m6s