S
Story
Rainbow Six Siege hacked as players get billions of credits and random bans
  • butz
  • ·
  • 7 hours ago
  • ·
  • [ - ]
Nice to see anti-cheats working and protecting Linux players from hacks, by preventing them from actually playing the game.
These changes are occurring in a server backend database. They’re not client side cheats.

The people receiving the credits aren’t even the ones initiating the changes.

Also many anti-cheat packages do have Linux versions. The primary reason you’re not getting ports for Linux is because companies don’t want to do the port and support all versions of Linux clients they would encounter in the very tiny number of additional installs.

  • cedws
  • ·
  • 2 hours ago
  • ·
  • [ - ]
Games using Easy AntiCheat can opt in to Linux support. Arc Raiders runs on Linux (but not in VMs) whereas Fortnite does not, because Epic has chosen not to support Linux. Ironic given Tim Sweeney's supposed anti-monopoly stance.
Sweeney isn’t anti-monopoly, he’s pro-Sweeney. He sees an opportunity to let others do the work and investment to build platforms, then selectively swoop in to compete once the risk and investment pay off.

It’s not a bad business model if he can get the courts on his side: let others spend billions and take risks, then cherry pick the successful platforms and compete with their distribution using a cost basis that doesn’t have those up-front costs and risks.

> He sees an opportunity to let others do the work and investment to build platforms, then selectively swoop in to compete once the risk and investment pay off.

Sure. Just as long as you agree Google and Apple let others do the work and investment to develop new games, apps and media, then swoop in and demand a cut if the risk and investment pay off.

> Ironic given Tim Sweeney's supposed anti-monopoly stance.

This doesn't really make sense. If you are implying he is FOR monopoly, he would want the game on every possible platform right? He loses money by not having more players playing his game.

That's why it's ironic. Maybe you're missing the context of the iOS App Store case, which is why he is supposedly anti monopoly.
The person you replied to obviously referred to the Windows monopoly.
This hack has nothing to do with client cheats.
"kernel anti-cheat" is actually a re-branding of "anti-(non steamdeck)-linux" software, probably to please msft (since sole beneficiary). We all know they are inefficient and weaponized by hackers.

You know on linux there is a feature for a process to snoop into another process, that for the same user (non root), can be use for anti-tampering: with a proper "security" team, as all live-service games should have, you can give hell to hackers without a kernel module...

Man, even "Area 51 has aliens" is a better and more backed up conspiracy theory than this. Kernel AC isn't to please MS, nor is it to shit on Linux/Steam Deck. They don't matter. They're inexistent. They're a blip of very vocal users that keep believing that Proton is going to save them from EA making shit games.

KACs exist because they want to have higher privileges to not be injected into, closed or otherwise touched by any other process. That's also why a bunch of them have started to ask for Secure Boot, so that they can guarantee at least some chain of trust that ensures you've probably not tampered with your machine.

Your Linux example 1/ turns anti cheats into not only something that analyzes what runs on your machine, but actively tries to attack it, which is the textbook definition of malware, but also a gigantic liability should you happen to say, write into word.exe because you fucked up and thought it was a cheat. 2/ turns it into an infinite game of chasing each others with you injecting into cheats, cheats injecting into you, back and forth. In addition, you're running on an actively hostile machine with a hostile user that _wants_ to fuck over your anti cheat.

Please do some proper research on the subject.

A user level anti-tampering software (and more with such linux feature) is not a kernel module which is weaponized by hackers.
How trivial is it to pretend to be a steam deck?
In what context? To show up at work and convince everyone you’re a steam deck?

Thats probably pretty difficult.

Easy enough with the right costume and plenty of confidence.
Kernel anti cheat in the client are the strongest form of protection by far, your comment makes no sense, anything userspace is easily spoofed. You can create a driver ( module ) that intercept calls and that is completely invisible to userspace processes.

The default security measures on Linux are pretty bad compared to windows, it's not even close. People like to bash windows but they have a way better security model.

1 - kernel module from anti-cheats are weaponized by hackers.

2 - if I recall properly, that linux feature is a direct mapping of the target user process allowing extreme dynamicity in time, performant, and much more powerfull mechanisms than basic 'calls'. Namely hell for hackers if a live service game has a proper "security" team, all that without a kernel module.

  • dijit
  • ·
  • 9 minutes ago
  • ·
  • [ - ]
What are you even talking about?

The parent is right.

I'm quite literally the first person to bash Windows for being a shitty operating system, but the requirement for signed modules puts a massive barrier to entry for cheaters, where Linux can load just about anything.

If every system call can lie to you, there's a few things you can do, but it's not many.

I know this because I've actually done a lot of due diligence on anti-cheat.

One mechanism I attempted to employ was to replay initalisation vectors and determinism of inputs; this means I could replay your session out of band and witness the same outcomes. If there was variation then there's a fault. Except as soon as you introduce floating point numbers there's no more determinism... Oh well.

The other was to watch for "impossible" things, but then you need to run full complex physics simulations for every client. If your game requires you to effectively buy an i7-11700k for every user then you'd have to sell your game for a lot more money, and limit how long they can play - nobody wants this.

The third option was to score our best players and anyone who performs better than that gets their behaviour tracked. The problem is, coming up with a scoring system that's server side is much harder than you think.

GameDevs don't actually like paying a shit load of money for anti-cheat (that also breaks their debugging systems and causes bugs: a wonderful combination)... so if you've got a better way: join the industry and fix it. You'll be a moderately wealthy person.

Hard to have sympathy for Ubisoft the company as they are regularly used as an example of the most anti-consumer practices out there. But the whole situation is a mess, and if anything, it is probably the consumers that will end up suffering the most for this.
  • dvh
  • ·
  • 17 hours ago
  • ·
  • [ - ]
It's not random bans, the nicknames are words from longer text. It's lyrics from Shaggy - It wasn't me.
  • vogtb
  • ·
  • 16 hours ago
  • ·
  • [ - ]
The line "How could I forget that I had given her an extra key?" comes to mind. Maybe someone left an API key laying around somewhere? Although I could be giving the hackers too much credit...
Maybe the mongo db exploit from two days ago?

https://github.com/joe-desimone/mongobleed

https://beta.shodan.io/host/212.104.194.153

Somebody else said some Postgres dumps are available, not sure if they are even using mongo. But maybe mongo was the start of the chain.
  • croes
  • ·
  • 3 hours ago
  • ·
  • [ - ]
Seems so

https://x.com/vxunderground/status/2005008887234048091

Copy of post:

>@vxunderground

>Clarification post, previous post about Ubisoft lead to some confusion. That's my fault. I'll be more verbose. I was trying to compress the information into 1 singular post without it exceeding the word limit.

>Here's the word on the internet streets:

>- THE FIRST GROUP of individuals exploited a Rainbow 6 Siege service allowing them ban players, modify inventory, etc. These individuals did not touch user data (unsure if they even could). They gifted roughly $339,960,000,000,000 worth of in-game currency to players. Ubisoft will perform a roll back to undo the damages. They're probably annoyed. I cannot go into full details at this time how it was achieved.

>- A SECOND GROUP of individuals, unrelated to the FIRST GROUP of individuals, exploited a MongoDB instance from Ubisoft, using MongoBleed, which allowed them (in some capacity) to pivot to an internal Git repository. They exfiltrated a large portion of Ubisoft's internal source code. They assert it is data from the 90's - present, including software development kits, multiplayer services, etc. I have medium to high confidence this true. I've confirmed this with multiple parties.

>- A THIRD GROUP of individuals claim to have compromised Ubisoft and exfiltrated user data by exploiting MongoDB via MongoBleed. This group is trying to extort Ubisoft. They have a name for their extortion group and are active on Telegram. However, I have been unable to determine the validity of their claims.

>- A FOURTH GROUP of individuals assert the SECOND group of individuals are LYING and state the SECOND GROUP has had access to the Ubisoft internal source code for awhile. However, they state the SECOND GROUP is trying to hide behind the FIRST GROUP to masquerade as them and give them a reason to leak the source code in totality. The FIRST GROUP and FOURTH GROUP is frustrated by this

>Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?

>Find out next time on Dragon Ball Z

>12:12 PM · Dec 27, 2025

lol leakier than a sieve.
  • ·
  • 10 hours ago
  • ·
  • [ - ]
Per the tweet linked in the article there were also random bans in addition to the ban feed shitposting.

https://x.com/KingGeorge/status/2004902566434668686

Copy of tweet:

>@KingGeorge

>Seems like R6 is completely fucked. It’s unreal how bad.

>Hackers have done the following.

>1. Banned + unbanned thousands of people.

>2. Taken over the ban feed can put anything.

>3. Gave everyone 2 billion credits + renown.

>4. Gave everyone every skin including dev skins.

>5:09 AM · Dec 27, 2025

Global game messages being used to meme - reminds me of Team Fortress 2 rings.
  • s5300
  • ·
  • 13 hours ago
  • ·
  • [ - ]
[dead]
Saw a video earlier today with the lyrics of Billie Jean by Michael Jackson too.
  • ·
  • 16 hours ago
  • ·
  • [ - ]
This is the nightmare scenario for live-service games: once the integrity of progression and bans is compromised, trust evaporates fast. Rolling back “billions of credits” is easy compared to undoing random bans.
It's a shame this game has to pander to eSports fanatics rendering it into a completely hollowed out soulless experience. From the early days of Operation Chimera to selling half of your stake and IPs to Tencent, Ubisoft has seen it all.
> It's a shame this game has to pander to eSports fanatics rendering it into a completely hollowed out soulless experience.

There have been many victims of the eSports neuroticism. League of Legends is probably the most extreme example I can come up with. You will eventually get banned from the game if you choose the "wrong" play style. You don't even have to cheat or play poorly. Overwatch suffered a very similar fate - They removed a player slot to force it to fit the "5 man" meta. In the case of OW, the changes proved so unpopular they had to literally delete the original title from everyone's PC to force use of the only remaining option.

Ubisoft kept making garbage and sacrificed their IP’s for the sake of keeping the company alive…

It was doomed.

+1. Can’t believe how they held amazing IPs and then milked them to death while lowering the quality game over game. Whether it’s far cry or assassin’s creed, all the later iterations are worse than the series start.
I’m still bitter at them for canceling XDefiant… it wasn’t a COD killer but it filled a comfortable niche and had potential.
Oh wow, they cancelled it? I played it for a bit on release. Kinda fun, didn't stick with it, but surprised it's already cancelled so short after release.
This game was amazing at launch, recently tried it again and it’s become trash
https://x.com/vxunderground/status/2005008887234048091

Here's the word on the internet streets:

- THE FIRST GROUP of individuals exploited a Rainbow 6 Siege service allowing them ban players, modify inventory, etc. These individuals did not touch user data (unsure if they even could). They gifted roughly $339,960,000,000,000 worth of in-game currency to players. Ubisoft will perform a roll back to undo the damages. They're probably annoyed. I cannot go into full details at this time how it was achieved.

- A SECOND GROUP of individuals, unrelated to the FIRST GROUP of individuals, exploited a MongoDB instance from Ubisoft, using MongoBleed, which allowed them (in some capacity) to pivot to an internal Git repository. They exfiltrated a large portion of Ubisoft's internal source code. They assert it is data from the 90's - present, including software development kits, multiplayer services, etc. I have medium to high confidence this true. I've confirmed this with multiple parties.

- A THIRD GROUP of individuals claim to have compromised Ubisoft and exfiltrated user data by exploiting MongoDB via MongoBleed. This group is trying to extort Ubisoft. They have a name for their extortion group and are active on Telegram. However, I have been unable to determine the validity of their claims.

- A FOURTH GROUP of individuals assert the SECOND group of individuals are LYING and state the SECOND GROUP has had access to the Ubisoft internal source code for awhile. However, they state the SECOND GROUP is trying to hide behind the FIRST GROUP to masquerade as them and give them a reason to leak the source code in totality. The FIRST GROUP and FOURTH GROUP is frustrated by this

Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?

  • dijit
  • ·
  • 6 hours ago
  • ·
  • [ - ]
I used to work for Ubisoft, though not on Siege- I have met and had detailed conversations with their lead architect though; truthfully I remember little of those conversations.

Regarding the second group and access to source code; this is unlikely for a combination of four reasons.

1) The internal Ubisoft network is split between “player stuff” (ONBE) and developer stuff.

2) The ONBE network is deny by default, no movement is possible unless its explicitly requested ahead of time, by developers, in a formal request that must be limited in scope.

3) ONBE to “developer network” connections are almost never granted. We had one exception to this on the Division, and it was only because we could prove that getting code execution on the host that made connections would require a long chain of exploits. Of course that machine did not have complete access to all of the git repos.

4) Not a lot of stuff really uses git internally. Operations staff and web developers prefer git strongly; so they use Git. But nearly every project uses Perforce. Good look getting a flow granted from ONBE to a perforce server. That will never happen.

Siege, like The Division, worked against Ubisoft internal IT policies to make the product even possible. (IT was punishingly rigid) but some contracts were unviolatable.

The last I heard, Siege had headed to AWS and had free dominion in their tenant, but it would need Ubiservices (also in AWS) and those would route through ONBE.

I’m not sure if much changed, since a member of the board is former Microsoft and has mandated a switch to Azure from the top… But I am certain that these policies would likely be the last to go.

I wonder how many times former Microsoft people demanding switches to MS infrastructure are still actually working for Microsoft.
  • dijit
  • ·
  • 29 minutes ago
  • ·
  • [ - ]
I mean, I worked for Nokia in 2011..

.. you don't have to tell me.

Yes, that was a particularly dirty episode. I wrote about it when it happened.

https://jacquesmattheij.com/microsoft-just-bought-nokia-for-...

I think I got one prediction wrong but the rest stuck.

Nothing highlights how pointless e-sports items are more than a real dollar value for a player base of all of them. The entire global GDP is as an order of magnitude roughly $100 trillion. So this $340 trillion figure is 3.4 times planetary total economic output - meaning the theoretical value of Rainbow Six cosmetics exceeds what the entire human civilisation produces in a year. Multiple times over. You'd be valuing pixelated gun attachments higher than annual agricultural output across all nations, all manufacturing, all services, everything.

I bet it appears unchallenged at some point in a court (or insurance) document though.

While I understand what you're saying, it's pretty clear what is meant is "$X worth at the price they currently sell for". When there's a story about an object in space made of gold worth 100s of trillians of dollars, nobody believes it would really sell for that much if we captured it and mined all the gold; because the value of gold would plummet based purely on it's existence.

But I agree with you that it would be put into a court document as "it cost us this much" for the full amount, vs the amount they were likely to ever be able to sell (and can't, now that everyone got it for free, so the value is $0)

  • chii
  • ·
  • 12 hours ago
  • ·
  • [ - ]
and yet, most people use this same measure for market capitalization of companies.
The market cap is unambiguous, a more correct estimate of "how much to buy all the shares?" is situational and would just distract from getting the point across.
Not really. If a company were to manufacture a substantially large number of shares out of nothing (no additional investment money or other value entering the company) then the market cap would not go up. It would stay the same and per-share value would go down.

The market is mostly reasonable about who can and will sell their shares. If a big mover does sell a lot of their shares at once, the price will fall. Most big holders will slowly sell off shares for this reason.

In the other direction, it’s also understood that the cost to acquire all shares of a company is more than the market cap of a company. This is why you see acquisition prices being significantly higher than the last funding round valuation, or public shares popping on announcement of an acquisition attempt.

You could achieve a similar sum by adding balances out of thin air to random bank accounts, which is comparable to what happened here.
The valuation is based on them hypothetically selling the same quantities that the hackers gave away at their retail prices, which of course no one believes they would ever actually sell that much.
  • pjc50
  • ·
  • 15 hours ago
  • ·
  • [ - ]
This has the air of a parody spy caper where the various people who have broken in keep tripping over each other.

The source leak is really interesting, though. We don't often get to see game source, and it often has surprises in.

> Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?

This read to me like the end of a soap opera. Tune in tomorrow to find out!

The attackers better hope they fully hid their tracks - this is a bold hack, and such an level of overt cybercriminality with financial damages will result in a decade in prison if caught.
Can’t help but laugh a bit. Not a great day for Ubisoft. Hopefully this didn’t ruin the holidays for too many employees. That would absolutely suck to get a call in for this.
  • adzm
  • ·
  • 15 hours ago
  • ·
  • [ - ]
> Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?

Find out in the next episode of... Tales from Cyberspace!

> Players across PC and console are being urged by the community to stay offline, as reports continue to surface of accounts receiving billions of in game credits, rare and developer only skins, and experiencing random bans.

Regardless if this is true or not, and how it works exactly, I find it an interesting scenario.

For players: should I go online to maybe get gifted tons of ingame valuables while risking a ban? It turns playing into a gamble.

If I take on the hackers' view, I would find it exciting to dish out rewards and punishment at random on a large scale.

At least it's webscale.
  • sznio
  • ·
  • 5 hours ago
  • ·
  • [ - ]
Four attackers present in a system at the same time?

How?

Misconfigured database that was publicly accessible, vulnerability/exploit dropped around the same time.
[dead]
"That wording has been met with heavy backlash from players, many of whom believe Ubisoft is attempting to downplay the severity of the situation."

Come on it is just a game (◔_◔)

  • Surac
  • ·
  • 3 hours ago
  • ·
  • [ - ]
Ubislop, Ubislop never changes. Never trust a Ubislop
> Prominent Siege creator KingGeorge

So, the lead developer?

Streamer[1,2], formerly pro gamer[3]. “Creator” here is a clipping of “content creator”, an overtly ad-industry term that makes me a little sad(der) each time I hear it but is unfortunately universal nowadays, especially for people making videos (as we don’t really have another umbrella word for that).

[1] https://www.youtube.com/channel/UCsHlla-bq0C_2OtEy8s2_Sg

[2] https://www.twitch.tv/kinggeorge

[3] https://liquipedia.net/rainbowsix/KingGeorge

"Prominent" being sub 1000 views on YouTube?
  • pjmlp
  • ·
  • 9 hours ago
  • ·
  • [ - ]
This is why security actually matters in game development.
I wonder if they could push out an update. That would be super scary.
That depends, they might just fix some bugs and call it a day. There would have to be a trial of the pyx for sure to figure out what got changed and by who.
[flagged]
A 9 year old random FPS game.

WTF happened to non-shooter games? I am so bored of these FPS variations.

This is like complaining all modern movies are superhero movies. It’s hard to think that unless you’re hardly looking at all, or have fairly narrow taste and aren’t counting most of the medium.
Some very fun indie games I've been playing this past year (lots of early access):

- Hexarchy / Rogue hex (Civ-like)

- The Last Caretaker

- Captain of Industry (factorio-like, was posted here on HN by dev awhile back)

- 9 kings

- Super Fantasy Kingdom

- Manor Lords

- Astronomics

- Heart of the Machine

Those games have 100x to 500x smaller budgets than the AAA-games. Yes, they often have cute ideas, but, like a blockbuster movie, 99 times out of 100 you need a solid budget to make a solid movie/game.
If you want AAA games, you are going to have a safe game. You get the same with movies - Bigger budgets cause safer behavior with less risk taking. You wind up with a pretty game, a somewhat safe story (that they think will sell) and gameplay they think is just good enough to keep you going.

It isn't that the other games are bad, though. It isn't like we are talking "handheld camcorder student-written movie" vs "polished hollywood blockbuster" but more.... Beautiful painting by a mostly unknown artist vs beautiful large, publically displayed and privatly funded artist. Big budgets get you more assistance and more/better tools and more space and more human help and more connections.

It is probably important to remember that a large portion of a blockbuster's budget is advertising. Advertising is often 50-100% of the production budget and I'm guessing AAA games have similar advertising budgets. I'm not sure how a large advertising budget gives you better products, though it might get you more folks if your game is online.

Of course, I'm guessing if you limit your search to FPS games, your experience might be a different.

If 1% of indie games are solid, and all AAA game are solid, and there are 100 times more indie games than AAA games, then there would still be the same amount of solid indies as there are solid AAA games. As it is, I think for every good AAA game, there are somewhere between 50 and 500 great indie games.

Finding them is slightly harder, but absolutely worth it.

In any case, complaining about how many games there are out there that are not your thing is a waste of time. Much better to define what you like and look for recommendations from people who like similar games. Who care how many FPSs are released if you don't like FPSs? If you like RPGs, find RPG gamers and ask them what's good. Substitute for any genre; there is no genre out there that's not getting more releases than you could possibly play.

Wikipedia has a list of the most expensive video games to develop, with a lower limit of $50mil. https://en.wikipedia.org/wiki/List_of_most_expensive_video_g...

The top of the list is Genshin Impact, although it'll probably be displaced by GTA6 soon - that one's estimated to come in at $1.5-2 million. There's multiple FPS games on there but there's some pretty expensive open-world games too.

> $1.5-2 million

You mean billion?

Hopefully, AAA games era is coming to an end.
> 99 times out of 100 you need a solid budget to make a solid movie/game.

Sure, but 1 in 100 still gets you dozens of games a year now. There's plenty of genres where the top titles are nowhere near an AAA budget: Hades 2, Silksong, and Claire Obscura all being popular examples from this year, and Factorio being another well known example around here. Even simpler games like Balatro and Vampire Survivor are plenty of fun for some people.

The biggest studios have rarely been the ones producing the best work - budget gets you fancy cinematics and a beautifully rendered 3D world, but it doesn't make level design go any faster. It could plausibly buy better writing, but that requires all the executives to back off and trust the creatives.

And for what it's worth, the big studios are all happy raking in money on mindless remakes - it keeps working for them.

  • reyqn
  • ·
  • 5 hours ago
  • ·
  • [ - ]
I would argue clair obscur is actually a shooter game seeing the variety of op builds
I've played the above games at least 100x more than I've played any AAA titles this year :)
[flagged]
I think he is saying where is the creativity in the AA+ space. Which still might be a lack of depth / breadth of search, or platform exclusive content. Not everyone can own all the consoles.
I play non FPS video games almost every night. There are so many great games available.
  • comrh
  • ·
  • 15 hours ago
  • ·
  • [ - ]
We're currently in a golden age of Indie games catering to hyper specific niches. Ignore all AAA games and you'll find absolute gems.
  • tyre
  • ·
  • 15 hours ago
  • ·
  • [ - ]
Play Hades 2!
Maybe check out game awards finalists
IMO the vidya gaem awards [0] are far superior to the game awards.

[0] https://www.youtube.com/watch?v=mXMcq_LJ8ro

Maybe you can give a bit of context why you feel that way? Dropping a 2+ hour, <2000 views, 4chan video without context isn’t really the type of comment HN is looking for as far as I can tell
I checked them out. I guess I just miss a time when Falcon 3.0 and https://en.wikipedia.org/wiki/Stunt_Island sold really well.
Stunt Island was pretty good. However, there are more unusual games out there with reasonable budgets, like Death Stranding, The Talos Principle, The Outer Wilds, Portal and X4:Foundations. Even games involving shooting like Control or Alan Wake 2 are driven by unusual story telling.
Miss falcon 3.0? Go with Falcon BMS. For any genre of games there is a modern remake and community these days.
I literally discovered a completely free and open source Total Annihilation/Supreme Commander remake last month which is great for nostalgia’s sake.

https://www.beyondallreason.info/

We've come a long way in the past 30 years
Yeah, 1000 variations later, the latest Doom/Quake iteration looks great.
Summing up the entire FPS genre as Doom-like is unfair and discredits you more than anything else. Heck, even Doom and Quake are wildly different.

FPS haven't been under the spotlights for a while, these days it's mostly MOBAs.