This is such a fascinating conversation. Having a cyber security expert, in the gaming space, while a major network breach happens, in the middle of a massive esports tournament is such a rare occurrence. I’ll definitely be following closely.
The Thor dude seems like a super legit genuine dude. The advice he gives, in general, but more so at the end of this video, is incredibly authentic. I wish there were more folks in this world like that. Good shit man.
Thor's stream and videos are exceptional. He speaks really well and is always encouraging and welcoming. Such a great twitch streamer to have on and just listen along.
Dude you have no idea hes legitimately invested in helping people stop working for the man and make shit on their own, hes going to get killed by the CIA or some shady conspiracy shit like that if he doesnt stop :p
About the serverside exploitation section: The code for the things happening in this clip, exist within the game files. 1) Spawning bots. There was a limited time mode for Halloween where you could get two AI companions (Prowlers) which acted autonomously with a simple AI to chase and melee enemies within a certain range of you. 2) Increased squad size. There was a limited time mode, in which SURVIVORS killed by HUNTERS switched sides to HUNTERS, enabling teams of dozens on the HUNTER side. The Hackers just need a way to activate combinations of existing legacy functions in the game.
Very good point. Just because none of the buttons in the game assemble a packet to spawn bots anymore does not mean that nobody could assemble one by hand/ with a program. If both of those features are left in, no RCE'd be necessary.
So, pretty much the hacker can use whatever asset the devs have left in the files and create whatever he wants so long as they have existed in said files while making a few adjustments here and there. Apex is his sandbox.
But also, the hacker needed to gather all these bots in the same lobby with his target player, and the game treats these bots as players, which means that the hacker had to use a matchmaking system to get them into the same match with the target player. Doesn't this make it logical to assume that this is a server hack, with some kind of "admin permissions"? It's very similar to what cheaters do in gta online and rdr2 imho
This reminds me of Smash Ultimate hackers loading singleplayer boss battle arenas to play normal Vs. online matches. The server and other clients simply didn't validate that the stage ID being requested was actually selectable for Vs, that's all. With access to the server RCON, debug commands used by the developers to test server functionality prior to events becomes possible. Commands that may explicitly be designed to allow stuff to be tested out of context, without engaging the game mode they were intended for. The same kind of command used by the original server administrators for all kinds of things, including, but not limited to, banning and unbanning players.
Id usually laugh at the sentence "I'm a hacker" but your experience and ability to speak effectively and confidently really help ring home how that honestly an understatement
@@twostonedactual2541 I dont have the best skills, but i rec just double checking if you feel sketch about something. I always just do a small search about files or sites before anything
@@twostonedactual2541even if you’re not a PC gamer, the knowledge that you can use to protect your identity and data is priceless. Everyone should be made aware of security.
I work in the cybersecurity industry and also live in the Seattle area. Love your channel, your mission (from my own perspective), someone that actually understands red/purple/blue teams and the role they play in an organization, and how software and application development is deployed and the issues that arise when CI/CD and QA processes are weak with no culture around collaboration across team functions. You get it. You’re a pro. And your opinions and expertise shared on this channel has impacts across the gaming industry. Keep up the amazing work! The gaming community needs more like you to speak up!
I really appreciate Thor for his gentle pushback against Mande when he was repeating sensationalized claims (out of understandable fear), pushing against it and nudging Mande into the right direction and saying your piece without needing to call out any specific thing they said or saying anything too confrontational. I also kind of love that it almost became a mini therapy session for Mande for a while towards the back half lmao.
Yeah, it's really sad that for him, Apex is a paycheck instead of a game he can enjoy. You've built your career/life around playing this game that you have no control or say over, and it was an extremely dangerous investment which paid off for years, but now realizing that Apex was never going to be around forever. He should've pivoted his content much earlier, but now he has to do it when no other FPS games are kind of competing for the space.
@@steamfeuvermakes me hope for the finals to pick up traction at some point. i understand the grievances, and the cheating problem is unfortunately bad, but the developers have very real care for this game and show fully that they want to make something all players can enjoy playing a game and supporting a studio like that is really a nice breath of fresh air compared to trying to cater to a mega corporate game where you are just a number and the game is strictly a paycheck
@@mav9987I agree, in this day in age it’s smart to always have a pivot game. These games aren’t conventional sports and don’t have the stability of them either. It’s also hard to predict which games have true long term potential (ie. factors like dev, company, or gameplay issues). I enjoyed The Finals for the first few weeks of beta and launch but soon after the game felt a little repetitive. Although the game is extremely dynamic, it also feels monotonous at the same time. Maybe more unique maps, or gameplay loops would help improve it but who knows.
@@jyk8991 needs way more modes. i compare it to overwatch more than i do apex, and what keeps overwatch fresh is its plethora of maps and modes. once they get them going down we can really see people sticking to the game in full
It's incredibly refreshing to hear someone advocating for compassion while not invalidating the anger the community feels. Wish I could catch your streams, but I'm happy to have found your YT content.
Man, this video is blowing up! Mad props for the work and knowledge that goes behind this, you're doing the lords work by getting this stuff the exposure it deserves. I've never made a tip before on UA-cam but your shorts always pop up in my feed and your advice has genuinely had a positive impact on both my work and personal life. Figured this is a way I could return the favor, thank you for everything you do.
Your knowledge is unmatched and your natural intuition and experience is beyond commendable and I have learned so much from watching you, Thor. You are incredible. Thank you.
And to think not that long ago I remember thinking “who’s private software and why is he in my TikTok and shorts so much?” Now when this happened I thought “I wonder what pirate will say.” Love it
Thor, after over a decade of working in an ICT Support/SysAdmin role and not feeling great progression, I'm part of site wide lay off but this allows me to upskill... Watching your videos and streams over the past year and seeing your passion for what you do and did in the past, inspired me into pursuing my interests/instincts in security and analytics. I absolutely love it! Thank you for the always informative and enjoyable content, I think I speak for the majority by saying that you're very much an inspiration to to many!
has experience spoke volumes in his his dialogue with Mande. kept to 100 with him while validating feelings. i can tell ones things for sure. Thor is an amazing boss.
The servers of Respawn being vulnerable is a story as old as the company. They literally stopped selling Titanfall 1 because its servers are/were trashed by apparently a single hacker. And the Titanfall 2 community kept their game alive by modding the game and adding a custom server browser and custom gamemodes for the game back when the same hackers were attacking the Titanfall 2 servers. Now TF|2 is playable again on vanilla servers but who knows how long that will last.
That's what I find so weird about this Apex's server compromission. 4 months after TF|2 servers are patch it's the Apex servers that are underfire. Imagine if the hacker would find a way to automate waves of bots to render the game unplayable like he automated server crash in TF|2 ?
This is the scariest part. It's EA and Respawn's negligence or ignorance of fixing their games from hackers. It goes to show that modders from the community have more control over the game than the people who created them. It's pretty much up to Respawn and EA to figure out if they want to make an effort to care for the breadwinner or simply craft another one and hope it does well financially.
The fact they still use stryder baffles me. Despite how many times it has shown how its old age is effecting it, they still decide thats its perfectly safe. They just need to fix stryder or take it down.
@@Sorrowgrave No thats wrong there was a group that "tried" to combat the "hacker" which they then turned evil to hack tf2 just flooding servers with bots and then did the same with apex and changed the msg of the day to their groups name and they boasted it was all easy cause respawn used the same security layout for all three games all while EA was selling tf1/2 at discount while fully knowing no one could play any of the games for years and apex being down for like 2 days at the same time.
Love how 30 secs into this hour and a half vid you made it so clear as of who you are. I love you men! Congrats on that Steam Award, been watching you since then. Can't believe I spent most of my time on YT and Twitch without watching you.
I'd just like to say thank you for listening to Mande's complaints and responding in the way that you did. While I don't know the guy that well it felt like you got through to him pretty well and helped him to sort some things out in his head and get some things off his chest. I feel too much that people have an Us V Them mentality when it comes to defending people in their industry and the fact that you were able to make Mande feel heard and understood while showing him how it all works, why he feels that way, and have him come out of the conversation understanding the other side while still feeling his grievances were valid was a wonderful thing. I sincerely hope more developers and community managers take note of that, as I reckon it'd help make discourse around these sorts of issues calmer and more constructive.
Mande is a pretty chill guy, he never is a negative type but he’s been dealing with cheating for MONTHS to the point where some days he had to stop playing sadly because it was every game, and he is tired of respawn not doing anything ( it feels like they arnt ) but yea it’s nice he listens to Mande and also gives him some intel on the employee side of things was a cool call tbh
Super super good conversation. Never listened to long form pirate software before. What a lovely guy breaking down a complex topic in a really good and considerate way towards the players and the company
So rad to finally have an entertaining, prominent voice in the streaming space that can react to things like this with an informed perspective (and inform viewers in the process). So much stuff to digest here, and yet super easy to follow 🙏
Fr my number one pet peeve of react youtubers is when they are so uninformed yet try to make these big elaborate deductions or statements on something when they have no idea what they’re talking about.
Even as a non-Apex Player, this video was extremely interesting! From the Support to the Game Devs, to bringing in Mande, this was all done very respectfully and was very helpful in understanding what goes on behind the scenes of ANY online game. Also, though I've never heard of him(as I don't play or follow Apex), Mande seems like an absolute stand-up guy!
@@tylermorrison509 he didn't have all the information. He made conclusions based on what he knew at the time. While he doesn't know apex, he then had someone who does join him so he could discuss and rethink with new information
@@tylermorrison509 Considering it's been his job for 20 years, and he was following the process of elimination (basic problem solving, doesn't require his job or training)- you sound dense.
I love thor and i love thors ability to be like we shouldnt be claiming we know we dont and also when given new info "oh this changes things". To many people are scared to admit either of those things.
"The marketing and merchandising teams are going to keep going even if the game is on fire because that was there release schedule. Not every team stops just because one aspect of the game is broken" THANK YOU SO MUCH FOR SAYING THIS. Coming from the Halo Infinite team it was so tiring seeing every single external media post get flooded with comments like "Why are you releasing a new audiobook?! FIX THE GAME!!!. Why are you releasing a fun little cookbook?? FIX THE GAME!!! Why are you putting more cosmetics on the store!!!? FIX THE GAME!!!!" My brother, it's not the art team's job to fix the game, or the marketing, or franchise, or legal's team to fix the game. It's QA and engineers and every time they come into work it's like opening the door to a furnace. And yes absolutely, imagine how hard it is to solve these massively entangled issues ON TOP of the community hating your guts and giving you negative morale all day every day for even mundane things, let alone serious issues. You want stuff to get fixed? Honest to god, just submit a support ticket and be as unbiased and objective with your description as possible. QA needs plain facts and raw information to work with. The more of that they have the better they can prioritize and fix things. No matter how angry you get or how betrayed you feel or how crap the game seems to be at the end of the day its really just that simple. Twitter rage doesn't fix those kinds of problems. Basic support tickets do.
Yeah I thought the same thing. He didn't say "something is wrong." He immediately recognized it as a hack. Not a possible glitch or even a thought that it could be. This makes me believe that person is familiar with the cheat interface at the very least. The wording of that call out could be a Freudian slip.
@@fivetriplezero8985 I'd say anybody who spends a significant amount of time in FPS games, especially at higher levels where they have a lot more knowledge, they know what that stuff looks like. Like, I pretty regularly see clips of cheaters being exposed or stuff like that, it's not all that uncommon. Plus, it's pretty obvious it's a cheat even from a glance. Suddenly you don't have control of your mouse and it's just lasering down people, and you can see them through the wall? It takes half a second of reasoning to understand what's happening.
@@fivetriplezero8985 Being high level players in a game that has people that generally cheat sometimes in lobbies, I’m sure they’d be able to recognize an aimbot right away. I probably would and I’m a diamond scrub
I love them bringing in the apex player because it shows both sides on how people are approaching this information. You have the InfoSec/Dev side and the average end user side.
On the topic of communication and devs, I haven't played the game in a long while but I will always respect the team at Warframe for how they are able to take one of the biggest spaghetti messes of a videogame and cultivate a relatively positive relationship with the community. The devs are playing and talking in game to people, they're doing livestreams where they directly talk about things rather than avoiding them, they'll say "hey, guess what, that plan we had - you all tweeted us telling us it sucked and you hated it, so we recognise it's a mistake and we're not going to do it", and then they lighten the mood with some memes and human interactions and positivity. Rebecca and Megan from the community team and some of the devs like Pablo who just literally sit on a sofa once a month or tweet reply to people do more than any crafted PR statement or new shiny distraction could ever do to get players on side.
again take this with a grain of salt because I haven't been close to the game for a while, but my last understanding was that Megan was community manager and Rebecca was her boss and one of the directors@@MonlopoMAN
Man it's really cool that talking about anti-cheat is becoming more mainstream now! As a bonus most anti-cheat devs are huge nerds and truly love thier craft. It's very fun to listen to and when the person talking knows WAAAAY more than the normal player real things can happen. Knowledge is power, and is the players have more knowledge then that can help everyone!
This breakdown was really cool and the insistence on applying occam's razor before assumptions was respectable. Thank you for the content this was enjoyable to watch and informative
im so glad you uploaded this whole thing, man so many people heard you say "I think his machine is compromised" in the first few minutes- punched it in as a headline and clipped it, and now people think Apex is 100% good and these two just have malware... (WE dON'T KNOW YET).
Everything else aside, I think its really awesome how you could, and did, give Mande some peace of mind, great overall advice etc. Ofc you do it for your viewers a lot, which is what I greatly respect, but the guy is sounds so clearly relieved after he could vent a bit and had some of his worries put to rest
As someone who doesn't play Apex I still found this video amazing and basically anything from 59 mins in you could replace "apex" to ANY current competitive game Cod, battlefield etc and it would be accurate and amazing information for all people when facing this kind of issues in games they enjoy
Thanks for posting this Thor. I was checking in about this since someone else was asking about it and you were the first person that I figured would have the best grasp of the situation [outside the company]. I was not disappointed with the discussion. Great insights on the internal workings within a large company. Keep up the great work.
It seems like the majority of my comments are getting censored on this stoopid website! Anyway, I'm sorry for that... Look at the last option inside the "TSM HALAL HOOK" window. I can't repeat these word here, apparently... I think it might give us a tiny bit of information about the hacker's physical location, or at least from what kind of demographic he is from. edit: That's assuming that cheat tool was made by this/these individual(s), which might not be the case.
As a college student in cyber security these things are always interesting and I love the discussion. I always feel like I'm learning more, especially when it comes to the analysis of the issue. Greatly appreciated
As someone who does security, this is exactly what it looks like (PirateSoftware's handling) - you verify every claim, using all the evidence. He drew out the information from the subject matter experts with perfect questions, building out connections where possible. Trying not to make them certain where they're not. Assumptions will kill you as badly as grumpy employees and phishing attacks will. There is a LOT to learn from watching this.
Thor - Top tier security specialist, years of experience, many notable achievements, former wielder of the mighty banhammer! Prime: - Massive security liability, damn near wiped out Netflix on an oopsie......
Some lore on Destroyer2009 Destroyer is a kid who got hardware banned on rust like 5 years ago which sent him down a coding/exploiting rabbit hole. He is a fan of apex who has been developing cheats and finding vulnerabilities in the game for a long time. This level of breach is impressive and I’m curious to know what level of access to the server and or client he really has
@@mr.jojomunoz6561 He's just relaying what he heard on Mande's second video with destroyer, doesn't look like many people have seen that video an I advise checking it out lol Another thing destroyer mentioned was having 200 accounts in queue trying to get into the game, so everyone thinking he's "spawning bots through code" are off the mark xD
It was genuinely a breath of fresh air being able to hear all sides come together to have open dialogue and discussion about what the problem is, and how each side can play a part in fixing it. Discovering unique similarities because at the end of the day, they share the same goal for wanting games to thrive and succeed.
Okay I gotta say, it really felt during this interview that this Primeagen dude just wasnt listening to your answers or tuning out. A couple times he flat out ignores questions you ask him in response, but it was still really fantastic and insightful to hear your views and takes on this stuff coz as you say its very much in your wheelhouse. Thanks for putting this together Thor.
I think its mostly just a case of them not working together that greatly naturally, it happens all the time, people don’t always click or are on the same wavelenghts. They were looking at the problem from diffrent views leading to different interest points. At least I would think so.
@@SilverTicketlore Dude was clearly reacting emotionally. Was getting extremely specialized feedback from an expert in the field and he just wanted to be angry with Respawn instead of using his brain, and he seemed annoyed that Thor wasn't joining him in that. Maybe don't rely on 1 single game for income and just expect it to last forever.
you approach these conversations with such empathy when speaking to players. I wish more game companies would communicate with the player base in the ways discussed in this video.
Thanks for posting this Thor. I was checking in about this since someone else was asking about it and you were the first person that I figured would have the best grasp of the situation!!
This is the first ever long video I've seen in on my page from Pirate Sofware, his clips are fucking everywhere for w/e reason, but I just want to say the end of the video shows how good and genuine a human being you are and you. P.S. I sold a WoW account after highschool going into LK don't hate me please, was #1 boomkin in PvE (NA) in BC lol not that I had much competition.
Watched this from Mandes stream yesterday and you blew my mind. Instantly subbed and liked when I saw this pop up on my feed. Thank you for your knowledge and insight!!
Thank you for cutting this out from your stream to make it easier to find/watch. I love this content but I would miss it as I don't get to watch every or the entire live streams so I am glad this was shared to get the info.
thank you for clarifying the issues and not spreading miss information. it's refreshing to see someone who has a background on these issues and able to explain what's happening "in a simple way" and not jump to conclusions. Me being new here I'm definitely going to be watching more of your content that has to do with hacking since I find it fascinating and uneducated on the matter.
There’s a clip a month afterwards of him on Hal’s account. So it’s absolutely something connected to the server where he can see and use the info. In which case, the client does have enough connection. His personality denotes that he does get enjoyment out of being outside of extradition. However, he is of enlistment age, so that might be a useful way for the feds in Endgame to handle him.
Dude as a fellow security professional, I would LOVE to see more content like this from you. Your knowledge and experience is fascinating and I wanna hear more!
It was great that you were able to have the Apex pro on the stream and talk to them and see their take and perspective. They did a good job of illustrating their feelings and perceptions of the game and talking through the situation. I am glad we were able to see it.
Thor and Primeagen, thanks for bringing much needed clarification to this issue; and stressing on multiple occasions the "trust, but verify" system. As a budding cybersecurity person in my later years of life, this cannot be stated enough. It was also very nice to loop a professional player in Mande into the discussion to get their perspective on this as well.
So glad this guy seems to know what he is talking about. So much reactionary content regarding this and people re-formatting (after a quick how do i re format search) their pc.
@@magnum3.14 When using a new data drive, you have to format it(im not savvy enough to know exactly what formatting does, but it basically allocates space in the drive for the computers to use). Re-formatting means youre completely wiping all data on that drive by allocating that space again. Wiping a drive means there is a high chance of wiping any virusses lodged in it. Wont work on hardware virusses unfortunately but these are extremely rare.
hey Thor. Just wanted to thank you for informing us of the dangers between client side and server side stuff. The video was very enlightening of the situations both developers and players have to face. Know that I will be a part of the community that will see what other activities you want to branch out to as well. Thanks as always.
Imagine being such a Gigachad in cybersecurity industry and be like: "Nah, my passion is making games and petting ferrets". Like those Ultimate Samurai with unmatched sword skills who become farmers just for a peace of mind
I know you don't need the validation, but I love that you respectfully call your chat on BS but still with a firm stance that it's idiotic if it's intentional.
This was really interesting as someone with a tertiary knowledge of security by being in low level IT. It opens my eyes to that there's a lot I can learn about the cyber sec part of IT
Great content, Thank you for posting this... it is awesome and refreshing to hear an intelligent opinion on such a rampant subject... Keep up the great work!!!
it was so cool to hear two of my worlds colliding weigh in on both the dev side and the player side on the issues that Apex has been going through. thanks for the video!
I feel like, as a gamer, we really needed to hear all of this. Thank you guys for all of the insight! It really brings a new light to what goes on on the other side of the fence.
I was so glad to hear you talk about the dev side of things. As a dev myself, it's so sad to see how bad people bash the devs. I can guarantee there are some devs at Respawn that truly hate to see the game in this state, and would love nothing more than to fix it. But unfortunately, they're under EA. If the big boss says "new legend first, bug fixes later", then you have to do it. You can't go rogue or your job is toast and you can't feed your family. It really sucks but at the end of the day that's the reality of it. I also agree that more companies need much better community relations. For EA, I can probably guess it's about money. They won't dare admit fault or their stock prices tank. At the end of the day, we have to speak with our wallets. Which also sucks because as stated in the video, many people may not encounter the same issues as Mande. In my 3 years of playing Apex, I have personally ran into maybe 1 cheater long ago. So yeah just an unfortunate situation all around.
Yes and no, respawn (the apex devs) have had this problem on almost every game they’ve made, while you’re right what the big boss says goes, you’d think after the 3rd game failing because of hackers you’d have a better plan going into it, the definition of insanity is doing the same thing over and over expecting a different result, is this any different?
It's hard not to feel antagonistic towards developers when the game keeps getting worse and worse and seemingly all they do is ask 200 euros for a knife.
@DoktorJammified tbf it isn't respawn that sets the prices its ea. Ea says how much money the need/want to make in set amount of time and respawn has to do it or say bye bye to funding and anything else ea provides for respawn
the weird thing about the whole situation to me is: some days prior to this these players got gifted A LOT of lootboxes (like 10k usd worth or something like it) while livestreaming. It could be possible that these hackers found a way to connect and execute code on the player's clients, but had no way of telling which client was which player. They started gifting those Apex Packs to those who were livestreaming to sort of "connect the dots" and find out which "client ID" was which player. This is just my theory, could also be anything else as Im not an expert, but seems weird to me that those 2 players BOTH received these packs gifted to them merely days prior to this competition.
I barely, if at all, know about the specifics that Thor talks about how any of this works, but my main point is that I thoroughly enjoy watching his videos just because of his enjoyment for what he does and how he words everything. Thank you Thor
I've been watching your shorts for while and this has been the most fascinating video, bc I love apex and tiranfall and have recently wanting to get into cybersecurity. It is awesome to see you at work and try to understand what's going on, in my favorite game.
Your content is simply amazing. I think i learned more with this video than many teachers in my software engineer degree. Thanks for sharing your experience so openly and in a way so clear and easy to understand.
I really hope Thor sees this, not that I expect that he will. The part at 1:24:25 where he sympathises with the Devs, The devs are doing as much as they can. It’s EA, the publisher that bought the game studio that makes apex, Respawn Entertainment, that are too greedy to employ a proper team and implement necessary systems. The game has generated $bns and EA is definitely capable of employing the adequate number of protection staff for this They just dont fucking care
He is right on that one. - Even if the leasdership doesnt do S___ about this, the devs probably would - if they were let, and not busy with "important" other work. Most companies just shove you into several projects at once, and you just try to manage every single one of those with the time you have. If they dont allow you to work on this, you just dont. So yeah, hating devs is never a good solution. You can definitely argue about the leadership though.
Sadly, he knows. He knows EA are just as terrible as Blizzard, but he's giving faith that Respawn can still find a solution to combat the situation. Hopefully third time is the charm and Respawn can finally their breadwinner from getting demolished by hackers.
You’re talking out of your arse. Yes we all know EA sucks but if a game has exploits it’s the game devs fault, not ea. it feels like you don’t know how the business work. EA bought respawn game releases under their brand. They have zero to do with the game in it self and let’s all companies under brand develop their games as they wish. Only thing EA cares about is looking at papers seeing profits
As a consistent Apex Viewer in the comp scene and the general streamer community I really appreciate your words Thor. Mande is a good representative I think for the way most of the players feel. Without any recent word from Official Apex sources I will not have Apex content to watch and will choosing not to play Apex for the time being. Will be checking out the Pirate Software content instead since it seems to be made with a lot of thought, consideration, and really good quality audio.
@@Ekdrink not really, the amount of people that live thinking the world is against them and any figure of power is using it to make their life horrible... isn't something only in apex legends isn't something only in videogames industry, people love to think that the world gives them their hardest fights and they endure the worst, world were a bit better if people could understand that shits happens to everyone and that we must work together instead of fighting each other who isn't completely agree with us.
Super interesting to hear your opinion on this kind of stuff. Definitely liked the longer analysis of the situation. It's also nice to hear a better framing of the dev and community relationship, since it is really adversarial in some communities. Thanks for this.
Oh my god i just finished watching the whole thing. This was so fantastic and wholesome,and the pro apex player joing the stream and being validated by thor while also,maybe having their opinions changed a bit by thor was phenomenal
I was waiting for this upload since I saw the clips of you talking about the apex clips. You were the first person I wanted to hear a POV of. This is gonna be interesting.
Facts, as SOON as it happened I was like “I’m not listening to what anyone says until Thor comments on the situation” he’s arguably the most knowledgeable guy in the area who’s public and forthcoming with information on these subjects.
Being a part of this whole scene for a decade now, I agree with many things Thor said. I've been playing around with games, anti cheats and server sided stuff for years and looking at all the information we currently have, I would say this for those who are interested in the actual technical stuff: - I think we are talking about 2 seperate (but maybe connected) attacks. The first one being that the guy has some method of RCE on those specific players PCs. We can see that he probably injected code directly into the game - Pretty sure that it is is no external cheat running with an external overlay. - The interesting part is, how did he get access to that? It could be as simple as having the players download a RAT which gives the access - however, the more interesting part would be if the attackers used the second attack first to gain access to both RCE and some kind of Server Side control. This is purely speculation, but they could have, as Thor stated, access to an employee's machine or even direct access to some kind of admin panel / high level server. I have not seen any information if EA / Respawn actually utilizes such stuff (eventhough it is very likely), but it would explain how they are able to spawn and manipulate live games, gift packs and ban the players while, on the other hand, they could use this exact access to send remote code via various kinds of ways to the specific players. Maybe it is a vulnerable client to which they can send code, or even the Origin Game client itself - we know for a fact that those clients can receive updates, maybe even shellcode execution, you never know when talking about EA Games. It seems really plausable to me that they have found a way to do exactly that - hitting 2 birds with one stone. - As for EAC, I am pretty certain that, after playing and looking at it for years, there is no actual way to compromise it in such a way. The internal self integrity checks and the way they handle packets and communication requires a very deep understanding on how to hook / patch or emulate them - though, we can never be sure as there might be an exploit which would have been undetected for months now. Also, do not believe what people say online - EAC is a really sophistacted Anti Cheat. Over the years, they have been updating and implementing stuff which made many providers struggle, at least for some time, to get their cheats back up and working again. Problem is, the scene is really big and there are a lot of smart people who will eventually post or leak information on how to get around those mechanisms - especially the Kernel ones. - I agree with what Thor said about Kernel Anti Cheats and privacy. Having a kernel lever AC provides full access - if you look at Vanguard, they install their driver to start while you are booting which can catch UEFI bootloaders that load cheat drivers, though that can also be bypassed, but they basically have full control once you press the start button on your PC - not when you start playing a specific game. There is one known AC driver known to me right now, which can be compromised and leveraged to gain kernel level access on a machine. There also have been more in the past - look at echo ac. I won't even start with Microsoft approving this garbage and security hellhole of a driver - keep in mind, if you want to sign a legitimate driver, it must pass through MS internal system. Or that there are chinese companies having that kind of stuff implemented and running on hundreds of thousands of machines - you think about that for yourself. Apart from Anti Cheats, there are literally dozens of drivers which can be abused and have in the past - some even have the ability to terminate AV Hypervisors and Real Time protection. - What I do not agree on is that utilizing Kernel Level ACs doesn't significantly reduce the problems. Let me tell you - it is not about if Kernel ACs can catch cheats, it is about do the developers want those cheats and cheaters to be banned. It's a known fact in the scene that there are literally thousands of cheaters receiving flags after minutes of playing from ACs like EAC. Better say, they are detected - quite literally. But as Thor states in his Banwaves segment, you do not want to instantly ban those players all at once, you want to wait and ban a huge amount of those flagged players all at once. On the one hand, this gives you the advantage of making it harder for cheat devs to pin point what got their stuff detected - could have been an update weeks or months ago. On the other hand, you are creating this "illusion" that even driver ACs don't help for the legitimate player base, hence there are cheaters all the time and they are only banned after weeks / months and that creates hate and havoc because a normal player doesn't know how it works. It also allows the cheaters to buy an account, have "fun" with it for weeks before having to buy a new one. If you would ban those players once they are flagged as 100% cheating, you would loose a big part of your income. Buying 3 accounts a week or leveling them on a long run is completely different than having "fun" for weeks and then you can just start the cycle again and are ok with that. I and many in the scene know for a fact that (I would say) 80% of cheaters in games that utilize EAC, Vanguard or any other Kernel AC, are flagged after just some minutes / hours of playtime. Most of the cheat providers and "devs" actually have no idea what they are doing. They don't know how to devirtulize and then reverse EAC's own Obfuscation and Virtualization, they have never seen a decompiled module in IDA, they have never even attempted to analyze specific streamed modules and shellcode. All they do is think they are safe, which they aren't - but many EACs and Game Devs give them the illusion that they are. DMA is a whole other topic, I won't get into details on that but you can see a really strong trend of people switching to it. If you do not utilize any driver based AC, there is literally nothing you can do. Period. I think Thor needs to differentiate more between games where bots and scripts are / were more utilized and games like shooters, where everything comes down to memory reading, writing and a way to draw your stuff.
I have a bit of anti cheat background myself, I had a crazy thought float into my head, something ive seen before. Your apex client user profile, might be during the dev cycle of the game a copy of the dev client, with access turned off. That access can be restored through various methods. And its simple humans being humans as to why this could happen. That to me explains his bot drops of people, and going into any live server he wants. And that is what you are eluding to in your 2nd paragraph. He simply turned his account into an admin account.
Personally, I've found a way to hack BOOTMGR in Secure Boot mode to load an unsigned, modified Windows kernel into my system, which I can then alter at runtime to appear legitimate. That way, it's possible to load custom kernel drivers into it without exploiting previous ones beforehand. If it wasn't because I'm testing this stuff in a VM, which things like EAC don't like, I could potentially be ingame doing weird shit right now. But I'm not gonna, because I don't care about these games. I only learned how to do this to get around these integrity checks for Windows modding purposes.
Very interesting read, thank you very much for that. One question: Is the problem that devs and publishers have naturally less control over independently rented servers running their games (like BF2, or CoD 4) also one of the reasons why publishers don't really use these kinds of servers for multiplayer games anymore?
@@Donnerbalken28Thanks - and regarding your question, I frankly do not know the exact reasons for that. I have to say I still know many games where you can host / rent independent servers and make them public. Just renting a server doesn't mean you have the ability to do anything regarding the actual games network infrastructure - the whole traffic, stats, achivements etc. still has to be processed by the actual game backend and server framework - given you are hosting publicly available servers. So renting servers shouldn't be seen as one more exploitable threat as everything still has to go through the actual games backend - that's where we should be concerned about stuff that has happened like here in Apex. I would even go as far as saying that if you know what you are doing, hosting own servers can be seen as a mod on top of the game which even brings more security to it. Other Games like DayZ, Rust etc. have shown that the owners implement their own protections on top of existing EAC / EOS / Battleye ones. Also, having a hosting provider providers another layer of security, think of Firewalls etc. :)
I'm not reading all that I got halfway. Look into Respawns previous games like Titan fall to learn more about servers being hacked. Seems like the problem was never fixed.
Thanks for shining a light on this whole matter, the gaming community in general needs to open their eyes to the reality that is this whole cat and mouse between devs, cheaters, hackers and gamers
been playing apex since the beginning and started watching your videos a couple of months back... i really enjoy your content and loved your take on the situation... keep giving your intakes and the gaming community will evolve, or at least we'll have certain notions unknown to us thanks for the clarity
Very interesting guests to have on, thank you! As a first-time viewer, little feedback I could give as a viewer is to play more of the source videos to comment on, rather than one to two second sound bites..... context is everything. It would be interesting to have his reaction to a 15 to 30 second clip (the first clip where the cheat menu popped up, was so short that I had to go to a different channel to see the context, and the one where Hal downloaded something on his computer was so short that there no context at all). I can't speak for others, but I leave videos when I don't see enough context in order to go watch the full clips and often I dont come back to the original video due to either finding more complete longform content or getting distracted by youtubes algorithm.
Really liked the last part of the vid. Respawn needs to talk to the community. The community should support them since it's the game they love. All the best to respawns security team! Would love to see a update on this channel at some point. Great vid!
@@Joeyfield0 He's the other dude talking to Thor at the beginning/rest of the video sporadically. The other guy who joins midway is some apex player judging by what he's saying about the game.
@@Joeyfield0 as Pixelbendr said. To add context, he is a developer at netflix with a large community on youtube twitch and overall super funny and smart guy. The other guy joining is TSM Mande, but he had a lot of success filling in for apex pros, and this season he was also competing in ALGS with his semi-seriouss team of streamers.
I've been watching your shorts for a while but only just now have been looking at your full length videos. With your experience I'd love to see you break down the issue with destiny 2 cheater issues. Like, genuinely thoughts not just a community member giving opinions. Either way, love your stuff man.
In the server-side exploitation section, if Hal is playing on a compromised machine, they could redirect the matchmaking process of HIS game to connect to the hacker's server which would allow that zombie-bot behavior. Or it could simply be that they can join the same player's server, quickly filling it up with these bots of their own. Depends on the process to joining that server. In any case, it's an interesting video. Thanks!
These are Apex Predator lobbies with real players, and he is dropping 40 bots on them that count as one squad. If you continued watching you would've heard those bits.
My understanding is that Valorant anti-cheat loads at boot vs many other games that load on game launch. Makes it even more intrusive and scary if ever compromised.
yeah valorant anti cheat is basically a root kit. meaning if someone high enough at valorant wanted to do something bad or got hacked everyone with the game Installed is screwed.
From a purely investigative standpoint, I like the Occam’s razor stuff. When you’re investigating stuff as an amateur it’s fun, and the want there is to go straight to the craziest theory possible because ultimately that makes it more fun. You see it all the time with the true crime people.
I have never heard of you before, I've played games you've worked with. Can I just say I am so impressed with how you handle these situations. Your demeanor, and concise explanations are stellar. Thank you for a great video. I learned more than I expected and really appreciate your approach.
Hey Destroyer. If you read this. Just start giving everyone Heirlooms. That should piss off EA even more.
Fr If u want to hurt EA Take away their extremly overpriced Skins. And IT will be fixed in No Time
They can gift apex packs. So give us all 500 and there we go lol
Especially if he gives me heirlooms. I bet giving me heirlooms would be the worst thing that can happen to EA, 100%.
Honestly true disable their monetization and EA will get on that instantly.
@@IdiotSun69 its true! i got word from hideouts that the only reason they dont work harder is because my boy over here has been unaffected.
This is such a fascinating conversation. Having a cyber security expert, in the gaming space, while a major network breach happens, in the middle of a massive esports tournament is such a rare occurrence. I’ll definitely be following closely.
The Thor dude seems like a super legit genuine dude. The advice he gives, in general, but more so at the end of this video, is incredibly authentic. I wish there were more folks in this world like that.
Good shit man.
Thor's stream and videos are exceptional. He speaks really well and is always encouraging and welcoming. Such a great twitch streamer to have on and just listen along.
One of us. One of us. One of us.
This guy is amazing on every level. I'm a fan.
Dude you have no idea hes legitimately invested in helping people stop working for the man and make shit on their own, hes going to get killed by the CIA or some shady conspiracy shit like that if he doesnt stop :p
Thor is super solid. Awesome dude.
About the serverside exploitation section: The code for the things happening in this clip, exist within the game files.
1) Spawning bots. There was a limited time mode for Halloween where you could get two AI companions (Prowlers) which acted autonomously with a simple AI to chase and melee enemies within a certain range of you.
2) Increased squad size. There was a limited time mode, in which SURVIVORS killed by HUNTERS switched sides to HUNTERS, enabling teams of dozens on the HUNTER side.
The Hackers just need a way to activate combinations of existing legacy functions in the game.
Very good point. Just because none of the buttons in the game assemble a packet to spawn bots anymore does not mean that nobody could assemble one by hand/ with a program. If both of those features are left in, no RCE'd be necessary.
Ah, this makes my thoughts of simply using actual bots less likely. With those, he could use valid commands with invalid context sent to the server.
So, pretty much the hacker can use whatever asset the devs have left in the files and create whatever he wants so long as they have existed in said files while making a few adjustments here and there.
Apex is his sandbox.
But also, the hacker needed to gather all these bots in the same lobby with his target player, and the game treats these bots as players, which means that the hacker had to use a matchmaking system to get them into the same match with the target player. Doesn't this make it logical to assume that this is a server hack, with some kind of "admin permissions"? It's very similar to what cheaters do in gta online and rdr2 imho
This reminds me of Smash Ultimate hackers loading singleplayer boss battle arenas to play normal Vs. online matches. The server and other clients simply didn't validate that the stage ID being requested was actually selectable for Vs, that's all.
With access to the server RCON, debug commands used by the developers to test server functionality prior to events becomes possible. Commands that may explicitly be designed to allow stuff to be tested out of context, without engaging the game mode they were intended for. The same kind of command used by the original server administrators for all kinds of things, including, but not limited to, banning and unbanning players.
Id usually laugh at the sentence "I'm a hacker" but your experience and ability to speak effectively and confidently really help ring home how that honestly an understatement
One of the rare occasions where someone saying "I'm a hacker" is actually exactly that.
@@Pointykek right. I wish I had that skill set. just got into the PC gaming world and the knowledge to protect myself would be priceless to me.
@@twostonedactual2541 I dont have the best skills, but i rec just double checking if you feel sketch about something. I always just do a small search about files or sites before anything
@@twostonedactual2541even if you’re not a PC gamer, the knowledge that you can use to protect your identity and data is priceless. Everyone should be made aware of security.
@Pointykek It's an understatement. He does more than know the game, he knows the game development, business and even the streaming sides.
I work in the cybersecurity industry and also live in the Seattle area. Love your channel, your mission (from my own perspective), someone that actually understands red/purple/blue teams and the role they play in an organization, and how software and application development is deployed and the issues that arise when CI/CD and QA processes are weak with no culture around collaboration across team functions. You get it. You’re a pro. And your opinions and expertise shared on this channel has impacts across the gaming industry. Keep up the amazing work! The gaming community needs more like you to speak up!
I really appreciate Thor for his gentle pushback against Mande when he was repeating sensationalized claims (out of understandable fear), pushing against it and nudging Mande into the right direction and saying your piece without needing to call out any specific thing they said or saying anything too confrontational.
I also kind of love that it almost became a mini therapy session for Mande for a while towards the back half lmao.
Yeah, it's really sad that for him, Apex is a paycheck instead of a game he can enjoy. You've built your career/life around playing this game that you have no control or say over, and it was an extremely dangerous investment which paid off for years, but now realizing that Apex was never going to be around forever. He should've pivoted his content much earlier, but now he has to do it when no other FPS games are kind of competing for the space.
@@steamfeuvermakes me hope for the finals to pick up traction at some point. i understand the grievances, and the cheating problem is unfortunately bad, but the developers have very real care for this game and show fully that they want to make something all players can enjoy
playing a game and supporting a studio like that is really a nice breath of fresh air compared to trying to cater to a mega corporate game where you are just a number and the game is strictly a paycheck
@@mav9987I agree, in this day in age it’s smart to always have a pivot game. These games aren’t conventional sports and don’t have the stability of them either. It’s also hard to predict which games have true long term potential (ie. factors like dev, company, or gameplay issues).
I enjoyed The Finals for the first few weeks of beta and launch but soon after the game felt a little repetitive. Although the game is extremely dynamic, it also feels monotonous at the same time. Maybe more unique maps, or gameplay loops would help improve it but who knows.
@@jyk8991 needs way more modes. i compare it to overwatch more than i do apex, and what keeps overwatch fresh is its plethora of maps and modes. once they get them going down we can really see people sticking to the game in full
A man who has worked both in govt and corp and has damn well learned to be persuasive and gentle
It's incredibly refreshing to hear someone advocating for compassion while not invalidating the anger the community feels. Wish I could catch your streams, but I'm happy to have found your YT content.
Invalidating? Dude get an actual life.
@@Dr.RojoMcDelly bit of a ironic comment
@@Dr.RojoMcDelly Those exist?
He streams pretty consistently at I think 3-4am EST? and then he streams for around 12 hours,
@@Dr.RojoMcDelly what
Man, this video is blowing up! Mad props for the work and knowledge that goes behind this, you're doing the lords work by getting this stuff the exposure it deserves.
I've never made a tip before on UA-cam but your shorts always pop up in my feed and your advice has genuinely had a positive impact on both my work and personal life. Figured this is a way I could return the favor, thank you for everything you do.
You could have spent all that money on drugs and hookers.
It really speaks to your character seeing your opinion change in realtime as you're being fed new information. Incredible insight
@@jrpgplayer ermm like seriously they must be literally stupid
@@jrpgplayer yup
More analysis than opinion.
Flip flop flip flop
It’s not character lol. You cannot solve problems without basic critical thinking skills.
22:40 reminded me of when the Division stored all your character and weapon stats in a text file that you could edit however you wanted
Good times! God that was so funny.
Sounds like such a ubisoft thing to do
I remember that!!!!!
Ubisoft try to be competent challenge:IMPOSSIBLE DIFFICULTY
that was pretty much all games 15 years ago.
Your knowledge is unmatched and your natural intuition and experience is beyond commendable and I have learned so much from watching you, Thor. You are incredible. Thank you.
And to think not that long ago I remember thinking “who’s private software and why is he in my TikTok and shorts so much?” Now when this happened I thought “I wonder what pirate will say.”
Love it
Thor, after over a decade of working in an ICT Support/SysAdmin role and not feeling great progression, I'm part of site wide lay off but this allows me to upskill...
Watching your videos and streams over the past year and seeing your passion for what you do and did in the past, inspired me into pursuing my interests/instincts in security and analytics.
I absolutely love it!
Thank you for the always informative and enjoyable content, I think I speak for the majority by saying that you're very much an inspiration to to many!
Man… the care you took to make sure you understood Mande and words of encouragement was really amazing to see. You are such an amazing guy.
Thor=best fuse I'll never look at fuse again without seeing Thor's face
has experience spoke volumes in his his dialogue with Mande. kept to 100 with him while validating feelings. i can tell ones things for sure. Thor is an amazing boss.
@@dixiestix2197 je de w,,,,,,,,,,,,,,,,,
Gulk gulk gulk. You’re gagging on it
The servers of Respawn being vulnerable is a story as old as the company. They literally stopped selling Titanfall 1 because its servers are/were trashed by apparently a single hacker.
And the Titanfall 2 community kept their game alive by modding the game and adding a custom server browser and custom gamemodes for the game back when the same hackers were attacking the Titanfall 2 servers. Now TF|2 is playable again on vanilla servers but who knows how long that will last.
That's what I find so weird about this Apex's server compromission. 4 months after TF|2 servers are patch it's the Apex servers that are underfire. Imagine if the hacker would find a way to automate waves of bots to render the game unplayable like he automated server crash in TF|2 ?
This is the scariest part. It's EA and Respawn's negligence or ignorance of fixing their games from hackers. It goes to show that modders from the community have more control over the game than the people who created them.
It's pretty much up to Respawn and EA to figure out if they want to make an effort to care for the breadwinner or simply craft another one and hope it does well financially.
The fact they still use stryder baffles me. Despite how many times it has shown how its old age is effecting it, they still decide thats its perfectly safe.
They just need to fix stryder or take it down.
@@Sorrowgrave No thats wrong there was a group that "tried" to combat the "hacker" which they then turned evil to hack tf2 just flooding servers with bots and then did the same with apex and changed the msg of the day to their groups name and they boasted it was all easy cause respawn used the same security layout for all three games all while EA was selling tf1/2 at discount while fully knowing no one could play any of the games for years and apex being down for like 2 days at the same time.
EXACTLY THIS did people forget about titanfall's hackers?
Love how 30 secs into this hour and a half vid you made it so clear as of who you are. I love you men! Congrats on that Steam Award, been watching you since then. Can't believe I spent most of my time on YT and Twitch without watching you.
Prime and Thor slowly realizing the capabilities of Destroyer2009 and his infamy in the community is such a wild ride lmao
He is ascending
Especially after the Titanfall issues.
I just played a game with him on apex tonight. I swear to God. I was making fun of his age.
@@Chronicleropewait this is the same guy who fucked up titsnfall? Yeaaaa that’s probably an apex thing in that chance
@@Chroniclerope Wait it's the same dude
I'd just like to say thank you for listening to Mande's complaints and responding in the way that you did. While I don't know the guy that well it felt like you got through to him pretty well and helped him to sort some things out in his head and get some things off his chest. I feel too much that people have an Us V Them mentality when it comes to defending people in their industry and the fact that you were able to make Mande feel heard and understood while showing him how it all works, why he feels that way, and have him come out of the conversation understanding the other side while still feeling his grievances were valid was a wonderful thing. I sincerely hope more developers and community managers take note of that, as I reckon it'd help make discourse around these sorts of issues calmer and more constructive.
Thor has extensive social engineering experience. He could hate Mande's guts :P
Mande is a pretty chill guy, he never is a negative type but he’s been dealing with cheating for MONTHS to the point where some days he had to stop playing sadly because it was every game, and he is tired of respawn not doing anything ( it feels like they arnt ) but yea it’s nice he listens to Mande and also gives him some intel on the employee side of things was a cool call tbh
Super super good conversation. Never listened to long form pirate software before. What a lovely guy breaking down a complex topic in a really good and considerate way towards the players and the company
Thanks for this, as a fellow cyber security professional its awesome to see you give direction and information to people!
So rad to finally have an entertaining, prominent voice in the streaming space that can react to things like this with an informed perspective (and inform viewers in the process). So much stuff to digest here, and yet super easy to follow 🙏
Fr my number one pet peeve of react youtubers is when they are so uninformed yet try to make these big elaborate deductions or statements on something when they have no idea what they’re talking about.
Reminds me of @TotalBiscuit
Destroyer is infamous in the apex community for doing things like dropping bots on streamers mid ranked game and giving people thousands of apex packs
And running his pc cheats on console, he's able to use his pc accounts and hacks on console lobbies and *nobody* but him knows how.
they talk about this in the video thank you for reminding me
The law needs to be updated to reflux these trolls.
@@meowxeno possibly abusing or exploiting the crossplay system
Damn bruh can he slide me some packs I need my heirlooms 😭
Even as a non-Apex Player, this video was extremely interesting!
From the Support to the Game Devs, to bringing in Mande, this was all done very respectfully and was very helpful in understanding what goes on behind the scenes of ANY online game.
Also, though I've never heard of him(as I don't play or follow Apex), Mande seems like an absolute stand-up guy!
This is by far the best video about the subject. Literally professionals who care about what they are talking about and not just farming content.
He doesn’t know a thing about apex, nor the tournament, nor the streamers. He’s made 3 false accusations in the first 5 mins. Worst breakdown yet.
@@tylermorrison509 he didn't have all the information. He made conclusions based on what he knew at the time. While he doesn't know apex, he then had someone who does join him so he could discuss and rethink with new information
@@tylermorrison509 Considering it's been his job for 20 years, and he was following the process of elimination (basic problem solving, doesn't require his job or training)- you sound dense.
@@tylermorrison509 sounds like 5 mins is how long your attention span is.
@@linhza501 right, that’s why I watched the whole thing
I love thor and i love thors ability to be like we shouldnt be claiming we know we dont and also when given new info "oh this changes things". To many people are scared to admit either of those things.
@@Ray-mj5mjmoreso the difference between someone with critical thinking skills and an idiot.
@@Nubleborskyexactly, one does not need to be a professional to use their brain.
@@Ehh..... Professionals use their brain
Is this thors channel
@@tonyconnor5691 yes
"The marketing and merchandising teams are going to keep going even if the game is on fire because that was there release schedule. Not every team stops just because one aspect of the game is broken"
THANK YOU SO MUCH FOR SAYING THIS.
Coming from the Halo Infinite team it was so tiring seeing every single external media post get flooded with comments like "Why are you releasing a new audiobook?! FIX THE GAME!!!. Why are you releasing a fun little cookbook?? FIX THE GAME!!! Why are you putting more cosmetics on the store!!!? FIX THE GAME!!!!" My brother, it's not the art team's job to fix the game, or the marketing, or franchise, or legal's team to fix the game. It's QA and engineers and every time they come into work it's like opening the door to a furnace. And yes absolutely, imagine how hard it is to solve these massively entangled issues ON TOP of the community hating your guts and giving you negative morale all day every day for even mundane things, let alone serious issues.
You want stuff to get fixed? Honest to god, just submit a support ticket and be as unbiased and objective with your description as possible. QA needs plain facts and raw information to work with. The more of that they have the better they can prioritize and fix things. No matter how angry you get or how betrayed you feel or how crap the game seems to be at the end of the day its really just that simple. Twitter rage doesn't fix those kinds of problems. Basic support tickets do.
Developing sounds like a massive headache kudos to y'all
Didn't know making a game was that hard, I thought you just needed an art team some coders and that's really it.
343 doesn’t listen to fans, they haven’t for the last decade+
"Im cheating Im cheating!" is such a wild callout
Yeah I thought the same thing. He didn't say "something is wrong." He immediately recognized it as a hack. Not a possible glitch or even a thought that it could be. This makes me believe that person is familiar with the cheat interface at the very least. The wording of that call out could be a Freudian slip.
@@fivetriplezero8985 He somehow knew how to make the cheat loader disappear after it popped up.
@@fivetriplezero8985 you would notice an aimbot or wallhacks instantaneously if you were playing a game, you have spent 1000+ hours in
@@fivetriplezero8985 I'd say anybody who spends a significant amount of time in FPS games, especially at higher levels where they have a lot more knowledge, they know what that stuff looks like. Like, I pretty regularly see clips of cheaters being exposed or stuff like that, it's not all that uncommon. Plus, it's pretty obvious it's a cheat even from a glance. Suddenly you don't have control of your mouse and it's just lasering down people, and you can see them through the wall? It takes half a second of reasoning to understand what's happening.
@@fivetriplezero8985
Being high level players in a game that has people that generally cheat sometimes in lobbies, I’m sure they’d be able to recognize an aimbot right away. I probably would and I’m a diamond scrub
I love them bringing in the apex player because it shows both sides on how people are approaching this information. You have the InfoSec/Dev side and the average end user side.
Mande isn't the average apex player but I get your point 😂
On the topic of communication and devs, I haven't played the game in a long while but I will always respect the team at Warframe for how they are able to take one of the biggest spaghetti messes of a videogame and cultivate a relatively positive relationship with the community. The devs are playing and talking in game to people, they're doing livestreams where they directly talk about things rather than avoiding them, they'll say "hey, guess what, that plan we had - you all tweeted us telling us it sucked and you hated it, so we recognise it's a mistake and we're not going to do it", and then they lighten the mood with some memes and human interactions and positivity. Rebecca and Megan from the community team and some of the devs like Pablo who just literally sit on a sofa once a month or tweet reply to people do more than any crafted PR statement or new shiny distraction could ever do to get players on side.
Isnt Megan incharge of DE now?
again take this with a grain of salt because I haven't been close to the game for a while, but my last understanding was that Megan was community manager and Rebecca was her boss and one of the directors@@MonlopoMAN
the fun part of warframe is that it doesn't hide obvious problems in the game and make it funny instead of make you afraid/ angry
Warframe devs need to make an actual hard game not a fucking snoozefest. 5/10 game would easily be 10/10 if there was any sort of challenge at all.
Man it's really cool that talking about anti-cheat is becoming more mainstream now! As a bonus most anti-cheat devs are huge nerds and truly love thier craft. It's very fun to listen to and when the person talking knows WAAAAY more than the normal player real things can happen. Knowledge is power, and is the players have more knowledge then that can help everyone!
This is very interesting stuff. Its really nice to see a dev take on this case.
He’s not just a dev. He’s also a hacker and a cyber security guy he’s got crazy qualification’s and experience
Yeah we got that. He said that multiple times in the video. Cool perspective anyways
@@jjsummerz no shit shirlock
@@jjsummerz oh wow, if only he said that right at the beginning.
@@80AM. calm down, they're trying to help
This breakdown was really cool and the insistence on applying occam's razor before assumptions was respectable. Thank you for the content this was enjoyable to watch and informative
im so glad you uploaded this whole thing, man
so many people heard you say "I think his machine is compromised" in the first few minutes- punched it in as a headline and clipped it, and now people think Apex is 100% good and these two just have malware...
(WE dON'T KNOW YET).
imo, the most concerning thing is that EA/Respawn have said NOTHING in 30+ hrs...
We know now
@@onikruxThey would probably just say "Dunno, we're looking into it", and since they probably are, what is the point in saying anything?
@@aeswere that's exactly what they posted last night hahah
@@aeswerecommunity communication would be the reason i suppose. its kinda more of a courtesy thing?
Everything else aside, I think its really awesome how you could, and did, give Mande some peace of mind, great overall advice etc. Ofc you do it for your viewers a lot, which is what I greatly respect, but the guy is sounds so clearly relieved after he could vent a bit and had some of his worries put to rest
As someone who doesn't play Apex I still found this video amazing and basically anything from 59 mins in you could replace "apex" to ANY current competitive game Cod, battlefield etc and it would be accurate and amazing information for all people when facing this kind of issues in games they enjoy
Thanks for posting this Thor. I was checking in about this since someone else was asking about it and you were the first person that I figured would have the best grasp of the situation [outside the company]. I was not disappointed with the discussion. Great insights on the internal workings within a large company. Keep up the great work.
Nobody seems to have noticed the last option in the "TSM HALAL HOOK" cheat window:
✅ Vote Putin
lol
It seems like the majority of my comments are getting censored on this stoopid website! Anyway, I'm sorry for that...
Look at the last option inside the "TSM HALAL HOOK" window. I can't repeat these word here, apparently... I think it might give us a tiny bit of information about the hacker's physical location, or at least from what kind of demographic he is from.
edit: That's assuming that cheat tool was made by this/these individual(s), which might not be the case.
As a college student in cyber security these things are always interesting and I love the discussion. I always feel like I'm learning more, especially when it comes to the analysis of the issue. Greatly appreciated
As someone who does security, this is exactly what it looks like (PirateSoftware's handling) - you verify every claim, using all the evidence. He drew out the information from the subject matter experts with perfect questions, building out connections where possible. Trying not to make them certain where they're not. Assumptions will kill you as badly as grumpy employees and phishing attacks will. There is a LOT to learn from watching this.
Damn this seems way more kaid back than engineering I may have chosen the wrong career 💀
Thor - Top tier security specialist, years of experience, many notable achievements, former wielder of the mighty banhammer!
Prime: - Massive security liability, damn near wiped out Netflix on an oopsie......
@@Astraeus.. wait when did prime almost take out Netflix lol
@@imperialis40kthe grizzly bug
Some lore on Destroyer2009
Destroyer is a kid who got hardware banned on rust like 5 years ago which sent him down a coding/exploiting rabbit hole. He is a fan of apex who has been developing cheats and finding vulnerabilities in the game for a long time. This level of breach is impressive and I’m curious to know what level of access to the server and or client he really has
Ive seen his name around before in rust too bro wth??? I swear I was griefed by the destroyer2009 on rust ages ago lol.😂
Sounds like something destroyer2009 would comment 👀
Didn't he have a stint on Titanfall 2 that as well?
@@mr.jojomunoz6561 He's just relaying what he heard on Mande's second video with destroyer, doesn't look like many people have seen that video an I advise checking it out lol
Another thing destroyer mentioned was having 200 accounts in queue trying to get into the game, so everyone thinking he's "spawning bots through code" are off the mark xD
Plot-twist: in reality he just compromised 1 employee's pc and 2 streamers' pc, and that's about it.
It was genuinely a breath of fresh air being able to hear all sides come together to have open dialogue and discussion about what the problem is, and how each side can play a part in fixing it. Discovering unique similarities because at the end of the day, they share the same goal for wanting games to thrive and succeed.
Okay I gotta say, it really felt during this interview that this Primeagen dude just wasnt listening to your answers or tuning out. A couple times he flat out ignores questions you ask him in response, but it was still really fantastic and insightful to hear your views and takes on this stuff coz as you say its very much in your wheelhouse. Thanks for putting this together Thor.
I think its mostly just a case of them not working together that greatly naturally, it happens all the time, people don’t always click or are on the same wavelenghts. They were looking at the problem from diffrent views leading to different interest points.
At least I would think so.
Thor was also constantly talking over him. I wouldn’t want to talk either if 90% of the time I’m cut off.
@@SilverTicketlore Dude was clearly reacting emotionally. Was getting extremely specialized feedback from an expert in the field and he just wanted to be angry with Respawn instead of using his brain, and he seemed annoyed that Thor wasn't joining him in that.
Maybe don't rely on 1 single game for income and just expect it to last forever.
you approach these conversations with such empathy when speaking to players. I wish more game companies would communicate with the player base in the ways discussed in this video.
Thanks for posting this Thor. I was checking in about this since someone else was asking about it and you were the first person that I figured would have the best grasp of the situation!!
How on earth do you get verified as a chicken
@@channingtaintumbro must be chicken
omg it's the legend himself
This is the first ever long video I've seen in on my page from Pirate Sofware, his clips are fucking everywhere for w/e reason, but I just want to say the end of the video shows how good and genuine a human being you are and you. P.S. I sold a WoW account after highschool going into LK don't hate me please, was #1 boomkin in PvE (NA) in BC lol not that I had much competition.
Watched this from Mandes stream yesterday and you blew my mind. Instantly subbed and liked when I saw this pop up on my feed. Thank you for your knowledge and insight!!
Thor, your thumbnails might be made in 5 minutes and have Comic Sans for the font, but we love you anyways. Glory to the Goblin King
glory to the goblin king!!!
comic sans is the best font for the internet.
Comic sans is actually helpful for dyslexic people
Comic sans is better than thor mouse writing.. but we still love it anyway.
@@emmastark3285ye thats right, one of the things designers dont get, there are no ugly and bad fonts, just bad use of them. :)
Thank you for cutting this out from your stream to make it easier to find/watch. I love this content but I would miss it as I don't get to watch every or the entire live streams so I am glad this was shared to get the info.
I am by no means a computer person, and so i always love how Thor explains stuff in a way that is easy to grasp. Very cool video!
thank you for clarifying the issues and not spreading miss information. it's refreshing to see someone who has a background on these issues and able to explain what's happening "in a simple way" and not jump to conclusions. Me being new here I'm definitely going to be watching more of your content that has to do with hacking since I find it fascinating and uneducated on the matter.
The Thor/Mande crossover! Unexpected but very welcome 🤝🍻👏
Primagen/Thor/Mande
Primagen called Thor to get an opinion on the hacks and then they invited Mande to join their talk.
Mande just talking gibberish
@@moodmusic4life He was just giving context, he didnt talk technical... tf are you talking about?
Now we need them with Destroyer in a call.
@@moodmusic4life first time I've seen someone not understand what the word "gibberish" means. Impressive.
There’s a clip a month afterwards of him on Hal’s account. So it’s absolutely something connected to the server where he can see and use the info. In which case, the client does have enough connection.
His personality denotes that he does get enjoyment out of being outside of extradition. However, he is of enlistment age, so that might be a useful way for the feds in Endgame to handle him.
Dude as a fellow security professional, I would LOVE to see more content like this from you. Your knowledge and experience is fascinating and I wanna hear more!
It was great that you were able to have the Apex pro on the stream and talk to them and see their take and perspective. They did a good job of illustrating their feelings and perceptions of the game and talking through the situation. I am glad we were able to see it.
Thor and Primeagen, thanks for bringing much needed clarification to this issue; and stressing on multiple occasions the "trust, but verify" system. As a budding cybersecurity person in my later years of life, this cannot be stated enough. It was also very nice to loop a professional player in Mande into the discussion to get their perspective on this as well.
So glad this guy seems to know what he is talking about. So much reactionary content regarding this and people re-formatting (after a quick how do i re format search) their pc.
What is re-formating?
@@magnum3.14 how would i know. Just some word believe I heard somewhere, sounds computerish. There can only by one true magnum btw. Prepare to duel.
@@magnum3.14 When using a new data drive, you have to format it(im not savvy enough to know exactly what formatting does, but it basically allocates space in the drive for the computers to use). Re-formatting means youre completely wiping all data on that drive by allocating that space again. Wiping a drive means there is a high chance of wiping any virusses lodged in it. Wont work on hardware virusses unfortunately but these are extremely rare.
@@Zephiren you are a better person than me, i automatically assumed with a question like that ( can easily be googled) the guy was trolling.
hey Thor. Just wanted to thank you for informing us of the dangers between client side and server side stuff. The video was very enlightening of the situations both developers and players have to face. Know that I will be a part of the community that will see what other activities you want to branch out to as well. Thanks as always.
This dialog between gaming professional and IT/cyber professionals is absolute gold
Imagine being such a Gigachad in cybersecurity industry and be like:
"Nah, my passion is making games and petting ferrets".
Like those Ultimate Samurai with unmatched sword skills who become farmers just for a peace of mind
Not the hero we deserved, but the one we needed
Thor-finn
He's basically a peaceful npc who just so happens to also be the most OP character to fight against.
This is literally the plot of the several games in the Yakuza series
@@yosukehanamura3507Dragon of _Thor_-jima
This was a good interface... A dev, A dev/hacker and a pro player... such a good conversation.
I know you don't need the validation, but I love that you respectfully call your chat on BS but still with a firm stance that it's idiotic if it's intentional.
Man literally chose the best legend for the thumbnail.
Representing all middle aged man in the game
“This ain’t me first rodeo, mate”😂
Fusey 4 lyfe
This was really interesting as someone with a tertiary knowledge of security by being in low level IT. It opens my eyes to that there's a lot I can learn about the cyber sec part of IT
Great content, Thank you for posting this... it is awesome and refreshing to hear an intelligent opinion on such a rampant subject... Keep up the great work!!!
Insanely quality conversation... I enjoyed every second of it and learned so many new things...
it was so cool to hear two of my worlds colliding weigh in on both the dev side and the player side on the issues that Apex has been going through. thanks for the video!
I feel like, as a gamer, we really needed to hear all of this. Thank you guys for all of the insight! It really brings a new light to what goes on on the other side of the fence.
I was so glad to hear you talk about the dev side of things. As a dev myself, it's so sad to see how bad people bash the devs. I can guarantee there are some devs at Respawn that truly hate to see the game in this state, and would love nothing more than to fix it. But unfortunately, they're under EA. If the big boss says "new legend first, bug fixes later", then you have to do it. You can't go rogue or your job is toast and you can't feed your family. It really sucks but at the end of the day that's the reality of it.
I also agree that more companies need much better community relations. For EA, I can probably guess it's about money. They won't dare admit fault or their stock prices tank. At the end of the day, we have to speak with our wallets. Which also sucks because as stated in the video, many people may not encounter the same issues as Mande. In my 3 years of playing Apex, I have personally ran into maybe 1 cheater long ago. So yeah just an unfortunate situation all around.
Yes and no, respawn (the apex devs) have had this problem on almost every game they’ve made, while you’re right what the big boss says goes, you’d think after the 3rd game failing because of hackers you’d have a better plan going into it, the definition of insanity is doing the same thing over and over expecting a different result, is this any different?
While you speak truth, not a lot are going to care. You speak with an insider point of view but people don't want to hear that.
It's hard not to feel antagonistic towards developers when the game keeps getting worse and worse and seemingly all they do is ask 200 euros for a knife.
@DoktorJammified tbf it isn't respawn that sets the prices its ea. Ea says how much money the need/want to make in set amount of time and respawn has to do it or say bye bye to funding and anything else ea provides for respawn
the weird thing about the whole situation to me is: some days prior to this these players got gifted A LOT of lootboxes (like 10k usd worth or something like it) while livestreaming. It could be possible that these hackers found a way to connect and execute code on the player's clients, but had no way of telling which client was which player. They started gifting those Apex Packs to those who were livestreaming to sort of "connect the dots" and find out which "client ID" was which player.
This is just my theory, could also be anything else as Im not an expert, but seems weird to me that those 2 players BOTH received these packs gifted to them merely days prior to this competition.
I barely, if at all, know about the specifics that Thor talks about how any of this works, but my main point is that I thoroughly enjoy watching his videos just because of his enjoyment for what he does and how he words everything. Thank you Thor
I've been watching your shorts for while and this has been the most fascinating video, bc I love apex and tiranfall and have recently wanting to get into cybersecurity. It is awesome to see you at work and try to understand what's going on, in my favorite game.
Your content is simply amazing. I think i learned more with this video than many teachers in my software engineer degree. Thanks for sharing your experience so openly and in a way so clear and easy to understand.
I’ve only seen shorts of Manda occasionally, and hearing him react to Thor’s quick intro absolutely killed me😂
I don’t know how Thor didn’t laugh
I learned so much about critical thinking from this conversation. Thanks for doing this Thor
I really hope Thor sees this, not that I expect that he will.
The part at 1:24:25 where he sympathises with the Devs, The devs are doing as much as they can. It’s EA, the publisher that bought the game studio that makes apex, Respawn Entertainment, that are too greedy to employ a proper team and implement necessary systems. The game has generated $bns and EA is definitely capable of employing the adequate number of protection staff for this
They just dont fucking care
He is right on that one. - Even if the leasdership doesnt do S___ about this, the devs probably would - if they were let, and not busy with "important" other work.
Most companies just shove you into several projects at once, and you just try to manage every single one of those with the time you have.
If they dont allow you to work on this, you just dont.
So yeah, hating devs is never a good solution. You can definitely argue about the leadership though.
@@Ebikoyou hit the spot. leadership is more likely to not do anything and think of it as publicity that they can leverage off of
Sadly, he knows. He knows EA are just as terrible as Blizzard, but he's giving faith that Respawn can still find a solution to combat the situation. Hopefully third time is the charm and Respawn can finally their breadwinner from getting demolished by hackers.
You’re talking out of your arse.
Yes we all know EA sucks but if a game has exploits it’s the game devs fault, not ea.
it feels like you don’t know how the business work.
EA bought respawn game releases under their brand. They have zero to do with the game in it self and let’s all companies under brand develop their games as they wish. Only thing EA cares about is looking at papers seeing profits
@cyphercracker So it's not their fault that it became more and more monetized to stay free-to-play? EA has done this before many times over...
loved this long format video, it's great to have in the background of sp games
As a consistent Apex Viewer in the comp scene and the general streamer community I really appreciate your words Thor. Mande is a good representative I think for the way most of the players feel. Without any recent word from Official Apex sources I will not have Apex content to watch and will choosing not to play Apex for the time being. Will be checking out the Pirate Software content instead since it seems to be made with a lot of thought, consideration, and really good quality audio.
A video that sooo many gamers, that don't understand how things are on the other side of the business, should listen to. Thanks Thor :)
"you are in the same side as the devs" such an underrated and powerful comment right there, world is slightly better once you understand this.
It’s not really that deep it only really pertains to this
@@Ekdrink not really, the amount of people that live thinking the world is against them and any figure of power is using it to make their life horrible...
isn't something only in apex legends isn't something only in videogames industry, people love to think that the world gives them their hardest fights and they endure the worst, world were a bit better if people could understand that shits happens to everyone and that we must work together instead of fighting each other who isn't completely agree with us.
Super interesting to hear your opinion on this kind of stuff. Definitely liked the longer analysis of the situation. It's also nice to hear a better framing of the dev and community relationship, since it is really adversarial in some communities. Thanks for this.
Oh my god i just finished watching the whole thing. This was so fantastic and wholesome,and the pro apex player joing the stream and being validated by thor while also,maybe having their opinions changed a bit by thor was phenomenal
I am a qualified electrician and I love how you diagnose and find voluntarilys it's the same as we do it but in more detail
I was waiting for this upload since I saw the clips of you talking about the apex clips. You were the first person I wanted to hear a POV of. This is gonna be interesting.
Facts, as SOON as it happened I was like “I’m not listening to what anyone says until Thor comments on the situation” he’s arguably the most knowledgeable guy in the area who’s public and forthcoming with information on these subjects.
Being a part of this whole scene for a decade now, I agree with many things Thor said. I've been playing around with games, anti cheats and server sided stuff for years and looking at all the information we currently have, I would say this for those who are interested in the actual technical stuff:
- I think we are talking about 2 seperate (but maybe connected) attacks. The first one being that the guy has some method of RCE on those specific players PCs. We can see that he probably injected code directly into the game - Pretty sure that it is is no external cheat running with an external overlay.
- The interesting part is, how did he get access to that? It could be as simple as having the players download a RAT which gives the access - however, the more interesting part would be if the attackers used the second attack first to gain access to both RCE and some kind of Server Side control. This is purely speculation, but they could have, as Thor stated, access to an employee's machine or even direct access to some kind of admin panel / high level server. I have not seen any information if EA / Respawn actually utilizes such stuff (eventhough it is very likely), but it would explain how they are able to spawn and manipulate live games, gift packs and ban the players while, on the other hand, they could use this exact access to send remote code via various kinds of ways to the specific players. Maybe it is a vulnerable client to which they can send code, or even the Origin Game client itself - we know for a fact that those clients can receive updates, maybe even shellcode execution, you never know when talking about EA Games. It seems really plausable to me that they have found a way to do exactly that - hitting 2 birds with one stone.
- As for EAC, I am pretty certain that, after playing and looking at it for years, there is no actual way to compromise it in such a way. The internal self integrity checks and the way they handle packets and communication requires a very deep understanding on how to hook / patch or emulate them - though, we can never be sure as there might be an exploit which would have been undetected for months now. Also, do not believe what people say online - EAC is a really sophistacted Anti Cheat. Over the years, they have been updating and implementing stuff which made many providers struggle, at least for some time, to get their cheats back up and working again. Problem is, the scene is really big and there are a lot of smart people who will eventually post or leak information on how to get around those mechanisms - especially the Kernel ones.
- I agree with what Thor said about Kernel Anti Cheats and privacy. Having a kernel lever AC provides full access - if you look at Vanguard, they install their driver to start while you are booting which can catch UEFI bootloaders that load cheat drivers, though that can also be bypassed, but they basically have full control once you press the start button on your PC - not when you start playing a specific game. There is one known AC driver known to me right now, which can be compromised and leveraged to gain kernel level access on a machine. There also have been more in the past - look at echo ac. I won't even start with Microsoft approving this garbage and security hellhole of a driver - keep in mind, if you want to sign a legitimate driver, it must pass through MS internal system. Or that there are chinese companies having that kind of stuff implemented and running on hundreds of thousands of machines - you think about that for yourself.
Apart from Anti Cheats, there are literally dozens of drivers which can be abused and have in the past - some even have the ability to terminate AV Hypervisors and Real Time protection.
- What I do not agree on is that utilizing Kernel Level ACs doesn't significantly reduce the problems. Let me tell you - it is not about if Kernel ACs can catch cheats, it is about do the developers want those cheats and cheaters to be banned. It's a known fact in the scene that there are literally thousands of cheaters receiving flags after minutes of playing from ACs like EAC. Better say, they are detected - quite literally. But as Thor states in his Banwaves segment, you do not want to instantly ban those players all at once, you want to wait and ban a huge amount of those flagged players all at once. On the one hand, this gives you the advantage of making it harder for cheat devs to pin point what got their stuff detected - could have been an update weeks or months ago. On the other hand, you are creating this "illusion" that even driver ACs don't help for the legitimate player base, hence there are cheaters all the time and they are only banned after weeks / months and that creates hate and havoc because a normal player doesn't know how it works.
It also allows the cheaters to buy an account, have "fun" with it for weeks before having to buy a new one. If you would ban those players once they are flagged as 100% cheating, you would loose a big part of your income. Buying 3 accounts a week or leveling them on a long run is completely different than having "fun" for weeks and then you can just start the cycle again and are ok with that.
I and many in the scene know for a fact that (I would say) 80% of cheaters in games that utilize EAC, Vanguard or any other Kernel AC, are flagged after just some minutes / hours of playtime. Most of the cheat providers and "devs" actually have no idea what they are doing. They don't know how to devirtulize and then reverse EAC's own Obfuscation and Virtualization, they have never seen a decompiled module in IDA, they have never even attempted to analyze specific streamed modules and shellcode. All they do is think they are safe, which they aren't - but many EACs and Game Devs give them the illusion that they are. DMA is a whole other topic, I won't get into details on that but you can see a really strong trend of people switching to it. If you do not utilize any driver based AC, there is literally nothing you can do. Period. I think Thor needs to differentiate more between games where bots and scripts are / were more utilized and games like shooters, where everything comes down to memory reading, writing and a way to draw your stuff.
I have a bit of anti cheat background myself, I had a crazy thought float into my head, something ive seen before. Your apex client user profile, might be during the dev cycle of the game a copy of the dev client, with access turned off. That access can be restored through various methods. And its simple humans being humans as to why this could happen. That to me explains his bot drops of people, and going into any live server he wants.
And that is what you are eluding to in your 2nd paragraph. He simply turned his account into an admin account.
Personally, I've found a way to hack BOOTMGR in Secure Boot mode to load an unsigned, modified Windows kernel into my system, which I can then alter at runtime to appear legitimate. That way, it's possible to load custom kernel drivers into it without exploiting previous ones beforehand.
If it wasn't because I'm testing this stuff in a VM, which things like EAC don't like, I could potentially be ingame doing weird shit right now. But I'm not gonna, because I don't care about these games. I only learned how to do this to get around these integrity checks for Windows modding purposes.
Very interesting read, thank you very much for that. One question: Is the problem that devs and publishers have naturally less control over independently rented servers running their games (like BF2, or CoD 4) also one of the reasons why publishers don't really use these kinds of servers for multiplayer games anymore?
@@Donnerbalken28Thanks - and regarding your question, I frankly do not know the exact reasons for that. I have to say I still know many games where you can host / rent independent servers and make them public. Just renting a server doesn't mean you have the ability to do anything regarding the actual games network infrastructure - the whole traffic, stats, achivements etc. still has to be processed by the actual game backend and server framework - given you are hosting publicly available servers. So renting servers shouldn't be seen as one more exploitable threat as everything still has to go through the actual games backend - that's where we should be concerned about stuff that has happened like here in Apex. I would even go as far as saying that if you know what you are doing, hosting own servers can be seen as a mod on top of the game which even brings more security to it. Other Games like DayZ, Rust etc. have shown that the owners implement their own protections on top of existing EAC / EOS / Battleye ones. Also, having a hosting provider providers another layer of security, think of Firewalls etc. :)
I'm not reading all that I got halfway. Look into Respawns previous games like Titan fall to learn more about servers being hacked. Seems like the problem was never fixed.
Please make more of these types of video like stream VODS they are amazing to listen to even if it’s just a cut down part of the stream
Such a good analysis and especially the message at the end. Thank you for emphasizing empathy. Cheers.
What a great crossover. Thanks for covering it, hope the situation gets resolved for the sake of the game.
Thanks for shining a light on this whole matter, the gaming community in general needs to open their eyes to the reality that is this whole cat and mouse between devs, cheaters, hackers and gamers
As a game dev who has worked on Core Tech teams, I loved this. Great work from all three or you!
been playing apex since the beginning and started watching your videos a couple of months back...
i really enjoy your content and loved your take on the situation...
keep giving your intakes and the gaming community will evolve, or at least we'll have certain notions unknown to us
thanks for the clarity
Very interesting guests to have on, thank you! As a first-time viewer, little feedback I could give as a viewer is to play more of the source videos to comment on, rather than one to two second sound bites..... context is everything. It would be interesting to have his reaction to a 15 to 30 second clip (the first clip where the cheat menu popped up, was so short that I had to go to a different channel to see the context, and the one where Hal downloaded something on his computer was so short that there no context at all). I can't speak for others, but I leave videos when I don't see enough context in order to go watch the full clips and often I dont come back to the original video due to either finding more complete longform content or getting distracted by youtubes algorithm.
Really liked the last part of the vid.
Respawn needs to talk to the community. The community should support them since it's the game they love. All the best to respawns security team!
Would love to see a update on this channel at some point. Great vid!
LOL I watch a lot of ThePrimeagen and a bit of Thor
and I watch a lot of apex competitive
This is the crossover I've never expected
I've never heard of ThePrimeagen, is he talking in the video?
@@Joeyfield0 He's the other dude talking to Thor at the beginning/rest of the video sporadically. The other guy who joins midway is some apex player judging by what he's saying about the game.
@@Pixelbendr okay thanks, his channel looks interesting i might check him out
@@Joeyfield0 as Pixelbendr said. To add context, he is a developer at netflix with a large community on youtube twitch and overall super funny and smart guy.
The other guy joining is TSM Mande, but he had a lot of success filling in for apex pros, and this season he was also competing in ALGS with his semi-seriouss team of streamers.
I've been watching your shorts for a while but only just now have been looking at your full length videos. With your experience I'd love to see you break down the issue with destiny 2 cheater issues. Like, genuinely thoughts not just a community member giving opinions.
Either way, love your stuff man.
In the server-side exploitation section, if Hal is playing on a compromised machine, they could redirect the matchmaking process of HIS game to connect to the hacker's server which would allow that zombie-bot behavior. Or it could simply be that they can join the same player's server, quickly filling it up with these bots of their own. Depends on the process to joining that server.
In any case, it's an interesting video. Thanks!
These are Apex Predator lobbies with real players, and he is dropping 40 bots on them that count as one squad. If you continued watching you would've heard those bits.
@@DoNotFearTheReapa Yeah, I paused and wrote that but I actually kept watching after my comment and what I said was discussed almost verbatim. Hah.
My understanding is that Valorant anti-cheat loads at boot vs many other games that load on game launch.
Makes it even more intrusive and scary if ever compromised.
yeah valorant anti cheat is basically a root kit. meaning if someone high enough at valorant wanted to do something bad or got hacked everyone with the game Installed is screwed.
From a purely investigative standpoint, I like the Occam’s razor stuff.
When you’re investigating stuff as an amateur it’s fun, and the want there is to go straight to the craziest theory possible because ultimately that makes it more fun.
You see it all the time with the true crime people.
I have never heard of you before, I've played games you've worked with. Can I just say I am so impressed with how you handle these situations. Your demeanor, and concise explanations are stellar. Thank you for a great video. I learned more than I expected and really appreciate your approach.
4th Most Toxic Scandal On the Planet - 3
FACTS. THE PROGRAMS WERE ALREADY ON HIS COMPUTER
Makes it easier for a hacker know? There malware is already on there
It's defined by IP/VPN to my belief
Not true
Can we just talk about that apex legends is literally a fork of half life 2's source engine.
Its insane how much they developed it
Yeah I played for years without even knowing that. Plays so different from Source.
Is it ureal engine with source physicks?
This is is also it's Achilles heels atm, some serious audio issues and more seems to be unable to be fixed.
So is both titanfall game the engine is crazy and been in c0nt. Dev for decades btw
I always thought they were using Frostbite...
I love his professionalism he diagnoses watches and pays attention
This super interesting. I recently just started school for cyber security. I'd love here more about Cybersecurity stuff from you
watch all of this guys videos and shorts, great content
save our world from the chineses cyber terrorists plz
He streams daily (except Thursdays) on Twitch and UA-cam and answers lots of questions while developing and/or playing games.
If you join his discord he has a massive collection of information and tools regarding this stuff.