00:00hello guys and girls me mudahar today we
00:02got a little bit of a final update I
00:04would say on the Apex Legends hacking
00:06situation now this is probably the last
00:07time going to really talk about this
00:09unless something massive comes out a big
00:10bombshell but to give you an idea a
00:12couple days ago the algs happened which
00:15is the Apex Legends Global series and in
00:17the middle of the series two actual
00:19players ended up getting hacks basically
00:21gifted to them in the middle of the play
00:23and understand anytime a Esports player
00:27has a aimbot a wall hack show up that's
00:29the death of their career now thankfully
00:31their career didn't end because the
00:33hacker known as Destroyer 2009 actually
00:36ended up coming into the lobby and
00:38basically signing their hack alongside
00:40this and they basically told everyone
00:42Hey listen we're going to give you hacks
00:44and they signed themselves along so
00:46people knew that it wasn't these two
00:48players actually hacking they were
00:49hacked in the middle of a global series
00:52now usually I think Global series happen
00:54you know kind of in a private server
00:56setting maybe a private build uh maybe
00:58in person but to do it over the Internet
01:01with the uh I guess security that EA had
01:04uh is a bit questionable but hey you
01:06know the whole thing happened and now
01:08people are kind of a in a little bit of
01:10a pandemonium about it is Apex Legends
01:12safe to play is my computer safe now in
01:16this situation there's been a lot of
01:17misinformation that's been floating
01:18around one of the uh pieces of
01:21information I saw when I watched
01:23Charlie's video actually earlier was one
01:26person actually tweeting out because of
01:29the knowledge I have in programming
01:31Destroyer 2009 is using the server's own
01:34tools to make it make its magic happen
01:36he's using web hooks which is a feature
01:38that makes it possible to send data in
01:40real time between two different systems
01:42or applications so of course like the
01:44internet I guess people jumped in and
01:46believed this even though maybe the
01:48definition of web hooks works out but
01:50that wouldn't apply in a situation like
01:52this there are two people that I want to
01:54shout out in this situation that have
01:56done an absolutely good job at
01:57demystifying the misinformation on this
02:00situation as well these two include
02:02pirate software who is recently blown up
02:05he is somebody with an amazing amazing
02:07resume okay he's worked for Blizzard
02:08Entertainment Amazon and of course the
02:11US Department of energy so this guy
02:13knows what he's talking about and he was
02:15able to demystify and actually interview
02:18the two affected players in this
02:20situation so in his interview they
02:22actually went over a few steps uh and
02:24one of the things that kind of uh came
02:27up in one of the clips that I'd seen was
02:29the topic of reinstalling Windows and
02:32whatnot Jen B Jen Bon just stated in my
02:35chat that he did a full reinstall
02:36windows before the tournament
02:38started we'll reinell windows before the
02:41tournament started yeah and if malware
02:44could persist through it so I want to
02:45take a side note and just tell people
02:47that persistence is an art okay one way
02:49that I'll tell you is I've seen malware
02:51persist through one drive now I want to
02:54just uh bring up for the record that
02:55operating system reinstalls like even if
02:57you reinstall Windows it's not as if
02:59like you know it's a catch-all bullet
03:01there are you know obviously attacks
03:03like moonbounce for instance malwares
03:05which you know can go through the
03:07computer's UEFI firmware and kasperski
03:09has a great write up where they talk
03:11about this situation so if you want to
03:12read up on how operating system
03:14reinstalls or not to catch all bullet
03:16this is just one other Vector I wanted
03:18to bring this up because when I heard
03:19this part in the interview when there
03:21were Windows reinstallations uh this
03:23peaked my interest and obviously the
03:25discussion of persistence I also wanted
03:27to you know bring up how uh certain
03:30artistic ways can be handled in making
03:32sure people stay hacked that said kind
03:34of rambling on here let's go forward
03:37into the Apex situation but the other
03:39researcher that I want to bring up into
03:41this was John Hammond who made a video
03:42talking about this as well and again
03:45these are both cyber security
03:46researchers that have credits in the
03:48game they know what they're talking
03:49about now of course when you go into
03:51these situations I wanted to delve a
03:53little bit deeper and see where the
03:55issue actually lies now one of the
03:57things I touched upon in the previous
04:00you never really know okay at the end of
04:02the day it could be a problem with the
04:03Apex Legends game it could be a problem
04:05with the anti-che it could even be a
04:06problem with something that these two
04:08may have downloaded onto their system
04:10there are just so many vectors and
04:12without actually having access to their
04:14systems a memory dump or something of
04:16that nature without actually having real
04:18evidence to Peak into all anybody can do
04:21regardless of their credentials or their
04:23history or their understanding of this
04:25topic it can all just lead to Pure
04:28speculation so there have been some
04:30announcements since then and one of the
04:32announcements was actually hilarious a
04:34tech crunch that actually got in touch
04:36with Destroyer 2009 said that they did
04:39it just for fun and the goal was to
04:42force the Apex Legends developers to fix
04:45the vulnerability he exploited so when
04:48they actually wanted to talk about how
04:50this had happened Destroyer 2009 will
04:53not discuss his vulnerability or even
04:55report it to Apex Legends because there
04:58is no bug B program that financially
05:01rewards hackers and researchers for
05:03reporting any security flaw which is
05:05something I didn't even know existed
05:07until today so for those of you don't
05:09know what a bug Bounty is for instance
05:11Riot will provide up to
05:15$100,000 for any reports regarding the
05:18Vanguard kernel driver right So for
05:20anybody that doesn't know uh valerent
05:22uses the Vanguard antiche which runs on
05:25your system like it's a kernel level
05:27driver and if there's any issues and you
05:29find them you're incentivized to report
05:31it to Riot so they'll pay you you know
05:34for for basically keeping their software
05:36safe right I didn't even know that EA
05:39was cheap enough to not offer a bug
05:40Bounty program for one of their biggest
05:42online games out there but I guess
05:44that's why we're sitting here so
05:46obviously there have been some
05:47announcements for instance Apex Legends
05:49comes in the actual account finally says
05:52on Sunday a few professional Apex
05:54Legends players accounts were hacked
05:56during an algs event games in player
06:00security are our highest priority which
06:02is why we paused the competition to
06:04address the issue immediately our teams
06:06have deployed the first of a layered
06:08series of updates to protect the Apex
06:11Legends player community and create a
06:14secure experience for everyone so here
06:17they've actually like said that hey
06:18there have been a layered series of
06:20updates so when I read this I thought to
06:22myself okay it's probably something
06:24directly with Apex Legends right so when
06:27you go to Epic Games even epic sits over
06:29here and says we've investigated all the
06:32reports of a potential rce now one of
06:34the mistakes I made in my previous video
06:36was I said remote code exploitation
06:38instead of remote code execution uh
06:40remote code exploitation is wrong me and
06:42excuse have one thing in common we
06:44barely get sleep but yes it is remote
06:47code execution so one mistake I had but
06:50anyways EOS says Apex Legends we have
06:53been we have confirmed to be unrelated
06:55to easy antiche there we are confident
06:57there is no vulnerability with an EAC
07:00being exploited so I feel like with that
07:03said I can kind of really believe what
07:06you know easy anti-che is saying just
07:08because in my opinion and it again when
07:11looking into a situation like this all
07:13all you really can do is
07:15speculate if easy antiche is actually
07:18compromised I could imagine this kind of
07:21attack would be occurring in other games
07:24powered by easy antiche right like you
07:26would start to see it in other games
07:28that also use this similar driver uh the
07:30other reality of it is if this was an
07:33easy anti-che situation I highly doubt a
07:36person like Destroyer 2009 or anybody
07:39would be willing to expose such an
07:42amazing Golden Goose level of an exploit
07:46all just to just to make like two days
07:48of Internet content okay two days of an
07:50Internet news cycle that's that that
07:53these are two things that I keep running
07:55into my head ever since I talked about
07:56the situation if you had something this
07:59exploitable because remember easy
08:00antiche is not just Apex Legends it's
08:03multiple other games out there it's
08:05fortnite it's tons of other multiplayer
08:08Shooters with tons of millions of
08:10players having access right to their
08:12systems I don't think that they would
08:14just announce this publicly without
08:16actually exploiting it right if this was
08:18an easy anti-che situation and I thank
08:21God hopefully it's not an easy anti-che
08:23situation and it doesn't look like it
08:25either because if it was an easy
08:26anti-che situation a lot of computers
08:29would at risk and again that's one of
08:32the reasons why I said at the time if
08:35this game has an issue Apex probably is
08:37best to not run it for a couple days now
08:40of course Connor Ford hideouts came out
08:42who if you don't know who he is he is
08:44apex's security worker so he says we are
08:47working the team on this are some of the
08:49most talented I've ever had the pleasure
08:50of working with all I can say is the
08:53Karen love shown from parties involved
08:54make me thankful for the co-workers and
08:56developers on this game so I've seen a
09:00few people kind of rag on these
09:01individuals saying what are you guys
09:03actually doing if you got a hack running
09:05I think it's actually disgusting to rip
09:07on the actual programmers and the
09:08Developers for the video game and the
09:10anticheat okay first off development of
09:14any software especially a video game is
09:16incredibly convoluted right it's
09:18complicated sometimes what you make can
09:21break another thing okay there are a lot
09:23of exploits just waiting to happen right
09:25it could anything can happen when [Â __Â ]
09:27hits the fan it's easy to blame the
09:29programmers and ask them to be fired and
09:32somebody else brought in but in reality
09:34when [Â __Â ] hits the fan it could have
09:36been anything it could I wouldn't even
09:38put it to the fault of any individual
09:40person all you really can do in a
09:41situation like this is kind of support
09:44the actual development team and hope
09:46that they can isolate figure out the
09:48problem and hopefully patch it in due
09:50time remember it's not as simple as you
09:53know going to the office clicking a few
09:54buttons finding out where the exploit is
09:57clicking another few buttons and
09:58patching now again like I said earlier I
10:00wish we had more information in regards
10:02to the two people who had actual like
10:04malware show up on their system just
10:06because I would like to see what they
10:08were doing on their computer before the
10:10game had they clicked on any fishing
10:12link had they launched any piece of
10:13software were they individually
10:15compromised and it wasn't just the game
10:18it's also hard for me to trust the
10:19hacker as well too there's a lot of
10:21moving Parts in the situation but I
10:23think really what kind of clears up for
10:25me is at the end of the day there has
10:27been a response and it seems primarily
10:29towards the side of the Apex Legends
10:32game now again to uh constantly
10:36just now obviously to go back to that
10:39pirate software interview with the
10:40actual affected I would say that given
10:43what he had seen there is at least in my
10:46opinion a reasonable expectation that
10:48maybe there was some actual remote
10:50access some direct compromisation maybe
10:53of these two individuals um I first off
10:57to to to to basically say something
10:58anybody that like you know does these
11:00kind of high-profile hacks there isn't
11:03necessarily even a contingent
11:05requirement that there is like uh
11:07rationale um one thing that hits me is
11:10if EAC was actually attacked or like the
11:13actual antiche was compromised the
11:15amount of computers and the amount of
11:17systems that would be at risk would be
11:18pretty astronomical if there was a
11:20vulnerability in the actual antiche
11:22because tons of other games use Easy
11:24antiche that was where I think a big
11:27level of fear came out the the
11:29fearmongering was actually centered
11:31around there and had this existed I
11:33don't think a high-profile hacker or any
11:35hacker would have given up the sauce
11:38that easily and had caused you know what
11:41would be an amazing zero day would be an
11:43amazing entry point into millions of
11:45computers up just as easily as that you
11:48know basically give up their cards in a
11:50uh algs finale like this uh if it was
11:54however related to just the game itself
11:57I still don't think giving up you know
11:59the cards would be that logical it could
12:01just be that Destroyer 2009 in some
12:04white hat way just wanted to make a big
12:05hoopla and cause Apex Legends to
12:08reassess their security for their
12:10specific game uh however if this is just
12:13you know the case of two individuals
12:14being compromised then the act of
12:17playing Apex Legends is far safer than
12:20what we thought you know 48 72 hours ago
12:23I will say however when it comes to
12:25situations like this the amount of
12:27awareness that is raised by people or
12:29the amount of like you know uh eyeballs
12:31that are opened in regards to computer
12:33safety is actually quite welcoming to
12:36see I think for people who uh you know
12:38are questioning is it safe to place
12:40something should probably question any
12:41software that connects to the internet
12:43and has you interacting with other end
12:45users you know this could have been
12:47something that may have happened in
12:49something like Rainbow Six Siege it
12:51could have happened with other
12:52anti-cheats that are at that root kernel
12:55level uh if that is the actual situation
12:59but at the end of the day for people who
13:01want to be completely safe from these
13:02situations I've always talked about
13:03sandboxing your games or virtualizing
13:06your you know Windows installations so
13:08you can add that extra layer of security
13:10but it's one of the reasons why at least
13:13I and again this goes for people who can
13:15afford it if you can buy a separate
13:17computer doesn't have to be a crazy good
13:18gaming computer most of these Esports
13:21tier games don't really have crazy
13:23system requirements buy a separate
13:24Windows uh PC just so you can have that
13:27separation of you you know uh software
13:30so you can have your core system where
13:32you do all of your you know important
13:34stuff like banking personal information
13:37uh you know things like youtubing even
13:39or streaming you know you have your own
13:40dedicated computer for that separate
13:42from like a video game that opens up uh
13:45a potential attack Vector right that is
13:48probably the best advice to give and if
13:50you are truly paranoid then yeah waiting
13:53you know a week or two or until a
13:54significant patch is released to play
13:56this video game it can be a thing one of
13:58the other ways I always tend to play
14:00games like this is usually on
14:02Playstation or Xbox I find that
14:04typically on a console the ability to
14:06get hacked is not something that is
14:08going to be happening and if it does
14:11then boy I look forward to running
14:12unsigned code on a console anyway so let
14:15me figure out how to do that right there
14:17and then that said this is pretty much
14:19the end of the Apex Legends Saga it's
14:21crazy how one little cyber security slip
14:24up has made I would say uh hundreds of
14:26thousands of people the whole Community
14:29uh and kind of understand and learn a
14:32few things I would say you know and all
14:35in all I I just hope this is never an
14:37issue that goes into the easy anti-che
14:40situation where potentially millions are
14:41affected I really do hope that this gets
14:44resolved as quick as I can and I do wish
14:46the best for the programmers and
14:47security officers at Apex Legends EA
14:50respawn entertainment to basically have
14:54this resolved and the rest of the player
14:56base as safe as they can that being said
14:58this is me mudahar and uh I'm out
