Download Outplayed for FREE today! ✅
www.influencerlink.org/SHKJn
Unravelling League's DDOS Epidemic
Support the channel: / ryscu
follow my socials 💝
/ ryscu
/ ryscu
/ ryscu_
/ discord
Custom cat webcam by
/ 0skaz0
Chapters:
0:00 A new exploit
3:50 IP Sniffing
5:44 Swissknife
8:02 League's secret anti-cheat
9:39 The theory
12:28 Closing thoughts
Corrections:
docs.google.com/document/d/1h...
Download Outplayed for FREE today! ✅ www.influencerlink.org/SHKJn
The fact that Riot isn't taking this seriously is crazy, you have the most competitive well loved server in your game not being able to play the game. what do you think will happen? less tournament appearances, less streaming views, less bought skins etc. Riot needs to take a serious look at this before it's too late.
Though on hindsight, I would say Riot probably are working on it undercover and don't want to publicly announce it in the fear that the DDOSERs are going to go into hiding. We'll just have to see, though I wish they weren't doing radio silence as it can look off-putting.
Are we really surprised they're not paying attention to this? I'm always confused at these comments when riot has showed for years they don't give a fuck about there game as long as money is still coming in.
But thats the thing it will affect money flow. Like it or not the lck is a huge part of lwagues income. So I agree with bb they probably are keeping hush to avoid being found out. Even if it does make them look bad visually.
@@coldsun29 Kekw, sure they don't care lmao Really those kind of comments are always so ridiculous
The fact that you think that Riot isn't taking this seriously is the truly crazy thing, lol. How inane.
I honestly never expected this level of production value when I first started to watch your vids in summer of 2022. This video is really interesting and informative, thanks Ryscu! :D
Agreed. The editing, music, and graphics are top notch. An actual professional production here, great job Ryscu and editor(s)!
Ryscu is the GOAT
Its not just the production value he also seems to know about what hes talking about which is actually quite refreshing to see tbh, its not really required as long as the info provided is accurate to the research done, but it sure is a nice bonus 👍 (im talking about how he seems to know about computer science, and such).
It's 2024. You can lose the mask now
I could not agree more! I was about to write the same exact comment beside I joined this community 2023! I appreciate the work putted in for such a great and very informative video!
DOS Attack = Large amount of packets sent to client to crash. DDOS Attack = Large amount of packets sent from a lot of other places (like a botnet) to crash a client.
To add on, DOS is denial of service, whereas DDOS is distributed denial of service
😅this is actually a good thing , you have to care to fix something , Riot wiil have to care 😮 oh no riotards what you gonna do now?
@@leagueofrebellio1224 what is bro yapping about
@@leagueofrebellio1224?
DOS hasn't been used for a long time as your modem itself can block incoming useless empty packets from a single ip. Even now DDOS with only 10-20 computers most likely won't work.
I know Faker wouldn't do it, but imagine if Faker said unless they fix DDOS issue that he wouldn't attend MSI or Worlds, how fast would you think Riot would fix the issue?
I guess, he's contract jailed. But that would be a true GOAT move.
t1 are the most screwed by the ddos out of every pro, i wish they did that.
@@ImaskarDononope.he simply can't join another team until 2025,but the contract can't force him to play.he can choose whether he wants to attend or not
@@aaabbb-zc7sx contracts with sponsors can force a lot of things. "To force" is relative, of course.
@@ImaskarDono True, T1 and Faker specially has a lot of sponsors. T1 itself would encourage or in worse case, force Faker to play due to pressure from those sponsors. Unless those sponsors and T1 itself are in line of Faker's actions, he just can't do that because every one will suffer (financially).
12:45 As someone who works in IT-Security for companies. Most likly scenario is communication hell, left hand right hand problem. 3 Seperate entities are involved with this so i'm pretty sure "bureaucracy" is the main reason for the slow responses. Meetings with too many people are hell, esp. if the circumstances are cloudy.
The problem isnt the beaurocracies being involved. They choose to have poor communication.
@@iceicejay9569 No, it is hard to communicate in big meetings. Even meetings with as few as 6 or 7 other people are hell. Companies are harder to run than it seems, especially with dire circumstances.
@@HappyGick again false. Companies choose ti have issues because a dozen people believe they are important enough to be involved instead of using deligate and do
@iceicejay9569 while my statement might be wrong, it's also wrong to say their assessment on the plausible cause is incorrect as we aren't the ones on the ground. While we don't have the exact info, we're mostly assuming the possible causes with the current information that we have as of current
@@iceicejay9569 ...Isn't that just saying "bureaucracy" in a different way?
the sleuthing here is mad impressive ngl, to not only find threads from almost a decade ago and link up the sequence of events that have no clear connection to come to an understanding is mad cool af!
Tbh the Chinese doing ddos to t1 in retaliation for the worlds humiliation seems kinda legit
As much as I would love to just turn my brain off and go China bad, there is literally zero evidence lmao. Fun conspiracy idea tho.
Amazing job Ryscu! I've had the pleasure of watching your videos for a long time now, and seeing you continue to create amazing content makes me very happy!
I dig this style of content! Thanks for all your effort
A company who has their source code leaked, due to that they get spam DDOS, and they can't fix it.... but they want their players to download a Kernel Level Anti-cheat... Right.
So real. This game company is so pathetic and so is this game.
Not to erm actually, but just an FYI, the problem isn't the Kernel-Level Access (every anti-cheat does that), it's the fact Vanguard launches itself in the background every single time your PC launches and stays open even if you don't play a Vanguard-protected game. THAT'S what makes it pseudo spyware. Just reminding you before there's 5 more comments going "uhm did u kno every anticheat is kernl level u stopid"
@@ultimaabyssal2484 Yeah I know lol. I'm a computer engineer. I'm not referring to the Spyware issue, which yes, it IS an issue. But in this case I'm talking about the fact that Riot is using a proprietary cheat engine when company code was leaked and the full extent was never (at least that I know of) disclosed. The leak has caused problems (DDoS on competitions) that Riot hasn't fixed. That makes it installing a proprietary kernel level anti cheat quite a risk. EVEN MORE SO with the whole other issue you mentioned.
What? The entire point of Vanguard is to make sure something like this doesn’t happen. Riot KR is doing nothing right now cos once Vanguard Is enabled they will get rid of their anti cheat
I'm uninstalling
I gotta say i love ur new takes on being a somewhat documentary channel now instead of, idk, a normal league channel with clips of ur own games and mostly short vids about some news that happened in league. I love the new longer format videos
the video quality is amazing!!! great at explaining
I love the amount of effort and quality that go into these videos! Thanks for keeping us all in the loop on these things. And can't wait to see the next pog quality video
Bro, amazing quality of the video, so fun to watch and from a structure perspective the video is god. Hope to see more content like this
great vid, the quality of these vids keeps increasing compoundly from one to the other. can't wait to see what's in store :D
Such a good documentary. Loved it :) Keep up the great work and the high qualitly of these documentarys :)
I absolutely love the deep-dive style content. Thank you and well done.
I feel like I should be paying to watch a video like this
I mean... He has a patreon 😛
Society got u rl bad
I also feel like that when watching Lemino and ColdFusion.
Ewww
great video. thanks for covering this topic
the production and the quality of the narrative is amazing keep it up !!!
From the sounds of it a Riot Games Director clicked a suspicious link and that was enough to leak the source code for their anti cheat giving hackers the ability to see any user's IP and ddos them. And they want me to install an app that can fuck with anything on my computer at any time? yeah no.
It’s a private company.
different teams. Only few ppl have access to Vanguard, with those being IT-Security experts. Other than the source code of league to which only few users have access to.
Even worse. It was a social engineering attack. Someone acted like they were someone else within Riot to obtain a developer's credentials to do so. Riot clearly doesn't train their employees on cybersecurity or has meaningful controls in place to prevent social engineering attacks like MFA or geofencing. It's one of the reasons why I'm not going to continue playing League once Vanguard comes to live. After the cyberattack, Riot expects me to trust them with 24/7 ring 0 access. Incidentally that is the second. Vanguard is needlessly intrusive. It doesn't need to run at system boot with the highest possible privilege level. That's just asking for a privilege escalation attack to occur. Or something similar that happened to Genshin Impact that also had a 24/7 ring 0 anticheat. I actually wouldn't necessarily mind Vanguard if it didn't require 24/7 access. I understand the need for kernel level anticheat, I heavily disagree with the requirement to run it at system boot.
@@riven4121 It really doesn't matter if it runs at system boot and it also doesn't need to, level 0 is a rootkit afterall. EAC, VAC, Battleye, Ricochet and many more AC that use kernel are just as dangerous and damaging to your PC as Vanguard. Difference is that those AC are in the hands of westerners so unless they sell out to CSTO or China directly (which there is a likelyhood, but it's much smaller than the CCP abusing their power over Tencent) we have much less to worry about those AC. Needless to say if you work at any place, installing any 0 level will get you immediately fired because it already bricked your system and has access to the entire network.They're all equally intrusive and destructive even without being permanently active on your device. Giving any app access to level 0 rings makes your entire network a liability, at any point, even if you uninstall said program.
@@MisterAssasine lol they got the anti-cheat of korea. How long will it take them to get Vanguard eventually?
Bro this is awesome I love when you're taking your channel keep up the good work
this was an amazing video!!! the editing and info was very entertaining
Ryscu this video was amazing. i did not expect this level of research and digging from you, well done :) appreciate you!
Actual investigative journalism! Mad respect man! What a fantastic video, it was a blast to watch!
Incredibly well written and reasearched video! This deserves a lot of attention!!
Dom and thorin saying "gO To PC BaNg" 😂 like that will fix the problem
I would just play my game in my imagination instead of whining about ddos attacks if I was a pro player
@@Jerome_111 yeah thats the reason you are not a pro player xdd
@@Jerome_111ikr mental training. Fucking pros making lazy excuses.
@@Jerome_111 average IWtencent and orange dude fan
Hahaah this is funny 🤣
That is an insanely good video. Keep up doing those from time to time!
Ryscu, this is an incredible video! The organization and the editing is really high quality!
Man Ryscu, I have to say you've gone from a well researched news KZheadr with nice personality to a top notch content creator. I love your new style of videos, keep up the phenomenal work ❤
i fw the music and i fw the direction the channel is heading. keep up the good work!
This is really the best insight since I've been thinking abt this issue for weeks none stop... 🤔
Great video, very well edited and insightful!
These deep dives are amazing! Ryscu seriously putting the work in.
Just wanna say your videos have been getting crazy good with all the new production
During 2023 my account got hacked. I was extremely curious considering I only used that particular pc for league and nothing else. I sent in a ticket and was able to recover my account. The customer support informed me of various ways to keep my account safe and general security tips. I let them know that the only logical way my account could have been hacked was through a leak on their end. They told me no such thing had occurred. Funny, very funny.
Sometimes, passwords can be just guessed/iterated. And your email, that one's interesting. Maybe, lol-related websites?
If you used the same password and email on other websites a database with your data could have been sold on the darkweb.
They are using combo sets of mail and passwords to crack accounts you’re using the same mail and password somewhere else
@@spaceshipradio2810 nope
Had the same problem and resolution. What's more, I had my account 2FA'd but they still managed to hack it.
Good video, small thing I would like to point out is that vanguard is able to access any files on your computer, it is the max level of inteusive program and being able to see anything in the last 48 is a limitation implemented by the developers themselves, as vanguard is not open source there is no reason to believe this or more is not able to be done within any given system
when you want to build you own Fat Boy, but instead you stumble on some RIOT spaghetti
If only code was from Riot. Demacia was developed by an actual competent developing studio. If Demacia was developed by Riot I do not believe hackers would be able to decipher the nonsense coding.
Damn insane video ryscu good job
holy shit i love investigative Ryscu. I've never heard of all of this, damn
GREAT production value!!! loved this video!
RYSCU, I LOVE THESE LONG FORM VIDEOS. YOU MADE MY MORNING BABY
Excellent production value and great video!!!
this is a whole new level of documentary.. more of this i love it!
This is some quality investigative journalism! Amazing!
Wow video essays are one thing but this is legit great journalism and borderline pro investigative sleuthing… all while being entertaining, and not 2 hours long. Very nice 👍
This video is extremely high quality. Great stuff
Extremely well made video. Def really informative.
Insane video man!
Extremely high quality videos, sir. Well done 👏
Such a good video. Also with the fact that people are able to aggregate the usernames so quickly seems like it's also partially an inside job plus the hackers having access to the anti cheat.
awesome editing and quality!!!
Great video, very informative. Thank you!
Damn, your contents recently became so professional. Keep it up!!!
What an amazing video, OMG This is peak journalism. Very well done Ryscu!
This video was sooooo well made holy fuck, everything was perfect and its not even that long
Impressive research. Congratulations!
damn your editing has gotten really good, gives your content that little extra despite it already being very very good
+1 sub. Excellent work my man!
topic aside, the video production is pretty insane. i love this documentary and infographic style of editing
brilliant video mate. I felt like I was watching a documentary.
Absolute banger of a video
Anyone else find the timing interesting? The only team to roll china. T1. Where is MSI this year? China. China's only major competition, has been rekt from constant attacks. Probably looking too much into it but still.
nah its china
Thats the stupidest shit ive seen all day. The ddos started before lck playoffs. So you saying china dont care about any other lck teams? No Geng Hle just T1. And some people were playing on the China server with no problem
@@Rosawwwyeah thats what makes it suspicious, Chinese servers not having trouble is just plain sus. The timing of it all is just too convenient to be a coincidence. Im pretty sure riot and LPL has nothing to do with this, its probably some devious chinese party
@@Rosawww I am not saying they did it but China is very well known for using very dirty tactics to get what they want. Be it land or recognition.
Obviously it’s China. Why else would Riot do nothing bout it. Makes no sense. Chinese flipped after the last worlds and they’ve been exploiting and abusing the Korean system too long
Wow. this is by far your best video yet
Insanely well put together. Even tho there's no hard confirmation, there don't seem to be any other possibilities. Like seriously, anti cheats should stop requiring access to everything on your PC and check interference with the game instead. The hack just exposed how much data the company is collecting from its users and how easy it is for them to access whatever they want.
The productive of this video if really awesome Ryscu!
I have never seen Faker look so....defeated :(
And that my friends, is the reason you shouldn't install vanguard. Not because "omg tencent will steal my data", but because something like this or worse can happen if a hacker manages to get his hands on the code.
Maybe it will become a future randomware "Pay up or I'll install Vanguard!" Besides League is just a moba, it's not a rare game, there's countless of copies out there! it's not something worth risking.
Both concerns are valid, actually.
Perfect time to quit this shitty game
if that actually happens, vanguard will become Ransomware, For now it's Spyware but if hackers dig a hole on that shitty anti-cheat, it's Joever madafaka.
Nice investigation, this is an extremely compelling explanation. I think it's safe to say Demacia and the sourcecode leak is the cause. It's a perfect explanation and nothing else really fits quite right as far as traditional IP sleuthing methods. At this rate it's probably fastest for them to just pull the trigger and switch Korean servers to Vanguard instead of Demacia as the permanent fix. I can't imagine they ever get ahead again in the hacker vs developer race now that the entire anti-cheat has been reverse engineered, unless they switch to a new program altogether.
I like this style of content
The way you said “or otherwise I wouldn’t been able to b*tch about this” that made my day. Thank you lol
i cant wait for people to find exploits in Vanguard and use it to their advantage lol
You are a legend Ryscu.
Amazing video, thank you
The quality is insane :D
Great piece of journalism, really informative. This a disaster for the competitive integrity.
People who DDOS should be removed from ever being able to use a computer that can connect to servers.
i mean, its illegal so it's time to track them down
Doing DDOS attacks is one of the easiest things to do with a computer lmao. Which makes it kinda puzzling to think that they don't have better protections for it in the LCK. Or in league servers in general.
And who are you to get to say people who do "x" should be "y"?
It's a federal offense if they press charges, so they do lose their access to a computer in prison. Most of the time they are just never caught.
@@Nateyoddos from one pc yes. This is the lowest efford of ddos and most Commonly people use botnets of infected clients
Didn't expect the video to be this informative, haha
I'm so happy that finally we have a video talking about riot's source code leak last year. I am suspicious of the very first purpose of riot's ip-gathering. Do they really need to do that?
esport matches are the only thing they're fixing. 💸
I see what you did there 😂
My man dropped a banger
*opens the corrections docx* *notices* *chuckles*
Great content!
To me the fact that Riot isnt talking about fixing the issue is a GOOD sign. In case like this you don't want the opponnent to know where you are currently at by fixing the issue and maybe it have more to do about legal act they want to do on the attackers so obviously it will take some more time before we will ear about the mesure they will take about the problem. It's not because they are silent about it that they are doing nothing, assuming that would be a wrong way to get to the conclusion
Im so happy Vanguard is coming. No way Riot can screw things up right? .... ....right?
💯
They fucked it up 🤣
Great video
Thanks for the content.
yeah, i've seen enough, the update that brings vanguard is gonna be it for me lmao
also good video
Likelyhood that if you installed PBE before, you already had Vanguard on your PC. There is also a chance that Riot has implemented such a rootkit in any earlier patch throughout the last 14 years and since Tencent is not to trust very much, I'd argue it's safe to say that anyone that has had League on their PC installed, might have a bricked network regardless.
@@user-pe6ct7ut8t I agree with the sentiment here, I have a certain risk tolerance, Vanguard goes beyond that. Also I do not have Vanguard, I did not install PBE or Valorant.
@@user-pe6ct7ut8tyou will definitely notice an attempt to install a kernel driver. There would be unusual confirmation windows.
Pretty good video, well done :)
Insane video loved it
love your content
Nice research
Very impressive journalism Ryscu, makes us aussies proud!
I'd like to keep reiterating I could easily listen to 30-45 minute YT content from you (if your content ever shifts gears towards something like that). Thank you so much for keeping me up to date, King. I don't play anymore, but it's good to keep up with the competitive scene. P.s. love the outdoor studio.
i hope all this Hacking continues until Riot starts to take things seriously or they break
Great video ! Plus one comment for the algorithm gods !
My rough asumption said the DDOS came from one or some of the "€h1n3$3" team that really don't want to see T1/Faker taking appearances on the big turney so they may think they have bigger chance of winning without T1/Faker being in the competition, since our small indie developer owned by big daddy 10€ they just told rito to "hush... we want team from our motherland to win" or just basically sleeping on it up until any negative uproar happens.
Crazy vid
11:20 The korean word for nuclear is the same as hack Both written as 핵 E.g. nuclear fusion is 핵융합 and game hack is 게임핵