Apex Legends streamers surprised to find aimbot and other hacks added to their PCs in the middle of major competition via anti-cheat software - eviltoast

Wow it finally happened. So glad I switched to steam running on linux mint last week. I refused to install helldivers because it wanted to install some no holds barred god level permissions anti-cheat software. Windows 11 was the last straw for me. Good times…

The volunteers at the Anti-Cheat Police Department have since issued a PSA announcing, “There is currently an RCE exploit being abused in [Apex Legends]” and that it could be delivered via from the game itself, or its anti-cheat protection. “I would advise against playing any games protected by EAC or any EA titles”, they went on to say.

As for players of the tournament, they strongly recommended taking protective measures. “It is advisable that you change your Discord passwords and ensure that your emails are secure. also enable MFA for all your accounts if you have not done it yet”, they said, “perform a clean OS reinstall as soon as possible. Do not take any chances with your personal information, your PC may have been exposed to a rootkit or other malicious software that could cause further damage.”

  • tal@lemmy.today
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    1
    ·
    8 months ago

    So glad I switched to steam running on linux mint last week.

    Doesn’t EAC work on Linux?

    googles

    It sounds like it has for two years:

    https://www.forbes.com/sites/jasonevangelho/2022/03/01/apex-legends-now-works-on-linux-with-official-eac-support/

    ‘Apex Legends’ Now WORKS On Linux With Official EAC Support

    I mean, I use Linux myself. But I don’t know if Linux is a fix for “game I use may have vulnerabilities”.

    In theory, maybe Linux/Steam could isolate individual games (might be further along with Wayland than Windows is), but that’s not how things work today. If you install software from Steam, it’s got access to act as you, and if it has vulnerabilities that permit for remote compromise, then you’d be vulnerable as well.

    • loutr@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      26
      ·
      8 months ago

      Under linux EAC runs as your normal user, so it can’t install system-wide malware but it can read/write your personal data. If you create a dedicated user for gaming you should be safe from this kind of stuff.

      • merthyr1831@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        8 months ago

        What about on Windows? I assumed it would work similarly on there too, even if Windows has a different privilege escalation system to Linux.

        • xthexder@l.sw0.com
          link
          fedilink
          English
          arrow-up
          9
          ·
          8 months ago

          On Windows, EAC runs at the kernel level and basically has full access to everything about your system. It only works on linux because newer linux kernels support emulating system calls in user-space (this might not be 100% accurate, but it’s the general idea).