Rainbow Six Siege Breach Grants Players Billions in Credits
Ubisoft’s Rainbow Six Siege recently faced a significant security breach. This breach enabled hackers to manipulate internal systems, resulting in numerous unauthorized actions. Players reported that the hackers could ban and unban accounts, alter in-game moderation feeds, and distribute vast amounts of in-game currency, known as R6 Credits, across numerous accounts. Allegedly, these hackers granted players approximately 2 billion R6 Credits and various cosmetic items.
Details of the Breach
Following the incident, players shared screenshots showcasing the chaos in the game. The actions taken by the attackers included:
- Ban and unban players at will.
- Display fraudulent ban messages on the in-game ticker.
- Grant all players access to 2 billion R6 Credits.
- Unlock all cosmetic items, including exclusive developer-only skins.
R6 Credits are a premium currency sold in Ubisoft’s store, where 15,000 Credits can cost $99.99. This incident could represent a loss of around $13.33 million in in-game value issued freely to players.
Response from Ubisoft
At 9:10 AM on a Saturday, the official Rainbow Six Siege account acknowledged the disruption. Ubisoft stated it was aware of the issue and was working diligently to address it. Consequently, the company decided to shut down Rainbow Six Siege and its in-game Marketplace while they resolved the problems.
In a subsequent announcement, Ubisoft assured players they would not face penalties for using the illicitly granted credits. However, the company confirmed that it would roll back all transactions made since 11:00 AM UTC on that same day. Ubisoft reported that the ban ticker messages were not generated by their system and had been disabled prior to the attack.
Continued Investigation and Rumors
Although Ubisoft continues to strive for a full recovery, the game servers remain offline. As of now, the company has not made any formal comments regarding the breach or its causes.
Meanwhile, rumors suggest a more extensive security issue within Ubisoft’s network. Security research group VX-Underground reported that hackers might have exploited a known vulnerability in MongoDB, called “MongoBleed.” This vulnerability allows attackers to gain unauthorized access to sensitive data stored in MongoDB instances.
Allegations from Multiple Groups
VX-Underground claims that various groups may have targeted Ubisoft:
- One group manipulated bans and inventory without accessing user data.
- Another allegedly accessed Ubisoft’s internal Git repositories, stealing source code dating back to the 1990s.
- A third group claims to have stolen user data and is attempting to extort Ubisoft for ransom.
- A fourth group disputes these claims, suggesting earlier access to Ubisoft’s source code.
Currently, BleepingComputer has not verified any of these allegations. Ubisoft’s current situation remains focused on the abuse within Rainbow Six Siege, while the extent of any broader breaches remains uncertain. Further updates will follow as new information becomes available.
