On March 17th, Apex Legends pros Noyan “Genburten” Ozkose and Phillip “ImperialHal” Dosen were hacked during a North American finals game at the Apex Legends Global Series.
Genburten was given wall-hacks, allowing him to see enemy players through the game’s terrain. He informed his teammates upon realizing what was happening and left the game to avoid any penalties from cheating. ImperialHal got an aimbot hack, giving him pixel-perfect accuracy when shooting. Unlike Genbruten, ImperialHal continued playing but without firing at other teams. Due to this incident, the tournament was postponed indefinitely.
“Game and player security are our highest priorities, which is why we paused the competition to address the issue immediately,” Respawn said in a statement on X (formerly Twitter). “Our teams have developed the first layered series of updates to protect the Apex Legends player community and create a secure experience for everyone.”
While being hacked, the in-game chat displayed the words “Apex hacking global series by Destroyer2009 and R4ndom”. In an interview with TechCrunch, Destroyer2009 took credit for the hacks, saying he did it “just for fun” with the intention of forcing Respawn, the developers of Apex Legends, to fix the vulnerability he exploited.
“I really don’t want to go into the details until everything is fully patched and everything goes back to normal,” he said, “it has nothing to do with the server and I’ve never touched anything outside of the Apex process.”
This incident is sparking concern in the Apex community over the security of the game. Some worry that these new hacks could provide access to the user’s computer. Destroyer addressed these issues in the interview with TechCrunch, saying that the hacks “never went outside of the game”. Destroyer said he did not report the vulnerability to Respawn because neither they nor Electronic Arts offer a way for hackers and researchers to be rewarded for reporting security flaws in Apex.
“They know how to patch it without anyone reporting it to them,” he said.
Destroyer acknowledged that he went viral for the hacking, but warns that others’ motives for a similar hack may not be so innocent.
“I went viral, but not many people would have used an exploit like that in an absolutely innocent way for players,” he said to TechCrunch. “Just imagine if it wasn’t a joke and we didn’t put any memes in the cheat, I’m pretty sure you can ruin someone’s career if they had a pop up on a tournament.”
The Anti-Cheat Police Department (ACPD), a group that gathers cheat and hack information in online games, advise that Apex players should take immediate measures to protect themselves. This would include changing passwords across all websites, securing email addresses, enabling multi-factor authentication and performing a clean install of their operating software as soon as possible. They also claim that a remote code execution (RCE) exploit was used to install the software into machines. However, the Easy-Anti Cheat Twitter account contradicted this statement.
“We have investigated recent reports of a potential RCE issue within Easy Anti-Cheat. At this time – we are confident that there is no RCE vulnerability within EAC being exploited.”
As of March 20th, the tournament is still postponed, giving Respawn time to fix the hacking issue present in Apex Legends.
