: Following the refusal, portions of the stolen code were posted on underground forums and eventually made their way to public-facing sites like GitHub (before being taken down via DMCA requests). Technical Significance
In January 2023, Riot Games confirmed that its development environment was compromised via a social engineering attack. While hackers originally aimed to steal the source code for (the current anti-cheat for ), they were unsuccessful. Malwarebytes The following assets were stolen during the breach: League of Legends (LoL) source code. Teamfight Tactics (TFT) source code. , a legacy anti-cheat platform previously used for League of Legends Key Details of the Incident No Valorant Code Stolen : Riot explicitly stated that Valorant Internal Source Code
In 2022, a significant leak of Valorant's internal source code made headlines in the gaming community. The leak, which was attributed to a security breach at Riot Games, exposed a substantial portion of the game's source code. The incident raised concerns about the game's security, competitive integrity, and the potential for cheating and exploitation. : Following the refusal, portions of the stolen
Riot’s DevOps pipelines are protected by biometrics, hardware tokens, and air-gapped build servers. However, a developer with high-level access is still human. Targeted spear-phishing campaigns (e.g., “Urgent: Zoom link for Vanguard patch review”) have succeeded against AAA studios before. Malwarebytes The following assets were stolen during the
Trojans or "stealers" designed to compromise the user’s own Riot account [16, 17].