Launched last December, Marvel Rivals remains very popular: it exceeds 230,000 Steam players connected simultaneously, and that's without counting the console versions. Such success could attract hackers, and unfortunately the game is not flawless in terms of security.
Huge success, huge vulnerability
Shalzuth, security researcher and YouTuber, has found a flaw that, if exploited, would allow a hacker to inject malicious code into their victim's PC, steal confidential data or even install dangerous software without the user realizing it. In other words, the hacker is able to take full control of the remote PC (and even a PS5, according to the researcher).
It was while playing that Shalzuth noticed something that intrigued him: the game store refreshes without updating the client. By analyzing the patch system, he discovered that the game allows the execution of external code, opening the door to RCE (Remote Code Execution) attacks that allow arbitrary code to be launched remotely on a target device.
The vulnerability is that this update system executes code on the computer without checking if the server is legitimate. A hacker on the same Wi-Fi network can exploit this weakness to inject malicious code and take control of the computer. And it's made worse by the fact that the game runs with administrator privileges, which gives it access to the insides of the computer.
In his video, the researcher demonstrates the feasibility of the flaw: his desktop PC actually takes over his laptop. For this to work, the hacker still needs to be covered by the same Wi-Fi network as his victim; which is not impossible, if the latter uses a public network (cafes, universities, or even at the office during breaks).
Shalzuth, who is keeping the details of the vulnerability secret so as not to tempt anyone, regrets that it is very complicated to notify NetEase, the developer of the game. There is no confirmation that the flaw will be corrected quickly. More generally, this is a serious problem in the video game sector, where developers rarely set up bug hunting programs or systems to prevent in the event of the discovery of a security flaw.
0 Comments