Today electronic arts confirmed that hackers stole massive amounts of data from the video game publisher. A poster from the Dark Web Forum claimed to have obtained 780 gigabytes of data during the attack, including the source code of FIFA 21 and EA’s Frostbite game engine, used by FIFA, Madden, Battlefield, Star Wars: Squadrons and Anthem.
“We are investigating a recent intrusion incident into our network where a limited amount of game source code and related tools have been stolen,” an EA representative said in a statement. The representative added that “no player data has been accessed and we have no reason to believe that there is a risk to player privacy.” VICE first reported the attack. EA confirmed to WIRED that there is no ransomware.
The EA hack is the latest in a series of high profile video game source code leaks. Last year, Valve, Capcom, Nintendo and Ubisoft have reportedly suffered similar data breaches. And earlier this year, a ransomware attack hit Cyberpunk 2077 Creator Red Project CD. (The developer mentionned Thursday that he has reason to believe the data has made its way onto the internet.) The source code is an attractive target for hackers because it describes exactly how the sausage is made – why push this the button deactivates this trap, or exactly or on an opponent’s head, your ball should land for optimal damage. When it falls into the wrong hands, source code has the potential to threaten the integrity of online video games, their servers, and even the safety of players.
“Hackers are definitely targeting more high-profile games and businesses in recent years than they’ve ever done before,” says OverkillLabs, who ran the CrackWatch subreddit focused on game piracy, “either for reputation, either to prove to large companies that their security has flaws, or simply to make money from them.
While ransomware has been the dominant theme in recent high-profile hacks, video game source code is a very expensive commodity in and of itself, especially for cheaters. Popular cheats are often designed by injecting pieces of the original game’s source code into other software. One of the reasons that video game companies pursue fraudsters is that they use aspects of the game code in their illegal products. (These costumes often quote copyright infringement, or more specifically, using copyrighted code without official permission.)
“When they have access to the source code, they can easily see what makes the game work and how they might adapt their tips to the game,” says OverkillLabs. “If the game had anti-cheat, for example, they could easily find a way to use it.”
A member of the game leak scene we’ll call Ridley says shooters like EA’s Battlefield are popular targets for cheaters, and hence source code hackers. In these games, he says, “the hacks are much more meaningful,” allowing superpowers like auto aim and the ability to see through walls.
Another use of this source code is for modding. Designing tools and fan-created content is easier when fans don’t have to reverse engineer games code.
Not all leaked source code is being used for evil. Video game historians and curators alike covet these schematics for the inner workings of games. The increased control of gaming companies over their products, whether it’s digital-only downloads or forced internet connectivity, is sketching out gamers who view games as cultural products. And a lot of game companies don’t have a great track record for keeping their own games alive. “How many times have we seen a game go permanently offline because the developer or publisher has gone bankrupt, or simply deemed it unprofitable? Said Jaycie, a player who collects the source code.