Ubisoft sues Rainbow Six Siege DDoS Operators

Online gaming has long been a target for hackers, whether to cheat or to deny other gamers the service they have in many cases paid for. In denying other players the online service hackers will often employ distributed denial of service (DDoS) attacks. Not only do such attacks prevent other players from playing or using attached services or web stores, but they impact negatively on the company’s earnings. Hackers have already figured out that they could hire out their services to other malicious gamers and reap a profit. In a process that started in September 2018, Ubisoft has adopted a new tactic to try and prevent future attacks from happening. This tactic involves the courts to sue operators advertising their DDoS skills to whoever is willing to pay.

Ubisoft’s attorneys filed a legal complaint making good on threats made in the fourth quarter of last year. At the time the gaming company discovered a sharp increase in DDoS attacks targeting its Rainbow Six Siege game. It was clear that hackers had discovered a loophole to ensure underserved wins following an update released at the time which reset the global rankings. It was discovered that if a DDoS attack was launched on an active game which prevented other players from continuing and forcing them to disconnect from the game giving the player not affected by the attack the victory. The cheater could effectively soar up the new rankings if not caught.

ubisoft sues rainbow six ddos operators

The first step was the sending out of cease and desist letters. In an article published by Ubisoft, the company detailed what action had been taken, including the sending of cease and desist letters to those operating DDoS-for-hire operations. The company also deployed several countermeasures to help prevent such attacks from happening as well as banning any player caught attempting to carry out such an attack and upgrading their servers. When the announcement was made Ubisoft received a fair amount of criticism as to whether going the legal route will be effective. The main criticism centered around whether those who actively profit from illegal operations, such as DDoS-for-hire, respect legal proceedings enough to heed the warning carried out in a cease and desist letter.

It seemed like the measures taken by the company began to bear fruit. In an article published a few weeks after the countermeasures implemented and legal letters sent it was announced that the French company saw a decrease in 93% of attempted DDoS attacks. Further, the company announced that the cease and desist letters were not intended as a mere threat but rather the beginnings of legal action for those still attempting to negatively impact other players’ experience and ultimately the company’s bottom line. Despite criticisms in the media of the plan to follow the legal route, it appeared to have helped contribute to such a steep decline in attacks.

Around the same time that the announcements were made, one player and hacker named JVL stated in an interview with the BBC that his business of creating cheats netted approximately 1,500 GBP, roughly 1,900 USD, a week. Labeled by Ubisoft as a cheat maker, the hacker was the target of yet another lawsuit by the company. It was reported that legal papers were filed against JVL, who allegedly used his Mothers web design business for collecting and processing payments for cheats created by JVL. Often the cheats were designed to drastically improve weapon damage and in general make the game far easier than it should be. Such legal measures seem like they may help protect the player ecosystem from abuse by less than scrupulous players and hackers. However, the hiring of attorneys and going to court is a major expense for any company and the cost may be felt by gamers further down the line when the company may need to improve their bottom line.

Threats Made Good

The latest legal papers filed specifically target DDoS operators and not cheat makers as in the JVL case. According to court documents, Ubisoft sued five individuals who the company believed were running a network of four DDoS-for-hire services. The plaintiffs named in the lawsuit are Dennis Kruk (based in Germany), Maximilian Kuehl (based in Germany), Kelvin Uttih (based in Nigeria), an individual identified as B.R. (based in the Netherlands), and an individual identified only by their email address which is apple.id12343@gmail.com with no location been provided within the documents. Ubisoft claims that the five listed in the latest papers managed four DDoS-for-hire services, namely SNG.one, r6ddos.com, r6s.support, and stressed-stresser-stressing-stressers.com.

It is alleged that the five earned a substantial fiscal amount by advertising their DDoS services for fees ranging from $11/month to $300 for lifetime access. With that, the French gaming company is seeking to have charges laid against the five as well as financial relief for damages and costs incurred by their actions. Further, Ubisoft, illuminating on costs incurred by the company stated,

“Defendants' conduct has forced Ubisoft to spend significant sums of money (and vast amounts of time) attempting to remediate the damage caused by the DDoS Services and DDoS Attacks. This includes employing new network and traffic management technologies that counteract the effects of Defendants' DDoS Attacks, responding to player complaints, employing personnel to police the games to detect the use of the DDoS Services, reducing the number of R6S matches per server to mitigate the impact of DDoS Attacks, and 'banning' (i.e., permanently deleting the accounts of) users who are using the DDoS Services.”

The outcome of the case is sure to embolden other game developers and companies to go after those who cheat or impact on the revenue of the company.

▼ Show Discussion

About the author:

Karolis Liucveikis

Karolis Liucveikis - experienced software engineer, passionate about behavioral analysis of malicious apps.

Author and general operator of PCrisk's "Removal Guides" section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over five years working in this branch. He attended KTU University and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications. Contact Karolis Liucveikis.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal