Popular Search Terms

Blackjack Casino News Betting News Sweepstakes NHL Betting
Home Marvel Rivals exposes players on PC and PS5 to remote attacks

Marvel Rivals exposes players on PC and PS5 to remote attacks

TLDR

  • A security exploit in Marvel Rivals could allow hackers to take over PCs and PS5s.
  • The flaw involves a remote code execution via the game's patching system, impacting networks.
  • The game runs with administrator privileges on Windows, increasing the risk of severe damage.

A security YouTuber, Shalzuth, has uncovered that the popular multiplayer shooter, Marvel Rivals, might be leaving its players incredibly exposed. However, due to the YouTube channel’s small size, this has gone unnoticed since he posted the breakdown on January 31.

The security exploit allows hackers to potentially take over your entire PC. While the video didn’t go into technical details, Shalzuth shows it hitting a PC and also allowing an entry point to the PS5 version of the game.

Marvel Rivals is incredibly popular, with a regular 200, 000 people online concurrently playing it. It currently contains a method of deploying a remote code execution through the game’s patching system. This is originally intended to allow developers to update parts of the game without having to bring it entirely offline.

The hotfix solution is open to anyone on the same network, and to make matters worse, Marvel Rivals runs with administrator privileges on Windows. With these activated, if the right person got their hands on this exploit, it could do some serious damage.

Marvel Rivals leaves its players open to attack

marvel rivals x-men leak

As Shalzuth states on his blog, this would allow anyone to potentially fake a hotfix for the game, and access your computer. All they’d have to do is connect to the same network.

In the video demo, Shalzuth shows a custom script that will sniff for packets on the network. Once it detects activity for Marvel Rivals connecting to the server, the malicious user can then deploy scripts. The demo deploys a Python script, which could easily be used to mine cryptocurrency or secure passwords and sensitive information.

Thankfully the scope of the issue will rely on that attacker being on the same network. But, if someone were to say, connect to the game over their college or university network, this could be a point of attack.

Shalzuth finishes off by explaining the gaps. A major flaw in Marvel Rivals, aside from running at administrator levels for its anti-cheat, is that the game apparently doesn’t check to see if it is connected to a real server. With this massive gap in the way, Marvel Rivals players are actively at risk.

He claims that he contacted NetEase, the developer, but hadn’t received any timeline for a fix as of the publish date. ReadWrite has reached out to NetEase for comment.

Featured image: Wikicommons, NetEase

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Joel Loynds
Freelance Journalist

Joel Loynd’s obsession with uncovering bad games and even worse hardware so you don’t have to has led him on this path. Since the age of six, he’s been poking at awful games and oddities from his ever-expanding Steam library. He’s been writing about video games since 2008, writing for sites such as WePC and PC Guide, as well as covering gaming for Scan Computers, More recently Joel was Dexerto’s E-Commerce and Deputy Tech Editor, delving deep into the exploding handheld market and covering the weird and wonderful world of the latest tech.

Related News

New game Arknights: Endfield pulls plug on PayPal payments after unauthorized transactions
Joel Loynds
Hunter and palico cooking in Monster Hunter Wilds
Monster Hunter Wilds: every main mission and side quest
Joey Morris
Starship Traveller
Classic Fighting Fantasy book Starship Traveller is now a game – this is very good news
Paul McNally
Geekom A6
Geekom A6 review – versatile mini-pc is your perfect new tiny desktop PC for old-school gaming
Paul McNally
pokemon legends za starters
Who are the Pokemon Legends: Z-A starters?
Jacob Woodward

Most Popular Gambling Stories

Latest News

Interior view of Two Coppers Casino in Juneau, Alaska, featuring rows of electronic gaming machines, red chairs, bright slot displays, and overhead television screens during the casino’s soft opening.
Casino

Tlingit and Haida opens Two Coppers Casino in Alaska amid ongoing tribal gaming debates
Suswati Basu21 hours

The Central Council of the Tlingit & Haida Indian Tribes of Alaska marked the soft opening of the Two Coppers Casino last week (June 5), unveiling a project tribal leaders...

Popular TopicsArrow right.svg

Betting
Betting
Betting
Casino
Casino
Casino
Payments
Payments
Payments
Slots
Slots
Slots
Poker
Poker
Poker
Software
Software
Software