Languagesx
English Deutsch 日本 한국어
Subscribe
Home Marvel Rivals exposes players on PC and PS5 to remote attacks

Marvel Rivals exposes players on PC and PS5 to remote attacks

TLDR

  • A security exploit in Marvel Rivals could allow hackers to take over PCs and PS5s.
  • The flaw involves a remote code execution via the game's patching system, impacting networks.
  • The game runs with administrator privileges on Windows, increasing the risk of severe damage.

A security YouTuber, Shalzuth, has uncovered that the popular multiplayer shooter, Marvel Rivals, might be leaving its players incredibly exposed. However, due to the YouTube channel’s small size, this has gone unnoticed since he posted the breakdown on January 31.

The security exploit allows hackers to potentially take over your entire PC. While the video didn’t go into technical details, Shalzuth shows it hitting a PC and also allowing an entry point to the PS5 version of the game.

Marvel Rivals is incredibly popular, with a regular 200, 000 people online concurrently playing it. It currently contains a method of deploying a remote code execution through the game’s patching system. This is originally intended to allow developers to update parts of the game without having to bring it entirely offline.

The hotfix solution is open to anyone on the same network, and to make matters worse, Marvel Rivals runs with administrator privileges on Windows. With these activated, if the right person got their hands on this exploit, it could do some serious damage.

Marvel Rivals leaves its players open to attack

marvel rivals x-men leak

As Shalzuth states on his blog, this would allow anyone to potentially fake a hotfix for the game, and access your computer. All they’d have to do is connect to the same network.

In the video demo, Shalzuth shows a custom script that will sniff for packets on the network. Once it detects activity for Marvel Rivals connecting to the server, the malicious user can then deploy scripts. The demo deploys a Python script, which could easily be used to mine cryptocurrency or secure passwords and sensitive information.

Thankfully the scope of the issue will rely on that attacker being on the same network. But, if someone were to say, connect to the game over their college or university network, this could be a point of attack.

Shalzuth finishes off by explaining the gaps. A major flaw in Marvel Rivals, aside from running at administrator levels for its anti-cheat, is that the game apparently doesn’t check to see if it is connected to a real server. With this massive gap in the way, Marvel Rivals players are actively at risk.

He claims that he contacted NetEase, the developer, but hadn’t received any timeline for a fix as of the publish date. ReadWrite has reached out to NetEase for comment.

Featured image: Wikicommons, NetEase

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Joel Loynds
Tech Journalist

Joel Loynd’s obsession with uncovering bad games and even worse hardware so you don’t have to has led him on this path. Since the age of six, he’s been poking at awful games and oddities from his ever-expanding Steam library. He’s been writing about video games since 2008, writing for sites such as WePC and PC Guide, as well as covering gaming for Scan Computers, More recently Joel was Dexerto’s E-Commerce and Deputy Tech Editor, delving deep into the exploding handheld market and covering the weird and wonderful world of the latest tech.

Related News

Hunter and palico cooking in Monster Hunter Wilds
Monster Hunter Wilds: every main mission and side quest
Joey Morris
Starship Traveller
Classic Fighting Fantasy book Starship Traveller is now a game – this is very good news
Paul McNally
Geekom A6
Geekom A6 review – versatile mini-pc is your perfect new tiny desktop PC for old-school gaming
Paul McNally
pokemon legends za starters
Who are the Pokemon Legends: Z-A starters?
Jacob Woodward
Hextech Chest in League of Legends
League of Legends to bring back Hextech chests
Joey Morris

Most Popular Tech Stories

Latest News

bet365 tennessee
Betting

bet365 goes live in Tennessee, expanding its U.S. reach
Jacob Woodward17 minutes

In an attempt to bolster its presence in the U.S., bet365 has chosen to launch in the state of Tennessee, bringing the total number of states the sportsbook is active...

Popular TopicsArrow right.svg

Betting
Betting
Betting
Casino
Casino
Casino
Payments
Payments
Payments
Slots
Slots
Slots
Poker
Poker
Poker
Software
Software
Software

Get the biggest iGaming headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Gambling News

    Explore the latest in online gambling with our curated updates. We cut through the noise to deliver concise, relevant insights, keeping you informed about the ever-changing world of iGaming and its most important trends.

    In-Depth Strategy Guides

    Elevate your game with tailored strategies for sports betting, table games, slots, and poker. Learn how to maximize bonuses, refine your tactics, and boost your chances to beat the house.

    Unbiased Expert Reviews

    Honest and transparent reviews of sportsbooks, casinos and poker rooms crafted through industry expertise and in-depth analysis. Delve into intricacies, get the best bonus deals, and stay ahead with our trustworthy guides.