Hackers found security vulnerability in old Naughty Dog game, used it to leak The Last of Us Part 2, says Jason Schreier

  • OP OP Tek
  • Start date Start date
  • Views Views 2,966
  • Replies Replies 1
  • Likes Likes 1

Tek

Well-known member
Member
Joined
Dec 11, 2018
Messages
1,185
Trophies
0
OK: After talking to two people with direct knowledge of how TLOU2 leaked as well as some Naughty Dog employees, I have a good idea of what happened. Short version: hackers found a security vulnerability in a patch for an older ND game and used it to get access to ND’s servers.

I think the footage that leaked is from devs playing an early build (I haven’t watched it). Most importantly, rumors of this being an act of protest by a contractor whose pay was robbed are not true. (ND actually extended pay and healthcare benefits for contractors due to covid)





For those of you interested in TLOU2 leaks and how it happened, here's your rundown I have no idea how many tweets this will be so buckle up

Every ND game has a "final" patch that is pushed to the game that contains an Amazon AWS key, that when paired with a secret bucket ID it will give full access to the server's contents. Theres a different key and bucket ID per game, this is important

This vulnerability was discovered recently and some hackers took full advantage of it, saving TLOU1, UC3, and other dev stuff. At the time, it was disclosed to me around early February, and was very early on so ~January 2020 it was discovered

Come March, keys and data was saved, somewhere around 1-3TB, though I can only say 1TB for sure. They were trying to dump TLOU1 in an effort to get that games key as UC3 had TLOU1 material, so surely TLOU1 had TLOU2? No idea in the end but come April things got spicy

In April all the leaks of story were validated by the footage posted. I cannot speak for the text posts with story, but I can say that the dates from discovery and disclosure match with timestamps in the footage as well. You can check yourself, bottom left of all footage

Come may 30th, late at night, the source that disclosed this to me stated that the key had changed so ND for sure knew how to resolve this issue, and no keys work with the bucket IDs now. This is good but theres more

The individual that spoke to me is a direct source of this compromise, but is NOT (as far as I am aware, or can tell) not the one that leaked this material. I say this because even they were weirdly skeptical about the "ND employee leaked things because they were mad"

I've been watching this for about 3 months now, and after speaking to a first hand source of this, my only conclusion is they (and their immediate circle) did not leak it, but shared information relating to what I described, and another party proceeded to leak such material

This is not the first time this has happened in circles like this either to boot. I trust their word as a first hand source of this happening, and I trust that theyre not dumb enough to leak it, but whether they leaked everything to get such is another story.

In regards to the devkit nonsense: yes you would need a devkit to do this and given that its relatively easy to get one (yes really, it is) this is not very much of a problem. I can say the circle for the vulnerability owns such hardware as well, I've seen the photos

What's the point I'm making? The point: there's plenty of room to argue an ND employee is involved, but from the evidence (which I have submitted to ND back in February) stands to point to an ND-made security vulnerability that was exploited. Not an angry employee

While I will not give names, I will say this: I've been around, I know leaks, I listen, I watch, I keep tabs on things. I've known about this for months and kept quiet publicly but since it's blocked out now and news coverage confirmed what I've known I decided to say so publicly

I have no affiliation with the group, I have no materials from the leak, and I'm not going to. I had my ass bitten once and I dont need a second round of it, but putting the truth out there is important, because even then you'll still have people saying it was an ND employee

Don't believe what sounds like the juiciest story, even if it's what you wanna hear. Sometimes it's really that boring. Hackerman exploiting a vulnerability created by the company's own games to gain internal access. Hopefully this has been enlightening for you

And as one final note: the person that spoke to me asked me about my previous legal run-in. That's primarily what led to this disclosure to begin with. I do not advocate or suggest stealing and leaking. Preservation is important, but dont do it through stealing.

Tacking this onto the bottom since people insist that it was an ND employee when no, it wasnt. Why you think it's an ND employee that leaked this is still baffling to me




 
Well, I heard the PS5 is gonna be "hack proof" or something. But there's still a grass in every part of the entertainment industry. A grass, as in somebody who spills the beans early on, ala Dusk Golem. ;)
 

Latest content

Back
Top