Ubisoft takes DDoS-for-hire website to court over attacks on video game servers

Graham Cluley
Graham Cluley
@[email protected]

Ubisoft takes DDoS-for-hire website to court over attacks on video game servers

Video game maker Ubisoft gas filed a lawsuit against the alleged operators of a DDoS-for-hire website, claiming they are “well aware of the harm” the service has caused for the company.

As Polygon reports, the publisher of such popular games as Assassin’s Creed, Far Cry, and Tom Clancy’s Rainbow Six: Siege has been targeted by distributed-denial-of-service attacks that “create lag in multiplayer matches and can crash servers.”

The SNG.ONE website named in the lawsuit sells a service which allows anyone to anonymously “test [their] services against (D)DoS attacks.”

Sng one

A disclaimer on the website reminds users that the DDoS-for-hire service (sometimes known as a “booter” or “stresser” service) should only be used against customers’ own sites, to see how well they would withstand a criminal attack.

“By using this website, you agree that you only use it for your own servers/services”

However, in its lawsuit Ubisoft claims that SNG.ONE staff are prepared to facilitate their clients’ requests to launch DDoS attacks against the servers of video games such as Rainbow Six: Siege (R6S):

Optionally, purchasers also may pay to have members of the SNG.ONE “team”(i.e., Defendants or one of their agents or employees) “set up” their computer (such as by configuring the customer’s computer with the proper IP addresses and settings), so that they may immediately use the DDoS Service to attack the R6S Servers. Once the customer’s computer is properly configured, the purchaser may launch a DDoS Attack on the R6S Server at-will, subject only to the limitations of the license that the purchaser has paid for.

The lawsuit contains a screenshot of the r6s.support website which appears to show a list of potential targets including Fortnite, FIFA 20, Call of Duty: Modern Warfare 4, as well as Rainbow Six: Siege.

Sign up to our free newsletter.
Security news, advice, and tips.

Bizarrely, according to Ubisoft’s lawsuit, the r6s.support website was later replaced by phony notice that falsely claimed the website had been seized as part of a co-ordinated operation between Europol, Microsoft, and Ubisoft dubbed “DDoS OFF”.

Site seizure fake notice

DDoS attacks have long plagued the makers of video games – whether it be for the purposes of extortion, juvenile mischief-making or petty rivalries between gamers.

For instance, in 2011, Minecraft, League of Legends, and EVE Online were struck by a DDoS attack instigated by the notorious LulzSec gang. More recently, in October 2018, the launch of Ubisoft’s Assassin’s Creed Odyssey video game was disrupted by a DDoS attack that swamped its servers.

The lawsuit filed against the alleged operators of SNG.ONE follows other steps taken by Ubisoft in recent months. Back in September 2019 it announced that it was sending cease-and-desist letters to various DDoS-for-hire services which had targeted Rainbox Six: Siege. As ZDNet reported subsequently, Ubisoft claimed that resulted in an impressive 93% drop in the frequency of DDoS attacks against R6S servers.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Ubisoft takes DDoS-for-hire website to court over attacks on video game servers”

  1. Rakesh N

    It's funny to see a CoD screenshot made by EA and Tencent used for talking about Ubisoft ????????

    1. Graham CluleyGraham Cluley · in reply to Rakesh N

      Ha ha… shows how out-of-date I am with modern video games. I'm still playing Jet Set Willy.

      I've fixed the image. Thanks.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.