Ubisoft’s uPlay hacked – alleged rootkit discovered

The PC iteration of French publisher Ubisoft’s online network, Uplay, has been hacked. Instead of the usual deluge of pilfered user information being disseminated online, hackers have focused on exposing what many are calling a rootkit that’s been embedded in the mandatory online service.

PC gamers will be well aware that Ubisoft forces Uplay onto any system running their games. It’s an unwanted “service” that essentially equates to DRM. Now, however, it could be a little more nefarious than originally expected.

At present, the data that’s been dug up by hackers is yet to be verified. Certain hacking websites have provided supposed evidence of the alleged Uplay rootkit granting access to a user’s PC applications and files. Despite this, other sources are inclined to believe that this is a security vulnerability rather than a deliberately planted rootkit.

Website CVG has contacted Ubisoft, but the publisher is refusing to comment on the situation. CVG has also asked IT specialists for their opinion, with one such specialist suggesting this is a mere vulnerability: “Functionality in the uPlay browser extension, that normally enables games to be launched from a web browser, turns out can also be used to launch any other program on the system.”

Hackers, however, are adamant that Ubisoft has deliberately installed a rootkit on user PCs, and that that rootkit opens a “backdoor that allows any website to take over your computer”. They’re also citing similarities between this alleged rootkit and the one that was discovered on Sony BMG products during 2005.

Source: CVG