Ubisoft executives when they learn some nerds gifted more than the entire United States National Debt ($38,000,000,000,000) to a bunch of stinky gamers

To those who are non-nerds,

Yes, the situation is funny. (Un)fortunately in this scenario everything in game is now worthless because everyone has everything. What will most likely happen is Ubisoft will sigh, do a massive database roll back, or mass undo inventory stuff for players.

This isn't going to destroy their company or revenue. It will however annoy the shit out of them (leadership) and the developers because they're going to have to work to fix the issue during the holiday season.

My post is meant to be funny. I enjoy mocking the absurdity of the situation and poking fun at large companies who have oopsies like this.

inb4 no backups, everything is actually cooked

Clarification post, previous post about Ubisoft lead to some confusion. That's my fault. I'll be more verbose. I was trying to compress the information into 1 singular post without it exceeding the word limit.

Here's the word on the internet streets:
- THE FIRST GROUP of individuals exploited a Rainbow 6 Siege service allowing them ban players, modify inventory, etc. These individuals did not touch user data (unsure if they even could). They gifted roughly $339,960,000,000,000 worth of in-game currency to players. Ubisoft will perform a roll back to undo the damages. They're probably annoyed. I cannot go into full details at this time how it was achieved.

- A SECOND GROUP of individuals, unrelated to the FIRST GROUP of individuals, exploited a MongoDB instance from Ubisoft, using MongoBleed, which allowed them (in some capacity) to pivot to an internal Git repository. They exfiltrated a large portion of Ubisoft's internal source code. They assert it is data from the 90's - present, including software development kits, multiplayer services, etc. I have medium to high confidence this true. I've confirmed this with multiple parties.

- A THIRD GROUP of individuals claim to have compromised Ubisoft and exfiltrated user data by exploiting MongoDB via MongoBleed. This group is trying to extort Ubisoft. They have a name for their extortion group and are active on Telegram. However, I have been unable to determine the validity of their claims.

- A FOURTH GROUP of individuals assert the SECOND group of individuals are LYING and state the SECOND GROUP has had access to the Ubisoft internal source code for awhile. However, they state the SECOND GROUP is trying to hide behind the FIRST GROUP to masquerade as them and give them a reason to leak the source code in totality. The FIRST GROUP and FOURTH GROUP is frustrated by this

Will the SECOND GROUP leak the source code? Is the SECOND GROUP telling the truth? Did the SECOND GROUP lie and have access to Ubisoft code this whole time? Was it MongoBleed? Will the FIRST GROUP get pinned for this? Who is this mysterious THIRD GROUP? Is this group related to any of the other groups?

Find out next time on Dragon Ball Z

People are celebrating the Ubisoft drama like when Bin Laden died

Damn, y'all hate this company

Rainbow 6 Siege announced a rollback will be occuring. Users who spent the $13,000,000 of in-game credits gifted to them by the Threat Actors will not be punished. However, the purchasers will be reversed.

Additionally, users who were banned by the Threat Actors will be unbanned.

The parties over.

Hello,

I have more silly news to share. Unfortunately I have torn the ligament that connects my pubic muscles to my hip, or something, I don't know. I don't understand it at all. However, I do understand my testicles are in immense pain and I am unable to move.

Once my testicular pain has resided I have silly news.

Thanks,
-smelly smellington

Here is a silly image of someone logging into Rainbow Six Siege earlier today and receiving a deposit of over 2,100,000,000 credits.

15,000 credits is $99.99

$13,998,600 worth of in-game currency.

Unfortunately, it's been rolled back and the in-game currently is gone. Interestingly, this proves Ubisoft does indeed possess the capability to allow users to own and/or purchase over $13,000,000 worth of in-game purchases for micro-transactions

> post about vuln billion dollar Italian company
> ppl say italy wont care
> italy gov contacts me
> ubisoft hacked and bamboozled
> tarkov auth bypass bamboozles
> trustwallet users drained of $9m on christmas
> more i cant say yet

Another day of internet schizophrenia.

On today's episode of Dragon Ball Z

The FIRST GROUP is laying low after gifting everyone on Rainbow Six Siege $339,000,000,000,000 worth of in-game currency.

The SECOND GROUP has been having some conflicts with people on THE INTERNET. The story has changed. Initially I shared this group had compromised an internal Git repository, or something, and had stolen internal source code. Word is now that this was A LIE (or exaggeration) and they do not have as much material as they shared.

The THIRD GROUP is LYING. They did NOT compromise Ubisoft customer data (to the best of my knowledge) and they're trying to scare and intimidate Ubisoft or Ubisoft employees because ???

The FOURTH GROUP is also kind of laying low. They assert GROUP TWO is a bunch of jerks. Basically, to reiterate, the FOURTH GROUP thinks GROUP TWO has had some source code to Ubisoft for awhile BUT thinks GROUP TWO is trying to hide behind GROUP ONE and basically frame them, or something, I don't know.

There's also a bunch of IMPOSTER GROUP TWOs on the internet now. They are people lying trying to impersonate extortionists ... because ... don't understand why.

Will GROUP ONE let me talk more about how they bamboozled Ubisoft? Will GROUP ONE keep ignoring my DMs? Will GROUP TWO show more proof about their data exfiltration other than "cmon bro"? Will GROUP FOUR continue to have beef with GROUP TWO? Who is GROUP THREE and why did they lie about compromising Ubisoft customer data? Why are there now IMPOSTER GROUP THREE people?

Find out next time on Dragon Ball Z

I'm trying to notify this Web3 startup company they have a pretty severe vulnerability in one of their products.

The CEO of the company advertises his Telegram handle, but trying to contact him he charges $1.49 per message sent to him

Dude what the fuck?

I have a bunch of people from India being mean to me because I wrote the Insider Threats that hurt some companies were worked off-shored to India

What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg

Chat, we've solved the mystery of the Ubisoft Rainbow Six Siege incident. Unfortunately, I cannot go too deep into details (yet), but it is very silly.

Okay, we have FIVE GROUPS of people now.

GROUP ONE - Responsible for the Rainbow Six Siege incident, they gave away $339,000,000,000 worth of in-game currency and caused chaos. They're now sort of laying low.

GROUP TWO - Claims to have Ubisoft source code. They claimed it was from MongoBleed. This has been proven to be A LIE. However, they DO have internal things from Ubisoft. They lied how they achieved it (read more, GROUP FIVE)

GROUP THREE - Has been lying on Telegram claiming to have compromised Ubisoft. They're using fake data to try to intimidate Ubisoft, and Ubisoft customers, to pay them money. They're all lying.

GROUP FOUR - Very critical of GROUP TWO, calls GROUP TWO LIARS. GROUP FOUR says GROUP TWO is trying to bamboozle GROUP ONE

GROUP FIVE - GROUP FIVE appeared today and presented a comprehensive breakdown on the Ubisoft Rainbow Six Siege (and other) conflicts. GROUP FIVE illustrated step by step how all actions were performed. GROUP FIVE unveiled exactly how GROUP TWO managed to get access to Ubisoft internals (with photographic evidence). GROUP FIVE also provided code demonstrating how GROUP ONE did many things as well other things not reported. GROUP FIVE has a big swinging dick and isn't fucking around. GROUP FIVE is pretty hardcore, not even memeing. They're very intelligent and calculated in what they say and do. GROUP FIVE (probably) make and sell cheats for Ubisoft soft games and are very talented reverse engineers.

Ubisoft is well aware of GROUP ONE, GROUP TWO, GROUP FOUR, and GROUP FIVE. GROUP FIVE also provided a comprehensive breakdown on how Ubisoft knows things.

All of the groups listed, except GROUP THREE, know each other and operate loosely together, in some capacity, it's basically a hardcore community of gaming Ubisoft nerds.

Don't worry, Ubisoft, I'll keep your secrets safe. You and I (your company) probably understand what I'm referencing in this post.

GROUP FIVE has promised to do a write-up and technical breakdown at a later time which I can share publicly. However, they will not do it yet because of some stuff happening between GROUP ONE and GROUP TWO.

The anime saga has concluded.

Oh, and for the record, GROUP FIVE only appeared because they were annoyed GROUP TWO lied about getting data as a result of MongoBleed. They only came toward to dispell rumors and tell the other nerds to shut up

People think Sha1-Hulud is behind TrustWallet ?!

Two of the most dangerous hackers on the planet.

I saw KlezVirus do a write-up on callback abuse. I had this really silly idea of taking his proof-of-concept but nesting his proxy callbacks between nested callbacks from callbacks

Replace the printf stuff with malicious stuff or more callbacks

https://pastebin.com/raw/WeNbbkzv

This is an absolutely absurd and silly idea. I don't even know the applicability and evasiveness behind it, but it's so outrageous it makes me giggle

I've had a few posts break past 70k likes, 80k likes, and even 100k likes.

Chat, have we broken the malware cement ceiling? Are we bringing malware to the masses?

We're making malware cool and badass by a combination of malware sprinkled with pictures of kitty cats

Some nerds identified a cybersecurity company based out of Asia with all these awards listed on their site. They list all these fancy certifications, their industry partners, etc.

They vibe coded their website. It's incorrectly configured and API keys are exposed publicly.

THEY ADVERTISE THEMSELVES AS EXPERTS IN WEB SECURITY