Jakarta, Indonesia Sentinel — Riot Games, renowned for its rigorous approach to combating cheating in online games, has announced a bold initiative inviting ethical hackers to test its Vanguard anti-cheat system. Riot Games is offering bounty of up to $100,000 for uncovering vulnerabilities in Vanguard, aiming to bolster its defenses and ensure fair play for millions of players.
Vanguard is Riot Games proprietary anti-cheat program, initially developed for VALORANT, the company’s first-person hero shooter, in 2020. The system has since been integrated into other popular titles, including League of Legends as of early 2024. Known for its effectiveness in combating cheats like aimbots and hardware exploits, Vanguard remains one of the most robust anti-cheat systems in the gaming industry.
Bug Bounty Program Expands
Riot Games updated its Bug Bounty program to include new categories, specifically targeting Distributed Denial of Service (DDoS) exploits. Rewards for identifying DDoS vulnerabilities range from $500 to $100,000, depending on the severity and scope of the issue.
The program details are available on HackerOne, a platform that connects ethical hackers with companies offering monetary rewards for uncovering software vulnerabilities. Riot’s bug bounties cover a wide range of exploits, including vulnerabilities in infrastructure, cheats, and other game-related issues.
“If you’re able to help us protect our players and their data by responsibly identifying new security issues for us to fix, you are awesome, and we want to reward you,” Riot states as reported by PC Gamer.
Potential Payouts
It’s important to note that while Riot Games’ highest bug bounties amount to 100k, payouts will range depending on a vulnerability’s specific category.
Riot Games has outlined specific categories and corresponding payouts for eligible submissions:
- Critical Vulnerabilities: Issues that enable targeted in-game session disconnections or reveal a player’s IP address can earn hackers up to $100,000.
- Game Server Exploits: Vulnerabilities that crash servers or prevent players from joining games may yield rewards of $5,000–$10,000.
- Player Impact Issues: Exploits affecting multiple game sessions may net hackers $1,000–$4,000, while those impacting single sessions can earn $500–$2,500.
Black Friday 2024: What is It and How to Take Advantage of It
To qualify for a reward, ethical hackers must follow Riot’s guidelines. All vulnerabilities must be responsibly disclosed through Riot’s HackerOne page or via email at bugbounty@riotgames.com. Publicly disclosing bugs without Riot’s consent may result in disqualification from receiving a bounty.
Validation Process
Hackers must validate their findings with Riot’s security team before receiving payouts. “If we can validate that the reported issue qualifies for a bounty, we’ll triage it and keep you up to date about the progress towards resolution” Riot states.
The initiative highlights Riot Games’ commitment to maintaining a fair and secure environment for its global gaming community while fostering collaboration with the broader cybersecurity community.
(Raidi/Agung)