Plenty of exploits were detected before they could harm it

Nov 24, 2014 12:23 GMT  ·  By

League of Legends developer Riot Games confirms that it's established a so-called Bug Bounty program that's available to a few security professionals from around the world, through which it can get information on various exploits or security issues and reward those who bring them to the attention of its own team.

Riot Games' League of Legends is one of the most popular free-to-play games in the world, managing to keep tens of millions of fans hooked on its multiplayer online battle arena (MOBA) experience.

As you can imagine, with all this attention, the online game is the target of quite a few different attempts from nefarious individuals to disrupt its servers, harm its players, or just cause havoc.

While Riot pledges to do everything it can to ensure that the game remains operational and its players feel secure, it admits that an online service can never be bulletproof.

A special Bug Bounty program is operational

As such, after getting quite a few notices from security professionals that found problems within its different League of Legends services, the studio confirms on its website that it's organized a Bug Bounty program in partnership with HackerOne.

Through it, a small group of security professionals handpicked by Riot can share details on what vulnerabilities they find, so that the studio's actual security team can handle them. For their hard work, the professionals were rewarded with over $100,000 (around €80,000).

"Currently in closed beta, The Riot Bug Bounty program is only available to a few security professionals who we’ve already identified. These professionals have helped us squish more than 75 bugs, vulnerabilities, and exploits, including client crash exploits, vision related exploits, and vulnerabilities that could potentially lead to player impersonation on forums," the studio confirms on its website.

Nasty issues were spotted before they could cause havoc

According to the studio, some particularly nasty vulnerabilities were found using the program, so it hopes to let in even more security experts in the near future, after it polishes the system and its rules.

"One researcher found a way to abuse the old chat invite system to crash any recipient’s game client. This could prevent streamers from playing LoL, or prevent players from picking their champions during Champ Select. This would also force dodge penalties and LP loss in ranked games against their target."

As of yet, it's unclear when the program will be released for everyone to use and submit their findings concerning the security of League of Legends.

League of Legends artwork (6 Images)

League of Legends is more secure
Control championsUse your skills
+3more