Ubisoft reports 93% drop in DDoS attacks after pushing back against attackers

Ubisoft said it sent cease-and-desist letters to DDoS service providers, filed complaints against offending players.

ubisoft.jpg

Image: Ubisoft // Composition: ZDNet

Special feature

Special report: A winning strategy for cybersecurity (free PDF)

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets.

Read More

Ubisoft said it recorded a 93% drop in the frequency of DDoS attacks aimed at Rainbow Six Siege (R6S) servers after the company started sending legal threats to DDoS-for-hire services and abusive players as part of a larger set of countermeasures the company announced last month.

At the time, the game maker said it was seeing a massive wave of DDoS attacks, which made R6S gameplay near impossible.

The attacks began after Ubisoft reset R6S player rankings. Some players realized they could DDoS Ubisoft R6S servers to create lag and force opponents to disconnect, so the attacker would earn points to advance through the R6S overall ranking.

After a week of crashed servers and almost constant attacks, Ubisoft reacted by announcing bans, improved server configurations, infrastructure updates, but also legal actions against abusers, in a never-before-seen step from a gaming company.

The company vowed to go after players and DDoS-for-hire services if they were caught launching DDoS attacks against R6S servers.

The aim, the company said, was to reduce the availability of DDoS service providers, to prevent players from cheating their way through the ranks.

In an update published last night, the gaming giant confirmed that it has indeed taken legal actions, and that the September announcement wasn't just an empty threat to intimidate abusers.

The company confirmed sending cease-and-desist letters to DDoS-for-hire services (also known as DDoS booters, or DDoS stressors). Furthermore, Ubisoft said it also filed legal complaints against "prominent DDoS/DoS attackers, and cheat makers."

Lawsuits always work

The referenced "cheat maker" is most likely a player named JVL, owner of the MizuSoft website, known for hosting R6S cheating software. JVL is widely known is the R6S community after he appeared on the BBC to promote his site and bragged about making £1,500 ($1,900) per week.

Ubisoft filed a legal case against JVL last week, claiming they had to spend "enormous sums of money" to defend other gamers against JVL's cheats.

Ubisoft's recent actions on the legal front to protect its players ecosystem is just the latest action taken by gaming companies against cheaters.

While gaming companies have never filed a lawsuit against a DDoS service provider, they have filed a bunch of legal cases against cheat makers, such as JVL, and all have been successful.

For example, in March 2017, Riot Games won $10 million from LeagueSharp, a company that sold League of Legends cheats.

In April 2017, Blizzard won $8.6 million from a German company that sold Overwatch and World of Warcraft cheats.

In May 2017, Microsoft sued two Chinese companies for selling access to hacked Xbox accounts, managing to take down their websites.

In February 2019, Rockstar Games won $150,000 from Florida resident Jhonny Perez, who sold Elusive, a cheat tool for GTA Online.

In June 2019, Epic Games sued a YouTuber named CBV for creating and selling Fortnite cheats on his channel. CBV and Epic Games settled earlier this month.