Hackers that got into Ubisoft’s online PC network found exposed data for uPlay which could be used for malicious software. Specifically some hackers claim uPlay could be used as a rootkit to get into other people’s systems and activate programs against their will. However, the possibility of uPlay being a rootkit is up to debate with some software security experts.
Computer and Video Games (CVG) were told by IT experts that uPlay’s browser extension could be used as a backdoor program. “Functionality in the uPlay browser extension, that normally enables games to be launched from a web browser, turns out can also be used to launch any other program on the system,” was sent to CVG. Later another message about the uPlay exploit claims to have launched a calculator program on someone’s machine, which means a malicious hacker could run any program on another person’s machine using uPlay.
Rik Ferguson, director of security research at Trend Micro, doesn’t think that Ubisoft’s uPlay could be considered a rootkit. “The reports state the expoitable code is in the form of a browser plugin, the plugin does not attempt to hide its presence on your system and can be relatively simply disabled,” Ferguson stated. Ferguson and other experts agree that uPlay’s code could be easily exploited by malicious hackers, due to the bad code nested in it.
According to Wikipedia, a rootkit is defined as a malicious program that hides itself while opening up a system to any malicious hackers. Considering that uPlay is a program that has to be installed with consent with any gamer if they wish to play any Ubisoft game, I don’t see how this could be hidden from the user. But considering this is a mandatory DRM (Digital Rights Management) program gamers need to install if they wish to play any Assassin’s Creed game (or any other game from Ubisoft’s library) on their PC, they could be opening up their computer for any malicious hackers to abuse.
Ferguson and others urge Ubisoft to release a patch to fix this issue, yet Ubisoft has declined to comment at this stage.
