On Sunday night, InnerSloth (the company behind the Among Us game) was continuously attacked. Forcing them to kick bad actors off servers, as well as innocent players.

The company is asking players to be patient, while they address this and other security concerns that have appeared recently.

Have you played the game? If so, have you experienced any outages?

I hope not. But many are, and it wasn’t clear who was responsible… Until now.

 

The Real Impostor: Among Us Hacker

This game’s popularity has risen up meteorically and the InnerSloth three-person team (one animator, one designer, and one artist) seems to have issues controlling all the attention, not being able to keep up with malicious actors.

Just in case you didn’t know, AmongUs is a social deduction online multiplayer game, that takes place in a spaceship. You and your crewmates have to locate and eliminate some imposters that live “among us.” 

The imposter’s mission is to take your life, while you all prepare your ship through randomly-placed quests. So far, the game has 5.3 million downloads on Google Play.

Among Us is not a new game. It was released two years ago, but the quarantine season helped it getting discovered by mainstream media attention.

Attention is a cybercriminal’s favorite dish.

Funny enough, the attacks weren’t caused by money-asking cybercriminals. This time, it was another played called “Eris Loris” who spammed players with in-game messages, promoting both a YouTube channel and a Discord server.

It also showed threats (of blowing user’s phones) and Trump 2020 endorsements.

The one behind it was capable of breaching and overwhelming the game with bots.

This was later confirmed by affected players, who reported it on Among Us subreddit. One user wrote: 

“So far every single server I’ve joined is hacked by Eris Loris today. I have tried maybe 40-plus games. Not a single one wasn’t hacked within 10-30 seconds.”

As it was mentioned by the resident programmer of the game, Forest Willard, the servers were updated that same night, which in some way helped them identify these bots to kick them out before worsening everything with more problems.

Of course, the move came with a downside, which he added in a tweet: this “emergency maintenance” is for the greater good and should be seen like it. 

“The reason I didn’t roll this update out sooner is that I was afraid of false positives: You totally might see the game think you’re hacking when you’re not.

I’ve done my best to find this kind of bug, but my hand is forced this time.”

Interestingly enough, the individual behind Eris Loris’ identity told Kotaku that “he attacked Among Us because he thinks it’s funny to rile people up.”

And that all the blame for the damage falls on the Innersloth team’s inability to scale up fast. 

“Among Us may be a small developer team, but that’s not my fault. The game is at a scale bigger than most games. There is nothing stopping them from getting more developers, so the ‘it’s three people’ reasoning means nothing to me.”

Somehow, you could agree with him. 

After scrolling through the Among Us subreddit, it’s noticeable how breaches and cheating are day-to-day events on the game. 

According to Screen Rant, spike traffic in October shut down their servers.

Before fixing the issue, InnerSloth said they’re “super-duper aware” of the issue:

On Twitter: Please play private games or with people you trust!!! We’re doing what we can!!

While the security infrastructure of AmongUs seems to be alright now, the company assures they will keep working more on it (the original) therefore, are delaying the release of its sequel: Among Us 2.

“The main reason we are shooting for a sequel is that the codebase of Among Us 1 is so outdated and not built to support adding so much new content.

“However, seeing how many people are enjoying Among Us 1 really makes us want to be able to support the game and take it to the next level. We have decided to cancel Among Us 2 and instead put all our focus into improving Among Us 1.”