This Tuesday, a security engineer made a somewhat worrying report: Riot Games would be obtaining data from its users illegally. The publication, made by JustAReverser no site Unknown Cheats, reveals potentially malicious code in the company’s anti-cheating softwareVanguard, used in games Valuing and scheduled to premiere on League of Legends (LoL) this Wednesday (1).

According to the author, the discovery was made “a few weeks ago”, and was found only because of his interest in better understanding how Vanguard works, as it will also be implemented in the famous MOBA. According to “JustAReverser”, who preferred not to identify himself, The company’s anti-cheat software has code that allows the entire computer interface to be captured — not just the “protected” game.. Supposedly, the resource would record any type of overlays and even content displayed on other monitors on the desktop.

The security engineer explained that the parameters that activate the code have not yet been identifiedbut it is known that he is performed at least once in each game Valuing. The image format, its quality and recorded content are details decided by the Vanguard Server.

Apparently, still it is possible that Valuing is also capturing screen images in a “more obscure way” — something still to be investigated in depth. But after all, how does this supposedly affect users and players who have Vanguard installed?

To answer the question, Voxel contacted “JustAReverser”, through our sources “Rose” and “Luck”, via Discord. Check out the exclusive interview with the security engineer below, who preferred to remain anonymous.

Vanguard Data Privacy Breach

Before starting, it is worth detailing more about the context of the discovery of JustAReverser”, which occurred in partnership with another specialist who identifies himself as “0xCODEBABE”. According to the security engineer, the problem was identified in the April 2024 version of Vanguard — but it had been the subject of speculation for years, with the supposed evidence only being obtained now.

Second JustAReverser”, the code is still active and functionalit is not an addition “forgotten” by developers. He still claims to have screenshots obtained through bitblt present in the “Valorant.Exe” file, in BMP format, eventually converted into JPEG by the “vgc.exe” file — parameters that can be modified.

VoxelVoxel interview with JustAReverser, who preferred not to be identified. (Source: Luck, Adriano Camacho, Voxel)

The security engineer also states another worrying anomaly: Vanguard would be exporting data from European Union citizens directly to North American servers, something against the General Data Protection Regulation (GDPR). In a similar way, the same problem may also be happening with Brazilian playerswhich would violate the General Personal Data Protection Law (LGPD) — however, it is something that should still be treated as speculation.

Can Vanguard leak my data?

At least for now, “JustAReverser” states that Vanguard did not send the data obtained to third-party agents — only to North American servers. However, he warns about the possible seriousness of the scenario: “There are people who can work from home and have data from their companies leaked. Keep in mind that if Riot Games is hacked — again —, all screenshots could be leaked.”

Furthermore, the case could get worse: “a hacker could even control the screenshot any time he wanted,” explains the security engineer. And if it seems like a very remote possibility, it’s worth remembering that Riot Games was already hacked, about a year ago, refusing to pay a “data ransom” of US$10 million — around US$52 million, in direct conversion .

voxelIf confirmed, Riot’s data privacy issue could affect millions of players. (Source: Adriano Camacho, Voxel)

In this context, “Luck” — our source, who is also a developer and works in the area of ​​reverse engineering — warns players: “With the implementation of Vanguard in League of Legends tomorrow, May 1st, I would recommend being careful about what you leave exposed while playing”.

He recommends: “Personally, I’m going to use two computers to separate my personal life and games,” he explains, “to avoid any problems with my data being shared with sources I don’t know.”

A Riot Games e a LGPD

In the event that Riot Games actually obtained data from its users illegally, this would violate the General Personal Data Protection Law (LGPD) — which has been taking care of Brazilians’ information since 2018. In this supposed case, the North American company could face a series of sanctionsarranged below, as described by the website Terracap:

  • Warning;
  • Simple fine (up to 2% of revenue up to a limit of R$50 million);
  • Daily fine;
  • Possibility of publicizing the infraction;
  • Blocking of the personal data involved;
  • Deletion of the personal data involved;
  • Partial suspension of the database involved for up to 6 (six) months; It is
  • Partial or total prohibition on carrying out activities related to data processing.

However, it is possible to speculate that the measures in this hypothetical case would be revised according to the severity of the problemaccording to the standards of National Data Protection Authority (ANPD).

To talk about the case, Voxel contacted Riot Games, but did not receive a response until the publication of this report. We will update the text with new information.

However, the company published the following note, in 2020, about Vanguard:

“Vanguard does not collect or process any personal information beyond what the current League of Legends anti-cheat solution does. Riot does not want to know more about you or your machine than necessary to maintain high integrity in your game. The data of the game we collect are used for the operation of the game and integrity-related services such as Packman and Vanguard.”


Leave a Reply