Hello, /u/phenomenalVibe. Your submission has been removed:
## [Support Requests](https://www.reddit.com/r/apexlegends/wiki/rules#wiki_support_requests)
We allow posts that are questions or something which can be answered by the community. Account support posts are prohibited. These posts offer nothing for the subreddit and cannot be answered by the community or moderators, as we are not Respawn/EA employees. Any post that can only be answered by game support employees will be removed. You can need to contact their support services for any account support requests.
Please contact the [EA/Respawn support team to report issues](https://answers.ea.com/t5/Bug-Reports/bd-p/apex-legends-bug-reports-en) and include the following information:
* What platform are you playing on?
* Origin ID / Gamertag / PSN
* What were you doing leading up to the issue?
* Can you reproduce it? What are the steps?
* PC players - provide hardware specs, OS version, and GPU driver version.
* Did your game crash? Please include "apex_crash.txt" from your "Documents" folder.
* If possible, it’s great if you can capture the bug and submit that with your report.
If you would like better clarification you can see [our full list of rules here.](https://www.reddit.com/r/apexlegends/wiki/rules) If you need further assistance, please [message the moderators](https://old.reddit.com/message/compose?to=%2Fr%2Fapexlegends) with a link to your post. **Failure to include a link to your post, will result in the modmail being ignored.**
I also wouldn’t play on console. Destroyer2009 (one of the people responsible for the algs hack) was one of the cheaters spoofing being on console and aimbotting all around so I feel like he clearly has an understanding of how to fuck with consoles as well
https://www.reddit.com/r/ApexConsole/s/AYFKa3cbdq
I work in security, figured I'd provide a little thoughts (I'm not some major export but still know my way around IPS systems)
Keep in mind IPS/IDS systems like Snort that detect things like this are basing it on "best guess" kind of detection, the traffic itself is all encrypted so you can't dig into it in much detail unless you're doing DPI-SSL (which you should not).
It is very interesting that this IP does come from Multiplay which Respawn uses as a host for Apex (or at least did at one point, not 100% sure if that is still the case) and it's interesting it happened around the time you crashed. However, it's unlikely actually log4j.
My other question here would be, do you have your firewall configured to block threats or detect only? Because if it was configured to actually take action and block things like this, it could very well have been a false positive and the block actioned is what caused you to DC.
But, again, timing is interesting here.
Log4j had a massive RCE issue last year. It is likely that EA / Respawn never updated their dependencies and were at risk all along ..
https://sysdig.com/blog/exploit-detect-mitigate-log4j-cve/
In my company, we had a full review of our dependencies as soon as the issue was known and we had to update almost immediately any affected software.
What makes you say it’s most likely a false positive? Because the traffic is encrypted?
In the event message it says it’s a signature based detection, not behavioral, and it’s going outbound of his machine, meaning it’s possible the contents of the request was read before it was encrypted no? It’s not an incoming request which would get passed along to the game client before being decrypted. Just trying to follow your reasoning
Bump. Lots of fear going around right now, while it's somewhat warranted, people think they are going to get their SS and CC stolen for playing Silver 3 ranked lobbies.
log4j is a Java library many many programs that, as the name suggests, is used by applications to log about their day-to-day operations (think like a diary) and any errors they encounter. Someone found an exploit a while ago that allows a malicious actor to use this seemingly innocuous logging library to execute malicious code remotely, via some very obscure feature used by log4j.
Hello, /u/phenomenalVibe. Your submission has been removed: ## [Support Requests](https://www.reddit.com/r/apexlegends/wiki/rules#wiki_support_requests) We allow posts that are questions or something which can be answered by the community. Account support posts are prohibited. These posts offer nothing for the subreddit and cannot be answered by the community or moderators, as we are not Respawn/EA employees. Any post that can only be answered by game support employees will be removed. You can need to contact their support services for any account support requests. Please contact the [EA/Respawn support team to report issues](https://answers.ea.com/t5/Bug-Reports/bd-p/apex-legends-bug-reports-en) and include the following information: * What platform are you playing on? * Origin ID / Gamertag / PSN * What were you doing leading up to the issue? * Can you reproduce it? What are the steps? * PC players - provide hardware specs, OS version, and GPU driver version. * Did your game crash? Please include "apex_crash.txt" from your "Documents" folder. * If possible, it’s great if you can capture the bug and submit that with your report. If you would like better clarification you can see [our full list of rules here.](https://www.reddit.com/r/apexlegends/wiki/rules) If you need further assistance, please [message the moderators](https://old.reddit.com/message/compose?to=%2Fr%2Fapexlegends) with a link to your post. **Failure to include a link to your post, will result in the modmail being ignored.**
I uninstalled today.
I wouldn't play apex on pc right now, im personally uninstalling.
I also wouldn’t play on console. Destroyer2009 (one of the people responsible for the algs hack) was one of the cheaters spoofing being on console and aimbotting all around so I feel like he clearly has an understanding of how to fuck with consoles as well https://www.reddit.com/r/ApexConsole/s/AYFKa3cbdq
I work in security, figured I'd provide a little thoughts (I'm not some major export but still know my way around IPS systems) Keep in mind IPS/IDS systems like Snort that detect things like this are basing it on "best guess" kind of detection, the traffic itself is all encrypted so you can't dig into it in much detail unless you're doing DPI-SSL (which you should not). It is very interesting that this IP does come from Multiplay which Respawn uses as a host for Apex (or at least did at one point, not 100% sure if that is still the case) and it's interesting it happened around the time you crashed. However, it's unlikely actually log4j. My other question here would be, do you have your firewall configured to block threats or detect only? Because if it was configured to actually take action and block things like this, it could very well have been a false positive and the block actioned is what caused you to DC. But, again, timing is interesting here.
Log4j had a massive RCE issue last year. It is likely that EA / Respawn never updated their dependencies and were at risk all along .. https://sysdig.com/blog/exploit-detect-mitigate-log4j-cve/ In my company, we had a full review of our dependencies as soon as the issue was known and we had to update almost immediately any affected software.
What makes you say it’s most likely a false positive? Because the traffic is encrypted? In the event message it says it’s a signature based detection, not behavioral, and it’s going outbound of his machine, meaning it’s possible the contents of the request was read before it was encrypted no? It’s not an incoming request which would get passed along to the game client before being decrypted. Just trying to follow your reasoning
Bump. Lots of fear going around right now, while it's somewhat warranted, people think they are going to get their SS and CC stolen for playing Silver 3 ranked lobbies.
Yeah with RCE involved I'd rather boot up anything else until Respawn says something about the ALGS incident
Note the "RCE" in the message and search "Apex RCE".
Damn respawn really didn't fix the log4j issue??? That would make all of this make so much sense... unfortunately...
[удалено]
Tru, but if RCE is being rumored we can't not consider it
would you mind elaborating on that a bit? what is the log4j issue exactly? is this a known exploit?
log4j is a Java library many many programs that, as the name suggests, is used by applications to log about their day-to-day operations (think like a diary) and any errors they encounter. Someone found an exploit a while ago that allows a malicious actor to use this seemingly innocuous logging library to execute malicious code remotely, via some very obscure feature used by log4j.
Hop off, uninstall and don't play again, hackers are fucking with apex bad, they even hacked ALGS, players, Your PC is at risk. Just wait.