Patch vulnerability reportedly led to The Last of Us Part II leak

In a nutshell: Sony says that it was someone outside of SIE or Naughty Dog leaked the TLoU2 spoiler footage last week, but would not elaborate. Multiple sources claim the assets were obtained through a security vulnerability coded into older ND games patches. Hackers dumping the code allegedly found AWS passwords to Naughty Dog servers.

Last week, game-ruining spoilers leaked for The Last of Us Part II, including the ending. Rumors were that an angry Naughty Dog employee had posted the game footage. The studio later issued an apology without acknowledging the alleged source of the leak.

On Friday, a Sony spokesperson said the company had “identified” the source of the leak and that it did not originate from within Naughty Dog or Sony Interactive Entertainment.

“SIE has identified the primary individuals responsible for the unauthorized release of TLOU2 assets,” the Sony rep told Polygon. “They are not affiliated with Naughty Dog or SIE. We are unable to comment further because the information is subject to an on-going [sic] investigation.”

Then on Saturday, a Twitter user going by the handle “PixelButts” claimed to know those who did the leaking and revealed how they obtained the footage.

In a series of tweets, PixelButts explained that a hacker group consisting of Naughty Dog enthusiasts had discovered an exploit in January that allowed them to access ND’s AWS servers. It seemed that password information was coded into some of ND’s game patches including Uncharted 3 and The Last of Us. Both games access the servers for online play but also had file fetching functionality. The hackers allegedly used this to steal at least one terabyte of The Last of Us Part II assets.

“Every ND game has a ‘final’ patch that is pushed to the game that contains an Amazon AWS key, that when paired with a secret bucket ID, it will give full access to the server’s contents. There’s a different key and bucket ID per game, this is important,” tweeted PixelButts. “[The hackers] were trying to dump TLOU1 in an effort to get that games key as UC3 had TLOU1 material, so surely TLOU1 had TLOU2?”

On Sunday, former Kotaku editor Jason Schreier tweeted that he had talked to two people with “direct knowledge” of the hack who confirmed this was how the footage obtained. He also spoke with a few Naughty Dog employees who validated the claims.

Neither Sony nor Naughty Dog has officially confirmed these reports, likely because of the ongoing investigation. However, with SIE already admitting it was an outside job, the explanation appears credible. Although, it does seem odd that enthusiasts for the game would leak such damaging spoilers for it. PixelButts claims he does not think someone from the group was responsible.

“I’ve been watching this for about 3 months now, and after speaking to a first hand source of this, my only conclusion is they (and their immediate circle) did not leak it, but shared information relating to what I described, and another party proceeded to leak such material,” he tweeted.

PixelButt believes someone else became informed of the vulnerability, just as he did, and used the exploit to grab and expose the spoiler footage. Of course, until Sony concludes its investigation and releases more information, this is just speculatory.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

For a Hedge Against Inflation - Click the Rocket!

E-Crypto News Executive Interviews

Blockchain/Cryptocurrency Questions and Answers

Crypto Tax
Crypto Tax Software Developers Get Serious about Standards
February 2, 2023
What Is The Nexo Coin (NEXO)?
What Is The Nexo Coin (NEXO)?
February 2, 2023
Stressed about crypto
The Worst Places in the World to Buy and Hold Crypto
January 27, 2023
What Are Crypto Index Funds?
What Are Crypto Index Funds?
January 19, 2023
Can You Make Money Anymore With Crypto in 2023?
January 13, 2023

Automated trading with HaasBot Crypto Trading Bots

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin23,420 0.05 % 0.27 % 1.46 %
Ethereum1,679.7 0.04 % 1.40 % 5.08 %
Tether1.000 0.03 % 0.05 % 0.08 %
BNB283.64 0.09 % 0.32 % 2.79 %
USD Coin1.000 0.44 % 0.25 % 0.18 %
XRP0.4687 0.46 % 4.02 % 4.38 %
Binance USD1.000 0.15 % 0.14 % 0.18 %
Cardano0.4042 0.07 % 0.35 % 3.66 %
Dogecoin0.09722 0.41 % 5.79 % 11.26 %
Polygon1.270 0.23 % 4.15 % 9.93 %

Bitcoin (BTC) $ 23,410.27
Ethereum (ETH) $ 1,678.66
Tether (USDT) $ 1.00
BNB (BNB) $ 330.16
USD Coin (USDC) $ 1.00
XRP (XRP) $ 0.415117
Binance USD (BUSD) $ 1.00
Cardano (ADA) $ 0.404011
Dogecoin (DOGE) $ 0.097633
Polygon (MATIC) $ 1.27