Apex Legends live-match disruption from remote input hijacking
Service Disruption
Summary
Hide ▲
Show ▼
During the weekend, Apex Legends live matches were disrupted when a bad actor remotely controlled player inputs, disconnecting clients and changing nicknames. Respawn said its initial investigation found no evidence of RCE or an injection attack, narrowing the event to live-session integrity abuse rather than confirmed code execution. The company later said it had resolved the incident about six hours after acknowledging it.
Related Happenings
GlassWorm malware wave targets macOS developers via malicious extensions
Malware Activity
First: 01.01.2026 17:18
Last: 01.01.2026 17:18
Sources 1
About this happening:
**Chinese-speaking threat actors** used a **compromised SonicWall VPN appliance** in **December 2025** to deliver a **VMware ESXi** exploit toolkit that Huntress says likely chain...
GlassWorm malware wave targets macOS developers via malicious extensions
Malware ActivityAbout this happening: **Chinese-speaking threat actors** used a **compromised SonicWall VPN appliance** in **December 2025** to deliver a **VMware ESXi** exploit toolkit that Huntress says likely chain...
Latest development: 08.01.2026 23:27
Huntress analyzed December 2025 attacks against VMware ESXi environments in which a compromised SonicWall VPN appliance provided initial access, a compromised Domain Admin account was used to pivot via RDP to domain controllers, and the toolkit deployed MAESTRO (exploit.exe), MyDriver.sys, VSOCKpuppet, and GetShell Plugin (client.exe). Huntress also noted build paths containing simplified Chinese and an English-language README, suggesting a well-resourced developer operating in a Chinese-speaking region.
Timeline
-
12.01.2026 21:51 2 articles · 4mo ago
Apex Legends live-match disruption from remote input hijacking
Initial DisclosureSince **at least Friday**, players first noticed **live-match hijacking** in **Apex Legends**, including characters being moved off the map and in-game names being altered. The early reports pointed to a live-session control problem affecting active matches.
Show sources
- 'Bad actor' hijacks Apex Legends characters in live matches — www.bleepingcomputer.com — 12.01.2026 21:51
- 'Bad actor' hijacks Apex Legends characters in live matches — www.bleepingcomputer.com — 12.01.2026 21:51