Libretro / RetroArch Targeted in Hacker Attack

In sad news for the hombrew and emulators communities across multiple scenes and platforms, I regret to inform our readers that several days ago Libretro/RetroArch was the victim of a targeted hacker attack. While it seems the end-users are safe from the damage (no cores or installations should be considered dangerous), the same cannot be currently said about the work of the development team behind the great all-on-one emulator we have come to know and love. A sizeable amount of Libretro/RetroArch repositories have been wiped clean, and the development team is working hard to see if Github will be able to help them restore the lost data. The nightly and stable buildbot services have also been crippled, and end-users are not longer able to update or downloads cores, assets, overlays and shaders. The netplay lobby service is also currently not working.

bg.png

While the Libretro/RetroArch determines their next steps, including possibly switching to a new server (which would slow down the process in releasing console specific builds), they may soon be asking for users to supply git repositories with the full history intact. They have also asked for those wishing to help, to join their Patreon which was aiming to raise $1,300 a month to help with server and backup costs. As of writing, the monthly goal has been well passed, and donations are currently at almost $2,000 a month.

Here is the official press release from the Libretro/RetroArch team:

  • libeco.png

    Approximately 5 hours ago, we were the target of a premeditated cybercrime attack on our key infrastructure.

    The hacker did the following damage:

    • He accessed our buildbot server and crippled the nightly/stable buildbot services, and the netplay lobby service. Right now, the Core Updater won’t work. The websites for these have also been rendered inaccessible for the moment
    • He gained access to our Libretro organization on Github impersonating a very trusted member of the team and force-pushed a blank initial commit to a fair percentage of our repositories, effectively wiping them. He managed to do damage to 3 out of 9 pages of repositories. RetroArch and everything preceding it on page 3 has been left intact before his access got curtailed.

    We are still awaiting any sort of response or support from Github. We hope they will be able to help us restore some of these vandalised Github repos to their proper state, and also to help us narrow down the attacker’s identity.

    We wanted to clear up some confusion that may have arisen in the wake of this news breaking:

    • No cores or RetroArch installations should be considered compromised. The attacker simply wiped our buildbot server clean, there is nothing being distributed that could be considered malicious to your system. Nothing has happened here and there is no need for any concern.
    • For the current time being, the Core Installer is non-functional until further notice. The same goes for ‘Update Assets’, ‘Update Overlays’, ‘Update Shaders’.

    The IP he was using while doing this was ‘54.167.104.253’, which seems to lead back to AWS.

    We’re still assessing the situation but moving forward, we think that it’s probably best not to go forward with the buildbot server that was compromised earlier today. We had some long-term migration plans for a move to a new server, but this was always pushed back because we felt that we weren’t ready migration-wise. It might indeed be the case this is the catalyst for just starting all from scratch with a new server instead of trying to migrate the old one over. This would mean that the more commonplace builds for Linux/Windows/Android would be immediately available, but all the specialized systems like consoles, old MSVC builds and whatnot would have to wait for later until we have adapted this properly to the new system.

    Lack of automated backups

    How will we restore things

    Regarding the Android / Core Installer situation

 

The PSX-PLACE team wishes RetroArch/Libretro the best of luck in their current situation, and future endeavors.

NEWS SOURCE: www.libretro.com