Rainbow Six: Siege was seen as a welcome return for the long-dormant franchise, and was described as a “fresh take on tactical shooters” in its Digital Trends review. Unfortunately, there’s evidence that players might be putting themselves at risk of a significant security breach by engaging in online multiplayer matches.
The game makes use of dedicated servers to host online matches between players, but implements peer-to-peer connections for voice chat. As a result, it’s possible to use a packet sniffer to gain access to the IP addresses of every player in a particular session, according to a report from Ars Technica.
These issues were flagged by players taking part in the game’s beta last year, but apparently were rather far down the laundry list of tweaks that Ubisoft had on its plate. In February, the studio noted that IP privacy was a “priority” but admitted that the fix was proving to be more difficult that expected.
In March, the game’s 2.3 update seemed to bring an end to the issue as the company claimed in patch notes that it had “applied IP protection in order to help protect our players’ information.” Unfortunately, as recently as this week, players have taken to Reddit to state that the security flaw has not been taken care of.
The repercussions of malicious players gaining access to your IP address can spell big trouble. At best, a frustrated opponent might use a botnet attack to disable your Internet access and kick you from the game — but there are much more serious forms of distributed denial-of-service, or DDoS, attack that can be carried out using the information.
Ubisoft certainly isn’t having much luck with bugs and exploits at the moment. While the issues affecting Rainbow Six: Siege are serious enough, the studio’s much-touted Destiny-killer The Division has been torn to shreds by hackers and cheaters since its launch last month.
