The meteoric rise of the game Among Us appears to be outpacing its developer’s ability to keep up with malicious actors. On Sunday night, a specific ongoing attack forced InnerSloth, the company behind the game, to hastily roll out an update designed to kick bad actors off the game’s servers — likely along with some innocent players as well.
Among Us takes place in a space setting, where some platers are “crewmates,” and others are “imposters” that live among us. As crewmates prepare their ship for departure, they must locate and eliminate the imposters before they’re taken out themselves. It so far has 5.3 million downloads on Google Play alone.
InnerSloth is asking for patience while the company addresses this and other ongoing security concerns. InnerSloth is run by a three-person team consisting of one developer, one animator and game designer, and one artist. The game was released almost two years ago, but thanks to a long summer spent largely under quarantine its audience has exploded over the past few months.
Eris Loris Takes Over Among Us
This most recent round of attacks spammed players with ads from a player named Eris Loris, rendering the game useless. Players flooded the Among Us subreddit to report the activity.
“So far every single server I’ve joined is hacked by Eris Loris today,” one user with a NSFW handle name wrote two days ago. “I have tried maybe 40-plus games. Not a single one wasn’t hacked within 10-30 seconds.”
The breach uses bots to overwhelm the game with messages promoting a YouTube channel and Discord operated under the name Eris Loris, threatening to “blow up your phone,” and concluding with a “Trump 2020” endorsement.
Among Us Server Update
Forest Willard, InnerSloth’s resident programmer, announced a server update Sunday night that tries to identify bad actors on the game and kick them out before they cause trouble. But the move comes with a downside, some players might get kicked off inadvertently, which Willard added in a tweet is for the “greater good,” that players should view as “emergency maintenance.”
“The reason I didn’t roll this update out sooner is that I was afraid of false positives: You totally might see the game think you’re hacking when you’re not,” Willard said in a subsequent tweet. “I’ve done my best to find this kind of bug, but my hand is forced this time.”
Threatpost wasn’t able to contact the person behind the Eris Loris breach by the time of publication, but he told Kokatu he attacked Among Us because he thinks it’s funny to rile people up. He added that the blame for the damage to the game falls on InnerSloth and the team’s inability to scale up quickly enough.
“Among Us may be a small developer team, but that’s not my fault,” he added. “The game is at a scale bigger than most games. There is nothing stopping them from getting more developers, so the ‘it’s three people’ reasoning means nothing to me.”
Can Among Us Scale?
InnerSloth’s recent record might back up Eris Loris’ point about scale. A scroll through the Among Us subreddit shows breaches on the game are frequent, in addition to rampant cheating.
In early October, a massive spike in traffic kept shutting down the Among Us servers, according to Screen Rant.
But that hasn’t stunted the game’s growth yet. Among Us was the most downloaded mobile game in the world during September, with 83.8 million installs, according to SensorTower, which added that’s 40 times more than the same month last year.
And just last week New York Representative Alexandria Ocasio-Cortez went live on Twitch to play Among Us and promote voting, an event that drew in 435,000 viewers just to her stream alone, TechCrunch reported.
InnerSloth is in a bit of a pickle here. If the owners make major changes to the game, they could ruin the magic that made it explode in popularity and drive away the audience. If they leave it as-is, malicious actors could drive away players.
Prior to the new fix, InnerSloth posted on Twitter that it is “…super duper aware” of the issue and reminded users to, “Please play private games or with people you trust!!! We’re doing what we can!!”
We're are super duper aware of the current hacking issue and we're looking into it. We will be pushing out an emergency server update so people who are in game will get kicked from games. Please play private games or with people that you trust!!! Bare with us!! 😰
— Innersloth (@InnerslothDevs) October 23, 2020
While InnerSloth works out the security bugs on Among Us, the company has decided to delay the release of its sequel, Among Us 2 and instead work on improving the original.
“The main reason we are shooting for a sequel is because the codebase of Among Us 1 is so outdated and not built to support adding so much new content,” InnerSloth said in a recent blog post. “However, seeing how many people are enjoying Among Us 1 really makes us want to be able to support the game and take it to the next level. We have decided to cancel Among Us 2 and instead put all our focus into improving Among Us 1.”