The multi-player shooting game Rainbow VI: The Surrounding server has recently been subjected to malicious invasions, hackers using their internal systems to violate and/or block the player ‘ s account, tamper with the game ‘ s regulatory information and illegally distribute large amounts of virtual money and restricted accessories to the global player ‘ s account.
According to the game screenshot provided by several players, the attackers were able to:(b) The arbitrary ban or unsealing of the account number of the player of Rainbow VI: A siege; the publication of a false ban on the scrolling of prohibited information; and the distribution of approximately 2 billion R6 points and prestige values to all players;
The R6 point for the unlocking of the entire gaming gamut (including the exclusive skin of the developer) is an advanced virtual currency sold in real currency by the store. The 2 billion points issued this time amounted to approximately US$ 13.33 million, converted on the basis of official prices (US$ 99.99 million). Everything in the game is unlocked. Last Saturday, at 10.10 p.m. local time, the attack was confirmed by official account X of Rainbow Six: Surrounding, which indicated that she had been informed of the anomalies affecting the game and was being dealt with urgently. She then voluntarily shut down the game server and the built-in mall, stating: “The team is working hard to solve the problem, the Rainbow VI game and the mall have been actively closed”.
In the latest bulletin, Nubita made it clear that no penalties would be imposed on the number of illegal points that the player had already used, but that it would roll back all transactions after 1100 UTC time. Nubby also clarified that all tips shown in the ban on information were forged and that the functionality had previously been disabled. Currently, the game server is still offline, and no official incident statement has been issued and no media queries on the path of the invasion have been responded to.
(Closed Information Bar)
The Cybersecurity Research Organization VX-Underground revealed that several threat organizations claimed to have hacked the Nubian server using the recently exposed MongoDB loophole “MongoBleed” (No. CVE-2025-14847). The loophole allows the assailant to read the MongoDB case memory data remotely, obtain the certificate and authentication key, and the relevant concept validation code is publicly available.
Four separate groups of threatening actors were reported:Allegedly using the MongoBleed loophole to infiltrate the Git warehouse in Phuby, stealing a large number of source code files from the 1990s to the present, 3. Allegedly stealing user data through the same loophole and attempting to extort money from the Quay 4. There is no public evidence to support this assertion, including whether the MongoDB loophole was used, whether the source code was leaked and whether user data was stolen, to the extent that the second set of access rights already exist. She only confirmed the manipulation of game data in Rainbow VI: The Curse.