Cyber Incident Victim: Players of the Among Us Android game
Date:
Oct 2020
Location:
United States of America
Summary
The wildly popular mobile game Among Us experienced disruptive attacks involving bots spamming players with ads and promotional messages under the name Eris Loris, rendering gameplay unplayable by flooding servers. The developer, a small team overwhelmed by the game's explosive growth, implemented an emergency server update to identify and remove malicious actors, acknowledging legitimate players might also be affected. These incidents highlighted ongoing security and scalability challenges, including frequent breaches, server instability due to traffic spikes, and rampant cheating. In response to the issues, the company canceled plans for a sequel to focus entirely on improving the original game's infrastructure and addressing security vulnerabilities while urging users to play privately with trusted individuals.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In late October 2020, the Android version of Among Us experienced sustained disruptive attacks orchestrated by an entity identifying as Eris Loris. Beginning around October 24, malicious actors deployed bots that infiltrated public game servers, spamming players with intrusive advertisements promoting a YouTube channel and Discord server under the Eris Loris name. These messages included threats to "blow up your phone" and concluded with a "Trump 2020" political endorsement. The attack rendered games unplayable by flooding chat interfaces, with players reporting on the Among Us subreddit that nearly every public match they joined was compromised within 10-30 seconds. One user documented attempting over 40 consecutive games without finding a functional server. The game's infrastructure, originally designed for smaller audiences when released in 2018, struggled under both the attack and its recent explosive growth—Among Us had reached 83.8 million mobile downloads in September 2020 alone, a 40-fold increase from September 2019.
Developer InnerSloth, a three-person team consisting of one programmer, one animator-designer, and one artist, responded on October 25 with emergency server updates. Programmer Forest Willard implemented measures to identify and automatically disconnect malicious bots, acknowledging legitimate players might also be removed as collateral damage. The team characterized this as necessary "emergency maintenance" for the "greater good." Prior to the fix, InnerSloth had advised users via Twitter to play only in private games with trusted individuals while working on solutions. The incident compounded existing scalability challenges, including server crashes in early October from traffic spikes and widespread cheating reported on community forums. These operational pressures led InnerSloth to cancel plans for Among Us 2, redirecting all development resources to overhauling the original game's outdated codebase to better address security and capacity issues. The attacks highlighted tensions between maintaining the game's viral appeal and implementing structural changes to combat escalating threats.