In the world of competitive gaming, fairness and integrity are paramount. The PUBG Mobile World Invitational (PMWI) tournament, one of the biggest events of the year, has recently been marred by allegations of hacking and manipulated voting. Players and fans have expressed their concerns about the authenticity of the voting process, calling for transparency and immediate action. Let's delve deeper into the issue and explore the claims made by participants, the discovered vulnerabilities, and the response from Tencent, the organizers of the event.
Allegations of Hacking and Manipulation:
On May 29th, Ngx.raouf, a prominent figure in the PUBG Mobile Arabia region, voiced concerns about the PMWI voting system. Ngx.raouf claimed that the voting process had been hacked, allowing individuals to send an unlimited number of votes to specific teams. This raised suspicions as certain teams received an overwhelmingly high number of votes in an incredibly short period, which seemed implausible even with substantial influence. Ngx.raouf expressed disappointment in the lack of an official response from Tencent or esportspubgmobile regarding their efforts to combat this issue. The legitimacy of the PMWI, a prestigious tournament, was called into question, as fairness should be the cornerstone of any qualification process.
Vote Numbers and Exploited Vulnerability:
The vote numbers further emphasized the concerns raised by Ngx.raouf. On May 28th, R8 esports received 30,000+ votes, Kurd obtained 120,000+, and Ngx amassed 100,000+ votes. However, within a day, the numbers significantly increased. On May 29th, R8 esports reached 200,000+ votes, Kurd garnered 240,000+, and Ngx climbed to 161,000+ votes. Such dramatic surges in vote counts in such short periods seemed highly suspicious.
During this controversy, joyboy(coach & founder of Panlab) discovered a potential flaw in the voting website's security. The method being utilized, known as the GET method, was identified as a means of transferring data via the URL. joyboy claimed that this method made it susceptible to manipulation, enabling new votes with each click. Expressing concern over the vulnerability, joyboy suggested that greater attention and resources should be allocated to securing the voting system, as not all teams and fans can be assumed to be honest. Exploiting such vulnerabilities, especially with considerable stakes involved, jeopardizes the integrity of the tournament.
Response from Tencent:
Following these allegations and concerns, Tencent, the organizer of PMWI, provided an official response to address the situation. They acknowledged the monitoring of invalid votes in the PMWI ALLSTARS Vote event and assured the public that all entries would be verified once the voting concluded. Tencent emphasized their commitment to ensuring the integrity of the event and stated that the current data displayed on the event page was not final and subject to change. They appreciated the support and patience of the community during this process.
The PMWI All Star voting controversy has highlighted the urgent need for robust security measures in online voting systems. The allegations of hacking and manipulation, combined with the significant surge in vote numbers, have put the integrity of the tournament at stake. Participants and fans rightfully demand transparency and fairness in the qualification process. While Tencent's response assures that invalid votes will be removed and the final numbers verified, it is crucial for the organizers to address the security vulnerabilities identified by users. By rectifying these flaws and implementing stronger security measures, the PUBG Mobile community can regain trust and confidence in the fairness of future events. Only by ensuring the integrity of competitive