Blizzard & Hacks - Past, Present, and Future

---

In 1996 Blizzard Entertainment launched a game that changed the history of online gaming. Diablo 1 may not look like much today, but for its time, it was quite revolutionary, and opened the doors for many other gaming companies, who emulated their style of creating games. Diablo quickly became the most popular Online Game for its time, and was announced Game of the Year, from several highly respected Gaming Reviewers. Because of its popularity, all sorts of people flocked to play this game. Because of this, many people felt they had to be the absolute number one player. This lead to cheating, and, like a domino effect, others followed, in an attempt to keep up with the crowd. The first exploit of Diablo I was very primitive, vet devastatingly effective. The exploit was simply put, a way to make multiple copies of any given item. This method became nutorious by the name of 'Duping.' As I said, it was simple, and was done by a player leaving the item they wanted on the ground, walking away, walking back (in an attempt to pick up the item, by clicking on it,) and at the exact moment that the item would be picked up, the player would pick up another item, on their belt. This would cause the game to put the original item in the players Inventory, and turn the Belt item, into an exact copy. This method wasn't extremely hard to do, and simply took good hand-eye coordination at the most. Before I go further with describing the other exploits, it should be known that Diablo I was very lax as far as security goes. The main reason for this, is that the Character files were stored on the Players computer, NOT stored by Battle.net itself. This means that the player could willingly edit the Character Files to their hearts content. The first character editing was not so easy as duping. It involved a person to use a Hex Editor to change the stats. This could lead to corrupted Character files, or other undesired results. Soon after, however, programmers took it into their own hands to make these processes easier. Many Trainers, Character Editors, and other files were made. With these hacks players could easily edit their stats, enable spells that were not intended to be in the game, and dupe, like bunnies reproduce. Thats not all. There were other hacks, in the form of .DAT files, that would allow players to edit the memory of the actual game. This lead to such features as God Mode, Cursor Kill, Town Kill, Game Crashing, and much, much, MUCH, more. With nearly a hundred thousand players, and roughly around 50% of them cheating, Blizzard had to do something, but alas, this game was not built for security. The only thing Blizzard could do was fix a few holes here and there, such as by detecting dupes, and blocking some forms of crashes, town kills, and other various bugs. It was up to other programmers, to create more external programs to stop these hackers. Unfortunatly, the only response were small programs such as Character Scanners. These Scanners would allow a legit player to scan other players in the game to see if he or she was hacking, or had duped items. Many hackers were outraged by this tool, and considered it a hack as well. The truth is, this tool wouldn't even work correctly if the player trying to scan was hacking themselves, moreover, but this tool would never have to be used at all, if people never hacked to begin with.

All the while, another community emerged on Battle.net. The Channel Warrers. The first of these people used simple tools called MassBots, or an IRC based client that would connect to Battle.net through proxies, allowing users to load multiple clones onto the service. With these bots they would attempt to (in IRC fashion) take over other peoples channels. These bots were very inaffective, as, at the time they were widely used, IP sniffing was possible through the Battle.net chat screen. This ended up in Mass Proxy theft, and thus, there were usually only a certain number of massbots on Battle.net at any given time. Nbbot Changed all this. This bot emulated the Diablo I game client, and was much more stable than MassBot. This bot also did not require proxies to use, enabeling many more people to use them. Bots such as this created excess connections to Battle.net, which caused unnessicary lag, and also caused many problems with the Channel system, as entire clans were involved in Channel Theft, as wars raged on, literally 24/7.When Starcraft was released, Blizzard still didn't have any real anti-hacking measures. Channel Warring and Hacking on Diablo continued, and many players feared that Starcraft would be ripped apart by hackers, just as Diablo I was. In the beginning, the only real threat was from Map Hackers, and it remains this way today, as there aren't nearly as many holes in Starcraft, worth exploiting. Channel Warring, however, grew massivly in popularity during this time, and the age of the Warring Clan grew. Clans such as this attracted mainly distrought teens, who were typically social outcasts, and gave them a sense of acceptance, as well as well being, by arguing, flaming, and otherwise making an ass of themselves in a poor attempt to be 1337. Of course, everyone knows, loading an .exe and leaving your computer on and connected to the internet overnight makes you 1337.

Warcraft II Battle.net Edition was eventually released, and was considered in all aspects a flop. Online gameplay was massively unbalanced, and players never did have the urge to return to a game with such horrid graphics. Thus, hacking for this game never really happened, other than the same types of hacks created for Starcraft.

When Diablo II was finally released, Blizzard thought they had much less to worry about. All the holes (or so they thought) from Diablo I, had been fixed in Diablo II, and they claimed from the start, "Diablo II will be completely Hack Proof." More ignorant words were never spoken. Before the expansion was released players had already found ways to Dupe once again. I myself unfortunatly found, and distrubted just such a method. Trainers however, never were an issue, as this time around, Character Files were stored on Battle.net Servers. Along with this, the Character was saved every 5 minutes while in a game. This allowed the server to perform security checks on these characters. Obviously, if a character magically gains 35 levels in 5 minutes, something is wrong. Of course, this activity never truely panned out, and players only hopes of leveing up quick was by doing Cow Runs. When the expansion was released, all hell broke lose on the gaming community, once again. Many programs were made to cheat, such as Trade hacks, Map Hacks, and even Packet Editors. The peak of hacking occurred during the summer of 2001, when Duping was made so easy that over 10,000 people would be duping at any given time. This caused many problems. The most obvious to other players was the massive amounts of lag created. And the more underlying damage it caused was the effect on the economy, as it was literally ruined. The value of the "Diablo II Dollar" was lowered to such an extent that it rendered legit players unable to compete. It was of course, because of these exploits, it was in Blizzard's best interest to seal these cracks, and as soon as possible. It seemed however, that every time Blizzard would close a crack, another would pop up, usually within 24 hours of the initial fix. This cat and mouse game continued for many weeks, as the economy and lag worsened, many players became annoyed and left the Diablo II scene for good. While these rampant dupers were in action, Blizzard quietly employed their anti-dupe technology, rightly named by the community as Dupe Scan®. This scan would detect all dupes in a game, and delete all but one. This would take effect after a player had already left the game. Of course, by doing this, it also affected many legit players, as they were never quite sure if they were trading for a legit item or not. And of course, if they did in fact get a duped item, it may be deleted without warning at a later time. Blizzard did not activly delete accounts of users who duped, and avoided using the word "Dupe" at all costs, as if embarassed by the whole sequence of events that unfolded right before their eyes in literally a matter of a few weeks. Shortly after duping was curbed, a new form of hacking came into play. Chest hacking. This basically let a player 'virtually' open a chest as many times as they wanted, dumping unlimited amounts of items, all of which were given a unique ID, which would NOT be detected by Dupe Scan. Blizzard sat back and watched for a few days this time. The thousands of players using this hack were not the least bit suspicious by the fact that Blizzard was seemingly doing nothing about it. By this time game patches were rare, and many players thought Blizzard was done with Diablo II any ways. Blizzard howerver, was up to something rather sneaky. They developed a method for 'tagging' accounts, which told the servers, upon login, what the players had been up to. Not only that, but instead of patching the Chest hack, they devised a way to detect it. After a player was detected to be using these hacks, their account was flagged, and would later be deleted. Because Blizzard had the sight of mind to detect rather than destroy hacks, it gave them a greater advantage by being able to punish those who were using the hacks, and thus, elinating those who would have simply shunned hacks being patched, and move on to other methods. In the end, over 7,000 accounts were deleted because of Chest hacking, and this was Blizzard first true stance in their war against Hackers.

During this time, Channel Warring had reached its peak, as new bots were out, allowing players to load not Just Diablo clients, but Starcraft, Brood Wars, Starcraft Shareware, Spawns of them all, and Diablo II bots. Shortly before Warcraft III was released Channel warring was shut completely down when Blizzard took away ops in Private Channels. This made loading tons of bots (and wasting ram) pointless.

Also during this time the Warcraft III Beta was released. Due to the similarities in the packets of Diablo II and Warcraft III, many creative players were already began devising hacks, and were meerly awaiting the official release. These hacks however, never came to pass, and once again, the only real hacks for this real time strategy were map hacks. This time, however, Blizzard took the same stance once again, by not stopping the hacks, but lying in wait, collecting the accounts of those who used these hacks. When they felt they had had enough, they unleashed their fury. First, around 4,000 players were banned. And then, over 20,000 (20,504 to be exact) players were banned. If this were the days of Diablo I, that would have been nearly one fifth of their gaming community. Now, it is closer to one fifteenth, which is still, quite a large percent of their community.

While large scale Warcraft III and The Frozen Throne hacks never surfaced, maphacking became a problem, just as it was for Starcraft.

Beginning in around February of 2003 the Diablo II hacking scene again rose, this time on several fronts. Botting became a very popular method of obtaining items or experience. These bots allowed players to automate the process of doing redundant tasks such as Mephisto runs, Pindleskin runs, Countess runs, cow runs, and item buying. It allowed players to leave their computers on for hours or days on end doing these tasks while they did nothing. They reaped the rewards of doing these tasks without actually doing them. Along with this, hacked items became widely popular. Many rumors surfaced as to just how these items came about, many players claiming they were actually dropped with godlike mods, while still others claimed they were brought on to the realms via an exploit that allowed open chars to join games with realm chars. Both of these explanations are extremely unlikely. Along with these hacked items came droves of spam bots into the channels. These bots would sit and spam every few seconds a website that would sell hacked or duped items. A user could hardly join any public Diablo II channel without a colorful message appearing telling them how godly they could become. Apparently the pressure was too aluring for some people, as hacked items spread like wildfire and were be using on hundreds of thousands of characters across the realms. Many legit players complained that the game became pointless and far too easy with the use of hacked items. Trading was in effect ruined as the trade channels were full of spam bots and otherwise people who only wanted to trade hacked items. Those who used these items complained that the game had become boring, and using these items brought new light to the game. They felt that by being having these hacked items it stood them out from all the other players, they felt powerful. Yet in reality, so many people were using hacked items that it only made them equals, leaving legit players behind. Thus, they made the only possible explanation about this that could have existed. Elite players used hacked items, newbies and lamers used real items. The truth of course would have been just the opposite.

On June 10th Blizzard surprised many by banning 112,000 Diablo II accounts for maphacking. Many people thought maphacking was undetectable as the map files are stored client side, and many speculated that it was a scare, no one was banned, or even that they simply randomly picked accounts to ban. Of course those caught cheating claimed they had never even downloaded any form of maphack.

Three months later, on September 30th Blizzard again took a strong stance against hacking by banning a massive 403,000 players. Of which 276,000 were Starcraft accounts, 86,000 were Diablo II accounts, and 41,000 were Warcraft III accounts. Of the Warcraft III accounts banned, 14,000 were banned from Ladder play for a month, and 2,000 were banned permanently. Along with this ban came a warning of retribution to those who hack in the future. Blizzard had flagged the CD-Keys of those banned, making sure repeat offenders would be caught and punished more severly.

In the weeks before the Diablo II 1.10 release, members of the Blizzard team gave subtle warnings to a server side check of items, this system was dubbed Rust Storm. Again, many players claimed it to be nothing more than a hoax, while many other hacked players payed no mind, playing the same way they had for months. On the other side of the table, legit players were gaining confidance that once again the realms would be pure.

On October 24th, the following news message was posted on Battle.net and Blizzard.com:

From the Cold Plains to the Highlands of Harrogath, Sanctuary shall soon be swept by a zephyr of cleansing magic -- the prophesied "Rust Storm."

For too long, legitimate players have suffered the injustice of illegitimate players who use tainted items from otherworldly dimensions. All that’s been taken for granted is about to change in the Realms of Battle! Those freed from the corrupting powers of the tainted items shall feel the sting of loss...for the Rust Storm knows no mercy, and no one is sheltered from its fury!

Fair warning to all!

- Town Crier

With this message everyone seemd to agree that the patch was comming within the next few days. And on October 28th the patch was finally released, more than a year after the last installement 1.09D. With this patch, Rust Storm wiped out a great majority of hacked items. While a few still remained, at least most were simply deleted. Version 1.10 also brought a new light to the game, as this patch was considered to be half of an expansion, adding new items, cube recipies, rune words, and skill point synergies. While many rejoiced at the change, many others complained, or stopped playing altogether, as they were unable to cope without their hacked items.

With new technologies come new hacks, and only time will tell exactly what young programmers will have in mind to ruin the fun for others. There are two options as to what may lie in hold for the future of Blizzard. Number one, Blizzard will stand by their Anti-Hacking policy, and that they will be very proefficient in not only punishing those who hack, but deterring potential hacks. Or number two, they will, in their attempt to block hacks, drive them all underground, where only 'privlidged' players are given these hacks, and in which case, could cause more of a disruptance to the system by having an advantage over everyone. At the very least, we can finally say Blizzard and Battle.net have gained control over their own system, and returned the fun factor for all those attempting to find a relatively cheat-free gaming experience.

Updated Tuesday November 6th, 2003.

- Lethal

---

Categories: