On Botting, Cheating, And DDoSers

https://labsblog.f-secure.com/2016/12/07/on-botting-cheating-and-ddosers/

http://labsblog.f-secure.com/?p=2253

On November 10th 2016 Blizzard enacted a “ban wave” on thousands of World of Warcraft accounts for “botting”, a term widely used to describe using third party programs to automate gameplay. Technically it wasn’t a “ban wave” – the accounts in question received between 6 and 24 month suspensions based on how often they’d been caught botting in the past. This is the first action they’ve taken on cheating since the August 30th release of the latest expansion, Legion.

Bots in World of Warcraft are used for a variety of cheats, all of which impact legitimate players fairly heavily. What might surprise you is that botting, and cheating in general, is extremely common. Left unchecked, it can proliferate to the point of ruining an entire franchise.

Diablo 3, another game published by Blizzard entertainment, was, for all intents and purposes, destroyed by botting. During 2015 it became apparent that a large percentage of the player base were botting their characters. Even some high-profile “celebrity” streamers were known to bot “off camera”. One streamer, who’s account averaged over 22 hours gameplay per day since the launch of the game’s “Seasons” mode explained that his brother “Chris” was playing on his account when he wasn’t. He was eventually caught, and lost his account, only to immediately buy a new one and continue to bot. To this day, bots are still often referred to as “Brother Chris”.

In another example of just how widespread the problem was, here’s a video of one player who forgot to shut off his stream before starting his bot software and leaving it running, all night, for the world to see. At the time, he was one of very few people to actually lose their accounts.

A multi-bot setup

A WoW bot farm in action. (Source: https://wowbotfarm.wordpress.com)

Botting in Diablo 3 went unchecked for so long that many players came to the conclusion that there would never be any repercussions for doing it. This empowered more and more players to follow suit and start cheating. The snowball effect grew to the point where it was estimated that way more than half of all players were botting and using other cheat software. As cheating went from niche to mainstream, it became a de facto requirement for playing the game competitively. The problem was so bad that several high-profile Diablo 3 players got together and wrote an open letter to Blizzard. Although Blizzard acknowledged this letter shortly after it was posted, botting continued unabated for months later.

A well-known streamer, MannerCookie, posted this video on youtube showing what bots are capable of. If you’ve never seen a bot in action, I recommend watching the video – it’s quite astonishing how sophisticated they are. What’s sad is that MannerCookie actually received an account ban for making this public service announcement.

Blizzard eventually enacted a ban wave in Diablo 3, but long after I, and all of my friends, had given up on the game. I’m pretty sure Blizzard were stuck between a rock and a hard place on the bot issue. Ban all the bots and you lose more than half of your player base. Don’t ban them, and you slowly lose regular players, trust, and legitimacy. The fact is, the problem shouldn’t have persisted, unchecked, for as long as it did.

With Blizzard enacting ban waves on an infrequent, almost regular-as-clockwork basis, most botters simply buy new accounts and continue where they left off. Last night, just hours after the ban wave, I spotted several bots in World of Warcraft, happily doing what they’ve always being doing. I reported them, but I wouldn’t be surprised to see them over and over again.

Visiting the forums used by botters after a ban wave gives me insight into the psyche of these folks. What’s obvious is that many of them feel incredibly entitled. They claim it’s their right to bot. I saw one kid go ballistic about the fact that he didn’t have time to play all of his eleven, yes, count them, eleven different Warcraft accounts without the use of a bot. He went on to state, in no uncertain terms, that he was going to sue Blizzard for the action they had taken on his accounts (which, of course, I’m sure he didn’t).

Given that cheating is surprisingly widespread, and to many, perfectly acceptable, an entire culture of self-entitled habitual video game cheaters has sprung up. In these social circles, cheating at video games is just the first step on a path that leads to even more anti-social behavior. More often than not, these same self-entitled kids, once caught in the act of breaking terms of service, will lash back at Blizzard with DDoS attacks sourced from the same readily available services of the folks I talked about in my last post. Every time Blizzard swings the ban hammer, they know they’ll need to brace for DDoS attacks. And those attacks affect everyone using Blizzard’s services. This cesspool of low moral ethics hurts legitimate gamers, the games they’re playing, and games companies themselves. And companies like Blizzard need to spend significant resources on cheat detection and DDoS prevention just to keep on top of all of this.

Often parents ask us what their kids are getting up to in the Internet that they don’t know about. This might just be one of those things.


This article was originally published on Huffpost Tech UK.


Tagged: DDoS, Kyb3r, Script Kiddies, WoW

A Joint Centre To Combat Hybrid Warfare Threats

https://labsblog.f-secure.com/2016/11/24/a-joint-centre-to-combat-hybrid-warfare-threats/

http://labsblog.f-secure.com/?p=2233

Helsinki will host a new centre focused on curbing the growing threat of hybrid warfare according to recent reports. Disinformation and fake news is considered “hybrid warfare” in this context.

YLE Uutiset 2016-11-21

The proposed annual budget is reportedly estimated at two million euros.

I think… they’re gonna need a bigger boat.

You"re gonna need a bigger boat

Fighting against hybrid warfare disinformation will be extremely challenging in today’s media landscape. Disinformation for profit, a.k.a. content farming, as well as good old fashioned misinformation, coupled with the average individual’s inability to make any real critical distinctions, provides a huge amount of cover for politically motivated disinformation.

And how bad is the average individual’s ability to tell real news from fake? Stanford researchers recently evaluated students’ ability and described the results as…”bleak”.

From NPR.

NPR 2016-11-23

It’s a surprise to me that researchers would be shocked but the results of their study – but then, I spent a many, many months studying cost-per-action social media spam on Facebook years ago. Fraudulent links using supposedly scandalous video bait of one sort or another spread rapidly, and millions upon millions of people clicked the links. Repeatedly. Why would scandalous “news” be any different?

Is education the answer?

Education Week 2016-11-01

I’m never against a good education. But it’s not going to fix the problem.

As long as media continues to hunt for “viral content” in its increasingly desperate search for advertising revenues – disinformation and misinformation will continue to exist and flourish. And as long as it does, there will be able ample enough cover to provide political actors plausible deniability.

The new Helsinki joint centre has its work cut out for it.


Tagged: Disinformation, Kyb3r