World of Warcraft Anti-Cheat Measures

World of Warcraft Anti-Cheat Measures are coming in full force. Here’s what you need to watch out for, in the coming months. Think of it, as a method in which Blizzard-Activision is using to step up its game and improve upon it’s Warden technology.

World of Warcraft Anti-Cheat Measures

Unfortunately it looks like Blizzard has begun testing and deploying a new obfuscated version of the WoW binary (currently on the PTR). Perhaps ending support for Windows XP opened up some new opportunities for improved countermeasures against reverse engineering. In a way, I’m happy to see them finally making a move to reduce the amount of cheaters in this game, but how far will they go?

World of Warcraft Anti-Cheat Measures

OBFUSCATION

Early indications show an obfuscation pattern similar to Overwatch, which was bypassed early on before being taken down. So at the very least, we might start seeing unpackers akin to StarCraft II and Heroes of the Storm. I have no reason to believe that any internal data structures would change but I would not be surprised to see some nasty tricks being implemented to protect the object manager. If not now then perhaps in the new expansion. We’ve seen this before with Legacy of the Void.

ANTI DEBUGGING

Next, and while I haven’t tried this myself, there are reports of anti-debugging capabilities being implemented as well. This means that attaching any sort of debugger will end up crashing the client or otherwise locking it up. As a result, we might have to come up with new strategies to get around this. Perhaps we’ll have to revisit the strategies used by the SC2 and HotS community.

buy private proxies

TRAP PAGES

Until we get more information, I’d avoid performing any unprotected memory scans including any unbounded cheat engine scans. Thanks to Overwatch, we’ve seen trap pages being implemented which resulted in a client crash. So we know it’s a technique they might be using to ban cheaters and cheat developers with. Regardless, it’s always a good idea to protect your memory scans.

DLL INJECTION

As always, be careful with this one. Writing to memory is dangerous enough let alone importing code and spawning threads. I never liked this technique but if you must use it then at least wait for the dust to settle before injecting anything. While I’m not sure we’ll see HWID bans in WoW, they have been strictly enforced in Overwatch and you could end up losing all your accounts!! I did when I foolishly injected DLL’s in Overwatch. Not even in-game just on the login screen.

THE FUTURE

The future of cheating in WoW depends entirely on how far Blizzard is willing to take this. Despite the advanced security of Overwatch, the community has been quite resourceful in counteracting it, so I have no doubt that we’ll continue seeing big-name bots continue to bypass and succeed. As for the small players such as myself. Unless we’re able to keep up, it might be time to find a new hobby. Regardless of what happens, I’m surprised we’ve held on for this long without any significant changes to client security.

PTR CLIENT

For those looking for the PTR binaries, you may download them via the links below. They’ll be up for 30 days before they expire so grab ’em before they’re gone! (And maybe re-upload them somewhere more permanent).

Thanks goes out to Torpedos of YetiBots for this information on World of Warcraft Anti-Cheat Measures.


Leave a Reply

Your email address will not be published. Required fields are marked *

css.php
X

Forgot Password?

Join Us