DDoS & 0-Day Attack Techniques

In several games I’ve played in the last 2 days, I’ve encountered 0-Day attack techinques deployed by the enemy team followed by DDoS.

These games were played using the Quick Match feature.

In all games, my team was winning by a large margin. Several enemy team members appeared to be unequally matched (bronze level under 10 in silver and higher games).

During the last 30-60 seconds of the final round, my character and fellow teammates were ported around the map spontaniously on both the X and Y axis.

Chatacters that were unable to move significantly along the Y / vertical axis (e.g: Reinheart, Moira, Mei) were observed to spontainiously move along those paths.

In other instances, I exited spawn following one path, and was diverted back to spawn in reverse, folowing a distincly different path.

The retroative path did not follow the shortest straight line to the spawn while avoiding immovable / impentatrable objects, but was a newly created organic path.

After repeatedly attempting to participate in the game and regain control of my character, I’ve noticed my network connection suddenly fail.

Following this failure and upon immediate reconnect, I am not connected back to the primary game. Instead, I’ve been alternately directed to the “Find Group” menu selection, the Main Menu, and the Quick Play class selection screen.

As usual, I’ve ruled out internet network interference and GPU / CPU performance.

The game runs as it should except in encounters with select enemy teams under the circumstance that they are losing by a signifgant margin and contain one or more members of a notably lower level than normal (typically 1-10 range).

I’ll be avoiding playing for the time being, as I’d prefer not to get banned over repeated disconnect. However, I wanted to make the community aware of this issue.

Sounds pretty serious. Can you send a replay?

Replay or it didn’t happen.

I mean, unless you have a replay code to share or some other evidence this sounds pretty bogus as tons of people play this game and nobody else is reporting anything remotely close.

I don’t think this is an attack, I think this is something horribly wrong with your personal internet connection.

OW is almost completely free of DDOSs (on PC at least) because it’s client-server, and there’s no way for the attacker to know your IP.

Solid 5/7 troll post.

Going to debunk any speculation right now. Overwatch is a peer-to-server game, this means the server, not any player’s console or PC is responsible for tracking the movements and status of all entities in the game, the game clients merely try to anticipate and interpret that information in advance. Unless the entire datacenter is getting DDoS (and Blizzard has a lot of firewalls in place to prevent this), it is impossible to target a specific player and knock them out. Instead, symptoms like increased latency, character teleporting/jumping, or abilities being recalled/refunded is often a sign that you are subjected to connection problems that can happen between you and the game server and requires appropriate troubleshooting(PC or console.

There is one exception to being directly attacked and that is specifically with Xbox One consoles. Now there is an issue with Xbox players, where if you receive and accept an Xbox Live party chat invitation from a player you do not recognize it, they can exploit your own IP address and then you could be subjected to DDoS attacks until you change your IP address with your Internet Service Provider. This problem is NOT associated with Overwatch or Blizzard Entertainment. Microsoft is working to resolve this by changing how their party system works overall. In the meantime, only use the in-game voice chat system for Overwatch and avoid accepting requests from players you do not know.

Here is Blizzard Technical Support Drakuloth’s full explanation:

I’d like to also throw in that I’ve noticed some of the issues the OP is describing when I had lag spikes in my personal connection. In particular, the part about being dragged backward to your previous location. Big lag spikes of over a second, or lag spikes affecting upload but not download, can cause really strange behavior.

My worst lag spikes and the ones causing the strangest behaviors were due to my roommates saturating the house’s upload.

I have had my fair share of latency overloads. Believe it or not, I have what is consider “substandard internet” by modern-day standards (10 mbps download/1mbps upload. (Hint: Don’t move to Wyoming people, our technology sucks.) I find it nothing but a small miracle that I can play Overwatch. That being said, if anyone in my household uses any other internet service, or if a program tries to update, I start to choke.

I mean, I can believe a ddos attack, but not other players taking control of your characters.

It honestly sounds like there was a huge lag spike cause by either your own internet or by nefarious means, which caused a lot of warping around.

Is it that bad where you are? I remember my connection being decent enough in Riverton.

Also curious how your latency is as I’m stuck with 95 ms in Idaho and that seems unreasonable.

Ole boy’s NIC isn’t configured for gigabit+ connections, dollars to doughnuts on this one lol

I will say, I find it pretty funny they reference “zero day” attacks lol.

Are you living 10 years in the past? lol (also from Wyoming originally)
I remember my buddy getting 56k and it was the bomb (for Halo)

59 to 65 to Chicago servers assuming no problems. If I feel like I want to play on Los Angeles servers, I can activate my VPN and only sacrifice about 5 more milliseconds. This is why I often debunk the “I GOT 1 GIG BANDWIDTH” theory when people complain about Overwatch specific disconnections.

I sit between 80-120 in Hawaii

Yeah, it’s funny how different they can be. I used to have DSL with less than 1/10th my current download speed and even less upload, and I had 55-65 latency then. The cable modem is absolutely ridiculous when it comes to game downloads, though. Multi-gig games happen in like, one minute. It’s crazy.

I think the realization with how much bandwidth I really have came when I was messing around with refitting my house for LAN, and I had some connections that only worked at 100 mbps. I was like “well who ever uses more speed than that, really”, but the I realized that would actually throttle my internet connection.

That is normal, you are more than 2,400 miles away directly from Los Angeles, and who knows what hubs you still have to pass through to connect. Hawaii sadly is known for being a not ideal state for online gaming. (It’s one reason why there is a huge fight and dance arcade-game following on the isles.)

Mitrovarr, have you tried using a VPN to see if that optimizes a connection to a game server. VPNs are a hit or miss, but for a situation like yours, it might prove useful. The idea of a VPN is to connect to the nearest server hub provided by that VPN then it goes through a far more optimized connection route to the service you are connecting to.

Express VPN is a good service and offers a free trial.

No. VPNs giving a better ping doesn’t make sense on paper, but it could be that my connection is just taking a particularly terrible route to OW’s servers. I might try it someday as I feel like 95 latency is a huge issue in the way of me ever improving (in particular it makes me act as if I have terrible reaction speed when I don’t think I do).

I don’t have a terrible ping otherwise so I probably should give that a try.

Cant say ive experienced this

And if there was a problem, i would know it because SA servers are the worst and will be the first ones to die whenever something happens lol

It’s more about your personal internet connection. Like I said, when it happened to me, I was getting lag spikes over 1500 ping and it was all in my upload. My roommate would automatically upload his entire phone’s photo gallery when he got home, so he’d get back from some ultra run and just completely blast the upload of the entire house.

It’s a little tricky to cause because you need the other end of the connection to be able to accept your total speed as input, which is why this is a bigger issue than it was ten-twenty years ago (as server farms have drastically improved).