Rename your title thread to Criminals, instead of trolls.
It is criminal act to invade, infect or disable other people’s computers without their consent.
If I went to prison for selling white powder to a few rich middle aged white men on the North Shore of Long Island (which is a consensual act between me and them), he can go to prison to a non-consensual assault of hundreds of thousands people’s property (your computer is your property, and many of the victims are under the age of 18).
“Oh he’s just abusing a security vulnerability,” which is like saying “The tech-guy left your front door open after cleaning your computer, so I walked in and hit it with a sledgehammer, so it’s the tech guy’s fault.”
Throw the book at him
If he’s willing to harm hundreds of thousands of non-consenting people over a balance change to their favorite custom map, what do you think he’d do if something personally sleight him.
2 Likes
lol I live on the north shore of Long Island so what you said checks out
2 Likes
As I said in the other thread a virus can be imported in a map like any file. But it cannot be executed from the map or game. Now since downloaded maps are cached in some folder on your drive, idk if anti-virus program can detect a virus that is inside a map. But the problem you are discussing is different type, it isnt a virus file imported. I don’t really enter custom maps on bnet to know or to have this prob. I speak theoretically but to not mud the waters or cause confusion I think this other post may be explaining it well
a detailed explanation:
https://gist.github.com/Talv/d8d3f399e21648c03c96d0c9dbd9d9b8
1 Like
I hope you read the whole thread. Since the very start i was concerned about security issues regarding this attack, and some mentally ill people are accusing me of “spreading lies and fearmongering” on this forum. I’m glad Leviathan appeared and clarified certain things.
1 Like
Talv made a very detailed post on reddit explaining exactly (Technically) how the exploit works, and yes they can grab your ip (they actually had a pastebin with everyones ip listed, but it was removed), but so far its unlikely they can actually do RCE, who knows tho. https://new.reddit.com/r/starcraft/comments/1bgv40i/starcraft_2_custom_games_list_freeze_technical/
Thank you for keeping us updated!
That is interesting.
EDIT: It seems that the other tabs under “Custom” can be affected. I tested it by going to “Melee” tab and filtering by “Newest” which I was hoping would bring up any affected maps. It did freeze the SC2 client. I’ll update/correct my info in my post above.
As for the other game modes (Campaign, Coop, Versus, Collections), with the exploit being limited to the names of published maps only, it suggests that anywhere that does not render those map names wouldn’t be affected.
But, if the author is correct, the exploit
does expose IP addresses. Just to note, everyone is constantly exposing their IP to every connection they make. For example, just being here reveals your IP to Bliz. The only difference in the exploit case is, who has them and how much they know about what to do with them. Could be lot, could be nothing.
However, it’s good to know that:
- It’s simply a stall while a bunch of spammed requests are being carried out.
- The exploit isn’t compromising victims’ systems. (No known “hack” is apparent in the exploit itself.)
- AV detections are false alarms (in terms of detecting malware download).
- The chance of compromise is exceeding low due to the technical knowledge necessary to compromise a Window’s core function and/or SC2’s internal detections, validations, and protections. As in, government/security research professional level knowledge.
- It’s the author’s opinion that the person(s) responsible are not pros at this. They refer to them as “script kiddies”.
Thanks! I’ll pass that along to Bliz.
Hey, is there any way you can reach out to me on discord or some other medium?
Like I’ve said before, this is all because of one map.
PARASITE.
The descriptions of the currently broken lobbies active reads “SMITH. COULD. HAVE. PREVENTED. THIS. YOUR FAULT, SMITH”
SMITH is the author of the original version of PARASITE.
As dumb as this sounds, its a 7 year pissing contest between a map author and a group of trolls.
1 Like
Hey Miro, I did more testing and changed some of the info in my post above. It’s just FYI since you specifically asked me the question.
I’ll pass this on to Bliz as well. Thanks!
The thing is, their main motive here is to have that map removed from the arcade, they’ve tried other methods of having it de-listed from the arcade and have failed thus far.
There are people who still legitimately play that map and enjoy it.
If the map is removed from the arcade then they’ve accomplished their goal and ruined a map that people still play.
I sent you a friend request since there’s no private messaging system here.
My apologies for my role in the current situation. To be clear, my first encounter with them, (Highvoltage) was after reports of them lag switching, they would abuse some method of stalling the game at the very start of every match that they were in, causing others to leave the game, as it was unplayable.
I banned them after I had proof this is what they were doing. A few months later, they returned with a way of bypassing the ban from taking effect, and would proceed to lag switch every game they were in again…
I found away to resolve this issue a few weeks ago, and they were once again prevented from ruining the experience of players; which has resulted in them taking this course of action.
I believe it is clear through their behavior and actions, that they are a toxic person intent on causing misery and ruining other people’s experiences. I don’t think they can be reasoned with.
If anyone needs to reach out to me, i’ll be available for it.
2 Likes
Its pretty wild that this same group of people from 7 years ago has devolved to this. Hope you’ve been well man, sorry to see this happen.
Yeah, it’s pretty crazy, all i’ve tried was to create a fun game experience, but I was gone for a few years and a lot problems arose with the individuals who had continued my work. I’ve been good though, hopefully things can be resolved, in a way that allows people to just enjoy the arcade again
Hey Smith,
I passed your post above along to Bliz so they can have it for reference.
1 Like
Hey, thank you, I appreciate it, if any further information is needed, just ask.
They are compromising systems.
I lost over 40 pages of documentation in Google Docs and an entire spreadsheet for work due to being forced to pull the plug.
This person is a criminal offender and must be prosecuted.
Our only concern right now is our safety. Most of us don’t know how exactly this exploit works - is it dangerous ? Some people claim it only affects arcade lobbies while other functions of the game remain intact. However some believe their attacks have potential to infect our computers with some malicious software. Therefore i for example decided not to launch SC2 for the time being until the game is patched and the problem is resolved by Blizzard.
I only hope they’re going after the culprits themselves. Not only do i want them gone from the community, but who knows how many other gaming communities they’re terrorizing?
Dont tell me, tell Talv. As someone who seems to understand the exploit and networking and Windows better than most around here, I’d assume they’d like to know the details of your situation. Maybe they overlooked something.
Or what other illegal activities they engage in, such as identity theft. Having been in prison (for selling drugs), all the offenders in prison for identify theft and other digital crimes always bragged to each during meals how they destroyed and infiltrated online games.