Or, look at it this way.
In one scenario, you have Blizzard identifying and playing whack-a-mole with individual botting reports. You’re a goldselling company. You have ten thousand bots running around in-game. You have three accounts in a day that are identified as bots. They get banned.
No worries to you. You didn’t buy those accounts, you stole them. And there’s no outlay of cash to replace them, you deploy a new wave of phishing emails to harvested gaming email addresses and your former customers and steal new ones. Meanwhile, how did those accounts get found out? You’re able to troubleshoot how the detection happened with 10,000 accounts still out in full force in the meantime. Oh, now five more accounts are taken down. Time to adjust again! But again, there’s no downtime, no losses.
Compared to Scenario 2. You’re a goldselling firm with 10,000 accounts running 24/7. A month goes by. Everything is fine. Your software is working great. Another month goes by. You increase your fleet to 15,000 accounts. Another month goes–
Suddenly, all 15,000 of your accounts are banned. You don’t have enough compromised accounts to reconstitute the entire fleet. What’s more, your software is clearly unusable even if you get the accounts that you can up and running again. You have to try and reverse-engineer the code and make changes, deploying small batches of accounts using the adjusted software to test if it can be detected. But can you really know if it has been? Meanwhile your company is bleeding money.
No, the bleeding won’t go on indefinitely. But with that method, there’s an actual wound that lasts a little while instead of an easily ignored trickle that only helps you fix your botting software on the fly.