DDOS Attacks Buckle Blizzard Servers for Diablo III, Hearthstone & More

DDOS Attacks Buckle Blizzard Servers for Diablo III, Hearthstone & More

Blizzard

Blizzard has announced that EU servers for World of Warcraft, StarCraft II, Hearthstone and Diablo III might be impacted by high latency and disconnections due to DDoS attacks.

Can't play your favorite Blizzard game and you're from EU? It's not some sort of April Fools prank by the company, but rather, it has been hit with DDOS (distributed denial-of-service) attacks on "certain European online services," which has affected online play for StarCraft II, World of Warcraft, Hearthstone and Diablo III. Fortunately, Blizzard states via Battle.net that the company isn't the intended target, but players are just feeling the "ripples."

Diablo, World of Warcraft, StarCraft and Hearthstone players may be impacted by high latency and disconnections during their gaming experience that are the result of a series of DDoS attacks on certain European online services. Although Blizzard's infrastructure isn't targeted, the disruption effects rippled and have been felt by a portion of our players' population.

While we are closely monitoring the situation we wanted to thank you for your patience and apologise for any inconvenience this may cause.
Please follow @BlizzardCSEU_EN on Twitter for further updates.

While Blizzard might not have been the intended target, I never understood why people do this to online infrastructures. Is it for the fame, notoriety or something else? Nonetheless, let's hope Blizzard brings the servers up and running again for EU gamers' sake. Not from EU? You'll be glad to know that North America and other international players seem to be unaffected by the attacks.

Source: Battle.net via VG247

Permalink

DDoS attacks are, to me, the online equivalent of vandalism. And just like in real life, some acts of vandalism happen "because fuck that guy", and some "because fuck it, why not".

As for the issue itself, it was an inconvenience to me. After a while, a couple of friends and I finally managed to sync our schedules to play together a bit, and BAM. We just moved on to other stuff then, but, still annoying.

DDoS Attacks, because you should never under estimate the abilities of bored arse holes.

That's really all there is too it, bored jerk(s) decides to make somebody's life miserable for the sake of their own amusement. At least they're doing that and not torturing small animals.

fix-the-spade:
That's really all there is too it, bored jerk(s) decides to make somebody's life miserable for the sake of their own amusement. At least they're doing that and not torturing small animals.

Yeah, but then other jerks can't log into their games and are forced to go outside where they end up torturing small animals. You just can't win that one...

And this, Blizzard, is why you shouldn't expect or indeed force your customers to be connected to the Internet all the time. This sort of shit is sadly unavoidable and will always happen to your servers eventually. This is also why I haven't bought, and am still not buying, Diablo 3 despite loving your previous products.

Jasper van Heycop:
And this, Blizzard, is why you shouldn't expect or indeed force your customers to be connected to the Internet all the time. This sort of shit is sadly unavoidable and will always happen to your servers eventually. This is also why I haven't bought, and am still not buying, Diablo 3 despite loving your previous products.

Except that if they really wanted to play, they could simply change what region they're in and play on a different server, except for Hearthstone I think.

On topic!

I really don't understand why people do this kind of thing. Its an incredibly minor hiccup for the companies that get hit by it. The people that actually are the target (if it its even a target for any other reason than fuck it why not) wont be bothered by it and some poor tech schmuck is goin to have to miss out time with his family and work double OT to fix the issue.

shintakie10:

Jasper van Heycop:
And this, Blizzard, is why you shouldn't expect or indeed force your customers to be connected to the Internet all the time. This sort of shit is sadly unavoidable and will always happen to your servers eventually. This is also why I haven't bought, and am still not buying, Diablo 3 despite loving your previous products.

Except that if they really wanted to play, they could simply change what region they're in and play on a different server, except for Hearthstone I think.

Not if the attacks impacted the infrastructure in your region. Then all internet traffic would be shit for you.

Well typically there is a reason for these kinds of attacks, the idea is to hurt a company by costing them money and/or angering their customers. Basically if you can show a service vulnerable, the sheeple who won't otherwise leave become likely to move for a more secure one, depriving the target.

I think in the case of a lot of "why did someone do this?" attacks, the thing is that the company and authorities are intentionally not giving the reasons because by broadcasting that message it would be in a way playing into the hands of those doing the attack.

When it comes to services like we're seeing here, the idea is that if big customers like Blizzard keep having their businesses interrupted in particular, they will move to another infrastructure, costing the guys they left big time. However, it's just as often about irritating the little people.

As far as the logic of "how do you expect people you anger to support you?", it's simple. Typically when you see something like a mass DDOS attack, reason has failed. The average person might not like the service they use but continue to behave like sheep and use it anyway for the sake of convenience or because they are already invested in it (and thus keep taking the abuse in a cycle). Using the sheep analogy its sort of like a good shepherd using a prod to guide a flock. Sure the sheep don't like being shocked, and they tend to be annoyed when they are say happy grazing in one area and don't want to move to another, but they tend to benefit when they are relocated since they don't overgraze and deplete an area and so on. To a lot of hackers the whole schtick is "protecting people from themselves". Whether you cheer for or revile these kinds of acts depends on how well you understand the specific situation, which is part of why you see increasingly less focus on the motives behind attacks, making them seem like random chaos when they usually aren't.

That's the basic rationale behind it at any rate, agree or disagree. As regular followers of my posts know I have a mixed bag of opinions involving "Hacktivism".

Jasper van Heycop:
This is also why I haven't bought, and am still not buying, Diablo 3 despite loving your previous products.

Aye. Online latency and connectivity issues should never be a concern when you're playing a single-player game. There's no reason and no excuse for it.

"Is it for the fame, notoriety or something else?"
You guys don't seem well informed. The modern DDoS is a criminal tool, generally used for extortion, harming business competition or proving they can be accomplished by someone (to then be leased/hired to other criminals for the first two uses).

It's no longer about script kiddies trolling, but all about making tons of money before getting caught. Because that risk is quite high nowadays, since the Feds know online stuff is very important for the economy in general.

5 posts before someone started whining about Diablo III. Get over it already.

I've not experienced any issues on any of their games, so it's not affecting me. For now at least.

Must say, Diablo was being laggy for some day's now, wonder if it's related.

shintakie10:

Jasper van Heycop:
And this, Blizzard, is why you shouldn't expect or indeed force your customers to be connected to the Internet all the time. This sort of shit is sadly unavoidable and will always happen to your servers eventually. This is also why I haven't bought, and am still not buying, Diablo 3 despite loving your previous products.

Except that if they really wanted to play, they could simply change what region they're in and play on a different server, except for Hearthstone I think.

That's beside the point. If Blizzard had made the right call and went offline and DRM-free, with online options being just that; options (i.e. not mandatory), then nobody would have to circumvent these issues and everyone would be better of for it (including Blizzard as they wouldn't have to scramble so hard to fix this if fewer players depended on the servers).

It shouldn't be up to the consumer to fix shit. That is the responsibility of the company.

Kenjitsuka:
"Is it for the fame, notoriety or something else?"
You guys don't seem well informed. The modern DDoS is a criminal tool, generally used for extortion, harming business competition or proving they can be accomplished by someone (to then be leased/hired to other criminals for the first two uses).

It's no longer about script kiddies trolling, but all about making tons of money before getting caught. Because that risk is quite high nowadays, since the Feds know online stuff is very important for the economy in general.

I was thinking something similar about it as well. From what I've seen in the last few years DDoS attacks tend to have an agenda of some sort: publicizing a weakness, bullying a company (sometimes deservedly so), extorting money, etc.

I've been wondering if it might also be a way to steal login info by trying to intercept the buildup of traffic (if you can snag the incoming packets from one user's multiple attempts to login, you gain a higher chance of cracking the encryption). It might seem like a lot of trouble to steal someone's login info, but if you have the means it would be a way to steal lots of people's login info by cracking a general encryption routine.

All the same, I would like to join the chorus about Blizzard putting always online requirements in single player games: serves them right for their anti-consumerist tendencies.

shintakie10:

Except that if they really wanted to play, they could simply change what region they're in and play on a different server, except for Hearthstone I think.

Changing your region is difficult now. I decided to try and log back into my Battle.net account after several years of not using it and discovered that my region was Taiwan. I can't remember why I chose Taiwan, I guess I was back when I was living in China and wanted to play WoW.
Anyway, I tried to change it to Europe but couldn't. Now you have to send them identification and proof of your current address. So I actually had to send a copy of my passport and a bill which displayed an address.

:-\

I can understand why they have such security measures, but it's annoying all the same.

Wonder if this is peoples way of saying they disagree with the april fools 'jokes'.

i theorize that DDOS attacks of this nature are just intel missions, to see how fast and how exactly the target responds, revealing key info into their inner-workings. the real attacks and smash & grabs are yet to come. just a theory though.

.......these people do know theyre attacking the one company that's got the time, money, and butt hurtatude (yes I just made that word up) to go after them full force and completely destroy them right? just checking.

Vegosiux:
DDoS attacks are, to me, the online equivalent of vandalism. And just like in real life, some acts of vandalism happen "because fuck that guy", and some "because fuck it, why not".

DDoS attacs are, according to German courts, a type of protest of standing in front of stores doors blocking the passage. According to every other country "messing with corporations = your in jail kid".

Denamic:

Not if the attacks impacted the infrastructure in your region. Then all internet traffic would be shit for you.

This isnt NSA ddosing Torkey. If the DDoS of Blizzard servers inpacted your infrastructure, then its a bloody shitty infrastructure that should be changed. ISP have way more bandwitch than it takes to DDoS a server. even a blizzard one.

ecoho:
.......these people do know theyre attacking the one company that's got the time, money, and butt hurtatude (yes I just made that word up) to go after them full force and completely destroy them right? just checking.

US military failed to go after them. what makes you think blizzard is capable?

Alex Co:
While Blizzard might not have been the intended target, I never understood why people do this to online infrastructures. Is it for the fame, notoriety or something else?

Ransom: "We will keep doing that until ..."

Security service providers that lives off that kind of stuff too.

Also breaking into a system and stuff.

More details in this nice video from computerphile: https://www.youtube.com/watch?v=BcDZS7iYNsA

Li Mu:
Changing your region is difficult now. I decided to try and log back into my Battle.net account after several years of not using it and discovered that my region was Taiwan. I can't remember why I chose Taiwan, I guess I was back when I was living in China and wanted to play WoW.
Anyway, I tried to change it to Europe but couldn't. Now you have to send them identification and proof of your current address. So I actually had to send a copy of my passport and a bill which displayed an address.

:-\

I can understand why they have such security measures, but it's annoying all the same.

I somehow managed to have my region set as America when they decided to merge everything into the shitty Battlenet launcher. I changed it by pressing the "change region" button and choosing Europe. I don't know who you sent all your personal information to, but unless they have very different rules for China it probably wasn't Blizzard.

I suspect mostly because why not, and sometimes as a protest/to make a point.

Kahani:

I somehow managed to have my region set as America when they decided to merge everything into the shitty Battlenet launcher. I changed it by pressing the "change region" button and choosing Europe. I don't know who you sent all your personal information to, but unless they have very different rules for China it probably wasn't Blizzard.

It is the legit Blizz battle.net site. I can only assume that it's due to me previously being registered in China.

This is the reply they just sent me;

Good evening Li Mu,

I'm afraid that your editing of the document has meant we cannot accept it as we cannot confirm the validity of your passport, also the address document provided is not acceptable as proof of address.

As you wish to change the country that is registered on the account please provide the following information in the form of a text document file (e.g. a Notepad or Word document), as an attachment to your reply:

- Your account name (please do NOT send us your password)
- Your full real name
- Your full address including postal or zip code currently registered on the account
- Your Battle.net Secret Question and answer (Your city of birth?)
- Country information you want registered on your Battle.net account

We also need:

- A valid proof of residence in the form of a single piece of legal identification which has your new address on the ID itself
OR
- Legal identification without address on the ID (such as a passport or driving license) and a separate image of utility bill for your new address.

Please keep in mind that in accordance with European data protection laws, ID's and documents submitted to us are automatically deleted after resolving your issue. For any future requests it might be necessary to re-submit the images to us.

After receiving the requested information, we will update the country on your account and inform you of the changes made.

I edited out my passport number, so they now wont accept it as a real document. Fuck them. I'm not sending them all my passport details. I just wont play Blizz games anymore. Nothing of value was lost.

Strazdas:

Vegosiux:
DDoS attacks are, to me, the online equivalent of vandalism. And just like in real life, some acts of vandalism happen "because fuck that guy", and some "because fuck it, why not".

DDoS attacs are, according to German courts, a type of protest of standing in front of stores doors blocking the passage. According to every other country "messing with corporations = your in jail kid".

Denamic:

Not if the attacks impacted the infrastructure in your region. Then all internet traffic would be shit for you.

This isnt NSA ddosing Torkey. If the DDoS of Blizzard servers inpacted your infrastructure, then its a bloody shitty infrastructure that should be changed. ISP have way more bandwitch than it takes to DDoS a server. even a blizzard one.

ecoho:
.......these people do know theyre attacking the one company that's got the time, money, and butt hurtatude (yes I just made that word up) to go after them full force and completely destroy them right? just checking.

US military failed to go after them. what makes you think blizzard is capable?

three things;
1. the US military doesn't have the time or the money to waste on little pricks like this.(in other words the military just doesn't have time to mess with trolls when they have real problems.)
2. the head of activision/blizzard isn't one to let things go, and he ahs the money to keep going at this by himself.
3. finally corporations are far more likely to not give a dam were someone's from or were they go as they don't have to worry about starting wars and such can just say fuck you and hire people to grab the guy and get him to court house.(long standing rule of thumb the justice system doesn't care how someone gets into the country if they are the culprits of a crime. That's every country by the way.)

ecoho:

three things;
1. the US military doesn't have the time or the money to waste on little pricks like this.(in other words the military just doesn't have time to mess with trolls when they have real problems.)
2. the head of activision/blizzard isn't one to let things go, and he ahs the money to keep going at this by himself.
3. finally corporations are far more likely to not give a dam were someone's from or were they go as they don't have to worry about starting wars and such can just say fuck you and hire people to grab the guy and get him to court house.(long standing rule of thumb the justice system doesn't care how someone gets into the country if they are the culprits of a crime. That's every country by the way.)

1. Oh, they went all over Anonymous when it threatened them. And failed. One dude that got arrested didnt even DDoS, merely moderated the DDoSers irc channel. The DDoSers got away free.
2. He can have all the money in the world. He does not have the means to go after them.
3. For that they first need to find them.

Strazdas:

ecoho:

three things;
1. the US military doesn't have the time or the money to waste on little pricks like this.(in other words the military just doesn't have time to mess with trolls when they have real problems.)
2. the head of activision/blizzard isn't one to let things go, and he ahs the money to keep going at this by himself.
3. finally corporations are far more likely to not give a dam were someone's from or were they go as they don't have to worry about starting wars and such can just say fuck you and hire people to grab the guy and get him to court house.(long standing rule of thumb the justice system doesn't care how someone gets into the country if they are the culprits of a crime. That's every country by the way.)

1. Oh, they went all over Anonymous when it threatened them. And failed. One dude that got arrested didnt even DDoS, merely moderated the DDoSers irc channel. The DDoSers got away free.
2. He can have all the money in the world. He does not have the means to go after them.
3. For that they first need to find them.

1.wasn't the US military it was the FBI the military prefers to just um neutralize problems not arrest them.

2. money means one can buy people to track the idiots down and give them the location to send 3. you forget as well that as a major video game company that runs a lot of online components that they tend to hire the best to keep their company safe as such these guys tend to be invested in catching people who make them look stupid IE these idiots.

ecoho:

1.wasn't the US military it was the FBI the military prefers to just um neutralize problems not arrest them.

2. money means one can buy people to track the idiots down and give them the location to send 3. you forget as well that as a major video game company that runs a lot of online components that they tend to hire the best to keep their company safe as such these guys tend to be invested in catching people who make them look stupid IE these idiots.

1. FBI wanted the arrest,but military was going after them because it was their stuff that got attacked.

2. Money can buy a lot. Magic they cannot do.

3. Majority of vidoe games companies online component security sucks. For example Ubisoft servers were compromised on day one and their server algorythms leaked to the web. Meanwhile quite recently EA servers were compromised to seed spyware to its users. Heck, remmember when Paypal was suing for damages because it was hacked and thus "had expenditure of needing to improve security" and the court decided that somone else should pay that, because paypal was under no obligation to invest into security themselves.
The thing about online games servers not bineg hacked often is not good security, its that real hackers dont really care about your MMO account.

You know who hires the best specialists? banks. they hire folks who were on trial for hacking pentagon servers, thats actually how these guys got out of jail, bank struck a deal with justice system. it was big news here locally since the hacker was from my city. Banks are the badasses when it comes to security. That and perhaps the military.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here