Skip to main content

Blizzard Games Vulnerability Could Leave Gamers Open To Hacking

By February 3, 2018May 22nd, 2021Cybersecurity

Do you play Blizzard online computer games such as World of Warcraft, Diablo III, Hearthstone, Starcraft II, or Overwatch?  If so, there’s a potential problem you need to be aware of.

Tavis Ormandy, a researcher on Google’s Project Zero team, recently discovered that the Blizzard Update Agent is vulnerable to hacking, via a technique known as “DNS Rebinding.”

The update agent is designed to accept commands to install, uninstall, change settings, update and  perform other maintenance related options. This means it has a lot of power and access to the system you’re playing the game on.

Unfortunately, because the update agent in use (JSON-RPC, port 1120) doesn’t include a validation step to check the identity of the server issuing commands, it’s possible for a hacker to insert himself into the middle of the process. This includes possibly injecting malicious commands and using the updater to hijack your machine.

Ormandy developed a proof of concept of the attack, and contacted Blizzard when he made the discovery.  The company was receptive for a time, but then suddenly and inexplicably ceased all communication.  Ormandy had this to say regarding the matter:

“Blizzard was replying to emails but stopped communicating on December 22nd.  Blizzard is no longer replying to any enquiries, and it looks like in version 5996, the Agent now has been silently patched with a bizarre solution. Their solution appears to be to query the client command line, get the 32-bit FNV-1a string hash of the exename and then check if it’s in a blacklist.  I proposed they whitelist Hostnames, but apparently that solution was too elegant and simple.  I’m not pleased that Blizzard pushed this patch without notifying me or consulting me on this.”

Since Ormandy went public with his findings, Blizzard has been in contact again, stating that a more robust fix is in the works, one that will adopt the strategy of whitelisting hostnames. Meanwhile, Ormandy is continuing to test the exploit on other online games with a user base of over 100 million to see if others are also vulnerable.  If you’re an online gamer, be aware that you could be leaving the door unlocked for hackers.

Chris Forte

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.

Leave a Reply