Hearthstone Cheats and Tools Spiked With Malware (csoonline.com)

← Back to Stories (view on slashdot.org)

Hearthstone Cheats and Tools Spiked With Malware (csoonline.com)

Posted by timothy on Tuesday February 9, 2016 @01:05PM from the honor-among-etc dept.

itwbennett writes: Cheating at the online card game Hearthstone (which is based on Blizzard's World of Warcraft) can get you banned from the game, but now it also puts you at risk of 'financial losses and system ruin,' writes CSO's Steve Ragan. Symantec is warning Hearthstone players about add-on tools and cheat scripts that are spiked with malware. 'In one example, Hearth Buddy, a tool that allows bots to play the game instead of a human player (which is supposed to help with rank earnings and gold earning) compromises the entire system,' says Ragan. 'Another example, are the dust and gold hacking tools (Hearthstone Hack Tool), which install malware that targets Bitcoin wallets.'

42 comments

Min score:

Reason:

Sort:

1998 called by Anonymous Coward · 2016-02-09 13:12 · Score: 2, Funny

1998 called... It wants it's attack vector back. Thanks.
1. Re:1998 called by Anonymous Coward · 2016-02-09 13:20 · Score: 1
  
  Came here for this.
  Symantec researchers are pretty incompetent if they're just discovering this, and CSO's Steve Ragan should seek a new job as a Slashdot editor - he'd fit right in with breaking news that broke centuries ago.
2. Re:1998 called by U2xhc2hkb3QgU3Vja3M · 2016-02-09 13:21 · Score: 1
  
  Computers already had trojans in 1816?
3. Re:1998 called by aaronb1138 · 2016-02-09 14:15 · Score: 1
  
  Isn't this why we run our bots in VMs. Plus we can clone the template VM and run many, many copies of the software and bot as well as upload it to the cloud!
4. Re:1998 called by Anonymous Coward · 2016-02-09 15:59 · Score: 0
  
  Yes, mostly keyloggers. Common passwords lifted from the antikythera mechanism include:
  - goatz
  - ZeusRox1
  - Zeus1sap3rv
5. Re:1998 called by Anonymous Coward · 2016-02-10 07:33 · Score: 0
  
  Did you warn them about 9/11?
Reminiscent of the con games by rmdingler · 2016-02-09 13:14 · Score: 2

Many of the cons that seem otherworldly in their magnificence (The Sting) do not work on honest people.

--
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
1. Re:Reminiscent of the con games by techno-vampire · 2016-02-09 14:32 · Score: 1
  
  I don't know if the con used in that movie was authentic or invented for the film, but early on, when they're trying to decide just which con to use, somebody suggests The Spanish Prisoner, a classic con going back to the late 16th century, and still fooling marks today.
  
  --
  Good, inexpensive web hosting
News at 11 by Anonymous Coward · 2016-02-09 13:15 · Score: 0

Cheats targeting unscrupulous gamers are written by equally unscrupulous individuals.
How accurate is this? by Gaygirlie · 2016-02-09 13:41 · Score: 1

I was surprised to see the claim that Hearthbuddy also belongs in this list. Nowhere, _nowhere_ else can I find anything to back up that claim and neither does the "article" provide any details. I do not play Hearthstone, I do not use bots (I actually totally despise cheaters and that's 90% of the reason why I never play multiplayer-games in the first place), but I am aware of quite a bunch of people who use the various bots by the company that is behind Hearthbuddy (they have bots for WoW, Diablo, Hearthstone etc. etc.) and these bots are popular because they're actually pretty functional when compared to the competitors. The company would be shooting themselves in the foot if they were spreading malware with these as the bots are not free, you have to pay for them, and if they did include malware people would rather quickly stop buying.
My point here is that I can't help but wonder if Hearthbuddy is mentioned because of pressure from Blizzard as a way of trying to scare people away from it, not because it actually harms you, your wallet or your PC.
1. Re:How accurate is this? by alvinrod · 2016-02-09 13:59 · Score: 1
  
  I don't even get the point of bots for something like Hearthstone. I can at least understand WoW or Diablo which have a lot of grinding built in to the game play, but what the hell does a bot even get you in a game like this? The only thing you can do (that I'm aware of as I don't play either) is play the card game.
  
  The same goes for card counting apps. Perhaps they can give you a slight edge, but for the professionals they wouldn't be able to use them in tournaments so there's no point at sabotaging your own ability to improve at the expense of gaining nothing of value.
  
  Personally I don't think they should ban the people who use the cheats though. Instead, just put them in a special area where they only get to play other cheaters or they programmatically lose 90% of their games and just end up raging harder.
2. Re:How accurate is this? by Gaygirlie · 2016-02-09 14:16 · Score: 1
  
  I don't even get the point of bots for something like Hearthstone. I can at least understand WoW or Diablo which have a lot of grinding built in to the game play, but what the hell does a bot even get you in a game like this? The only thing you can do (that I'm aware of as I don't play either) is play the card game.
  As far as I know, it's mostly just ego-boosting and stems from immaturity -- they get to feel superior to the other players by beating them and they sometimes record clips or take screenshots of their "accomplishments" to brag with to their friends. It's easy to dismiss the fact that they are using cheats, I've met many a cheater online over the years who keep deluding themselves with claims like "I only cheat because it's possible, I don't even need cheats and I would do just as well without because I am just so skilled!" There's not much you can say when a person 100% believes their own lies.
  
  Personally I don't think they should ban the people who use the cheats though. Instead, just put them in a special area where they only get to play other cheaters or they programmatically lose 90% of their games and just end up raging harder.
  Yeah, I actually find it surprising that Blizzard hasn't done this already. Just lock all cheaters on cheaters-only servers without telling them and depending on the person and the circumstances it may even take them a while to notice what happened.
3. Re: How accurate is this? by Anonymous Coward · 2016-02-09 14:41 · Score: 0
  
  There is grinding in Hearthstone for better cards/decks and gold to buy new boosters.
4. Re:How accurate is this? by Anonymous Coward · 2016-02-09 16:59 · Score: 0
  
  It absolutely belongs on the list, those Buddybot's are some of the worst offenders for malware BECAUSE PEOPLE PIRATE IT. No irony lost there, cheaters cheating the cheaters.
5. Re: How accurate is this? by guruevi · 2016-02-09 18:38 · Score: 1
  
  Not really, you only get a small bit of gold after every 3 games won and you can't earn more than 100 gold/day (on top of quests). Besides getting to the 'golden' hero there is very little financial incentive to go with the bots, just play the damn game for an hour/day and you'll get all the gold you need.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
6. Re:How accurate is this? by Anonymous Coward · 2016-02-09 19:19 · Score: 0
  
  Unless you can vouch for every Hearthbuddy build, you can't claim it is always 100% clean.
  When targeting gamers there are options. The first is 100% malware that "fails to inject" or some such nonsense and is just malware. The second is a working cheat plus malware. This can occur with or without the consent of the original author of the cheat.
  The moral of the story is that you shouldn't cheat unless you can program the cheat yourself. Or at least don't let that cheating PC/VM on the same network you do important internet stuff from...
7. Re:How accurate is this? by Anonymous Coward · 2016-02-09 21:36 · Score: 0
  
  It is 100% accurate, any software you install that basically rootkits the machine will be a risk... The problem is that you can not make a bot that does NOT take 100% control of the machine. You want a bot? You place your trust in the hands of the bot maker, simple as that. Has the boddy guys ever done anything bad to the people who buy their products and give them 100% control over their machine? No they have not. ...Microsoft on the other hand...
8. Re:How accurate is this? by Anonymous Coward · 2016-02-10 01:04 · Score: 0
  
  meh.
  Hearthstone being a Pay to Win game, I can never tell if the guy who played nothing but legendaries that perfectly sync is just a guy with too much money, or a hacker.
  stupid game
9. Re: How accurate is this? by dywolf · 2016-02-10 01:05 · Score: 1
  
  dust is the biggest holdback to progression. that's what theyre grinding/hacking.
  
  --
  The guy who said the election was rigged won the presidency with the second-most votes.
10. Re:How accurate is this? by TheCarp · 2016-02-10 01:59 · Score: 1
  
  Well stereotyping cheaters is still stereotyping.
  Some of them, I am sure, are really good players. I wouldn't assume many are, but I think it depends on the scenario. For example, an MMO player often has plenty of incentive to bot, since it can grind for him while he does something else. He isn't cheating while he is playing, he is cheating in between in order to not spend his time doing less interesting grinding.
  He is going to be a very different player from someone who jumps on a quick multi-round FPS game with an aimbot; and even he may have different motivations as some people, will be the delusional "I am actually good" guy, and others, may just be griefers who want to harvest salty tears from other players by ruining their day.
  
  --
  "I opened my eyes, and everything went dark again"
11. Re: How accurate is this? by Quirkz · 2016-02-10 03:53 · Score: 1
  
  just play the damn game for an hour/day and you'll get all the gold you need.
  Blech. I don't have an hour a day in perpetuity to keep up. Honestly, after a couple of weeks of playing, it gets boring. So I take a few months off, and I'm behind. I grind for a week or two, pick up a few things, get bored, take a few months more off, and I'm further behind. I've never touched a bot, but some way of keeping up with the never-ending stream of stuff would be nice.
  Alternately, Blizzard could recognize that ever-increasing gulf and find other ways for players to catch up. Dramatically drop the crafting price of cards more than a year old. Let you get 2-for-1 on really ancient packs. Give away the common and uncommon cards from really old sets. I know, they want my money, so it probably won't happen. I'm not going to give them my money, so they lose me as a player.
  
  --
  The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
12. Re:How accurate is this? by Anonymous Coward · 2016-02-19 03:57 · Score: 0
  
  Actually playing Hearthstone can be pretty straightforward. Create an aggressive deck full of good value creatures without special powers and
  a) Cast creatures in a way that optimizes mana use (~summon stuff as fast as possible)
  b) Attack in a way
  1) Your creature survives while killing enemy
  2) Your creatures kill a target that does more damage than your creatures combined
  3) Damage enemy
  Playing combos is complex and strategic, but trying out-do-your opponent on volume is pretty simple. Even if you win just 10-20%, it's enough to gather more gold.
Malware is everywhere by penguinoid · 2016-02-09 13:44 · Score: 2, Insightful

These days you can't even count on your operating system to be free from malware.

--
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
1. Re:Malware is everywhere by Anonymous Coward · 2016-02-09 16:05 · Score: 0
  
  Only if you are a douche-bag that would twist the meaning of the word "malware" to include telemetry functions. Surely GNU/Linux zealots would never stoop that low. Right?
2. Re:Malware is everywhere by penguinoid · 2016-02-09 19:06 · Score: 1
  
  Maybe you need a closer look at what mobile OSs are like.
  
  --
  Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
3. Re:Malware is everywhere by Anonymous Coward · 2016-02-09 21:41 · Score: 0
  
  "telemetry functions" If you have to make up new terminology for spying on your users you are doing something wrong...
4. Re:Malware is everywhere by Sax+Russell+5449D29A · 2016-02-10 00:59 · Score: 1
  
  Telemetry functions become malware at the point when even if you disable them they stay operational. It has then effectively become malicious software because it deceives the user. Many big tech companies still do this even if you explicitly say no . This worries me.
  
  --
  -SR
5. Re:Malware is everywhere by Carewolf · 2016-02-10 02:50 · Score: 1
  
  Only if you are a douche-bag that would twist the meaning of the word "malware" to include telemetry functions. Surely GNU/Linux zealots would never stoop that low. Right?
  Spyware is spyware, but I would complain about all mobile operating systems, and Google Chrome on all platforms long before Windows 10.
Card counting works at the tables by Joe_Dragon · 2016-02-09 14:06 · Score: 1

Card counting works at the tables
1. Re:Card counting works at the tables by TheCarp · 2016-02-10 01:53 · Score: 1
  
  card counting isn't actually cheating, its just smart game play. Its only a bot if it makes the decision and plays for you, a tool that simply does math for you and remembers things for you is not, in any way, cheating.
  
  --
  "I opened my eyes, and everything went dark again"
2. Re:Card counting works at the tables by myowntrueself · 2016-02-10 05:51 · Score: 1
  
  card counting isn't actually cheating, its just smart game play. Its only a bot if it makes the decision and plays for you, a tool that simply does math for you and remembers things for you is not, in any way, cheating.
  Smart game play is illegal in the casinos. Only stupid people are allowed!
  
  --
  In the free world the media isn't government run; the government is media run.
3. Re:Card counting works at the tables by TheCarp · 2016-02-10 06:04 · Score: 1
  
  No. Casinos are private establishments who reserve and use their right to refuse you service for any reason that they choose, including, being a good player who can do basic arithmetic.
  Besides, if you shuffle the deck every round, then card counting is irrelevant. Its more like, casinos broke their own game and didn't want to fix it because they make more money/hr with it broken because it plays faster from a shoe.
  
  --
  "I opened my eyes, and everything went dark again"
Re: LUDDITES deserve to get hacked! by Anonymous Coward · 2016-02-09 14:10 · Score: 0

App appity app app.
Does candy crush crush candy?
I was a cheater back in the day by Pedestrianwolf · 2016-02-09 14:22 · Score: 2

First real game I played on the Internet was the first Quake (via 14.4 modem) and I was immediately blown away by exactly *how much* I sucked. My first instinct was to find a way to cheat to win. It hit me then.. the reason I sucked is because I never actually learned to play. I always just cheated. I swore off cheats entirely and stuck with it. Along with getting tons better; I feel like it could have saved me some grief.
well well well by Lirodon · 2016-02-09 15:39 · Score: 1

Watch out for the one that trips off Blizzard's anti-cheat mechanism as soon as you activate it just because that is the joke.
Cheats written by the developers of the game... by Anonymous Coward · 2016-02-09 16:25 · Score: 0

This sounds like this was a moonlighting project for some of the developers of the game. They wanted to ferret out cheating, so to demotivate writers of cheat hacks, they beat them to the punch. Loading it up with their alternate payloads to then screw the cheaters over and deter people from using them again.
That seems too unlikely....
(Also I'd never heard of this damn game until this /. story so)
you high dial up pings killed you by Joe_Dragon · 2016-02-09 16:34 · Score: 1

you high dial up pings killed you
not in quake by drinkypoo · 2016-02-09 22:07 · Score: 1

Quakeworld was pretty much the last game you could play successfully over a modem

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Maybe the game is the problem by Anonymous Coward · 2016-02-10 01:29 · Score: 1

When your game needs to be grinded by bots and other automated tools for hours upon hours upon hours to even think about being competitive against other players, maybe you need to consider the fact that the bots aren't the problem.
1. Re: Maybe the game is the problem by Anonymous Coward · 2016-02-10 20:41 · Score: 0
  
  They aren't, just lazy people, you don't need to grind anything except levels in WOW, hearthstone you can grind a little gold but can just endlessly play match ups and rank up, but that's the entire game.
Re:LUDDITES deserve to get hacked! by Anonymous Coward · 2016-02-10 06:38 · Score: 0

Modern app appers know that only apps can app apps, so these LUDDITES who play LUDDITE games like Hearthstone deserve to get pwned. Modern app appers play appy apps like Candy Crush Appy Saga!
Apps!
Hearthstone is an app.
WHERE IS YOUR GOD NOW?
"Filter error: Don't use so many caps. It's like YELLING."
Very perceptive, Slashcode. It IS yelling.