Thanks to a user of this forum who has notified me of this news. Unfortunately it looks like Blizzard has begun testing and deploying a new obfuscated version of the WoW binary (currently on the PTR). Perhaps ending support for Windows XP opened up some new opportunities for improved countermeasures against reverse engineering. In a way, I'm happy to see them finally making a move to reduce the amount of cheaters in this game, but how far will they go?

Early indications show an obfuscation pattern similar to Overwatch, which was bypassed early on before being taken down. So at the very least, we might start seeing unpackers akin to StarCraft II and Heroes of the Storm. I have no reason to believe that any internal data structures would change but I would not be surprised to see some nasty tricks being implemented to protect the object manager. If not now then perhaps in the new expansion. We've seen this before with Legacy of the Void.

Next, and while I haven't tried this myself, there are reports of anti-debugging capabilities being implemented as well. This means that attaching any sort of debugger will end up crashing the client or otherwise locking it up. As a result, we might have to come up with new strategies to get around this. Perhaps we'll have to revisit the strategies used by the SC2 and HotS community.





NOTES: Possible Cheat Engine Until we get more information, I'd avoid performing any unprotected memory scans including any unbounded cheat engine scans. Thanks to Overwatch, we've seen trap pages being implemented which resulted in a client crash. So we know it's a technique they might be using to ban cheaters and cheat developers with. Regardless, it's always a good idea to protect your memory scans. See this thread to learn more.NOTES: Possible Cheat Engine workaround . Thanks @karliky.





NOTES: I've heard people getting away with DLL injection by emulating As always, be careful with this one. Writing to memory is dangerous enough let alone importing code and spawning threads. I never liked this technique but if you must use it then at least wait for the dust to settle before injecting anything. While I'm not sure we'll see HWID bans in WoW, they have been strictly enforced in Overwatch and you could end up losing all your accounts!! I did when I foolishly injected DLL's in Overwatch. Not even in-game just on the login screen.NOTES: I've heard people getting away with DLL injection by emulating OBS and other "legit" apps.

The future of cheating in WoW depends entirely on how far Blizzard is willing to take this. Despite the advanced security of Overwatch, the community has been quite resourceful in counteracting it, so I have no doubt that we'll continue seeing big-name bots continue to bypass and succeed. As for the small players such as myself. Unless we're able to keep up, it might be time to find a new hobby. Regardless of what happens, I'm surprised we've held on for this long without any significant changes to client security.

Protection is live as of 7.3.0 released Aug 29, 2017