Jump to content

Bungie Expert: Destiny 2 Cheats Logged “Active Military” Patient Data


NelsonG

Recommended Posts

Destiny 2In August 2021, Bungie filed a copyright infringement lawsuit against a number of defendants involved in the development and supply of Destiny 2 cheating tool, Wallhax.

Last summer, Elite Boss Tech, Inc., 11020781 Canada Inc., and owner Robert James Duthie Nelson, admitted that their tool breached copyright by injecting new code into Bungie’s, thereby creating an unlicensed derivative work.

The defendants further conceded that their software circumvented technical measures in breach of the DMCA, but a $13.5 million damages award in Bungie’s favor didn’t mark the end of the lawsuit.

Documents handed over by Nelson enabled Bungie to identify Wallhax Senior Developer Patrick Schaufuss (Badger) in Germany and Denmark-based developer Daniel Larsen. After reaching an agreement with the plaintiff, Nelson and Schaufuss are now providing evidence in support of Bungie’s motion for default judgment against Larsen.

New Year, New Defendants

Late December, several defendants were summoned to appear or face default judgment.

They include Sebastiaan Juan Theodoor Cruden, aka “Luzypher” (Netherlands), Eddie Tran, aka “Sentient” (San Jose, US), John Doe #4, aka “Goodman” (Sichuan, China), Yunxuan Deng (Shanghai, China), Anthony Robinson aka “Rulezzgame” (Germany), Chenzhijie Chen, (Beijing, China), Dsoft (Denmark), and Marta Magalhaes (Portugal).

bungie summons1

If there was any doubt over Bungie’s determination to see this lawsuit through to the bitter end, an avalanche of filings over the past few days settles that once and for all.

New declarations from experts and witnesses in support of Bungie’s lawsuit are heavily redacted. However, text left in the clear still manages to deliver powerful testimony that leaves precious room for maneuver.

To warm things up, here’s a starter: During the period Wallhax sold their Destiny 2 cheat, Bungie spent “a minimum of $2,000,000” on game security measures to counter cheating. In this lawsuit alone, Bungie has already incurred litigation costs in excess of $338,000.

Expert: Cheat Software Logged Sensitive User Data

Steven Guris is Director of Threat Investigation at cybersecurity firm Unit 221B. He’s an ethical hacker, an expert in video game cheats, and a Destiny 2 player with over 2,200 hours of logged gaming time.

According to his declaration, Guris and his team spent 21 hours analyzing the Wallhax Destiny 2 cheat. The image below shows Wallhax in action, but page after page of redacted text indicates many findings are being suppressed for security reasons.

wallhax-1

Details relating to the mysterious Wallhax ‘logging function’ are mostly redacted too, but text left in the clear reveals a feature that users of the cheat should be made aware of – sooner rather than later.

Major Privacy Breach For Users of Wallhax

“Some of the logged processes are not stand-alone applications, but are found on browser tabs that the user had open on their machine,” Guris explains.

“In order to identify these tabs, the cheat must look at the name of every browser tab the user has opened every time the user launches the cheat.”

Guris goes on to reference a log file that “only contains 20,868 entries” while noting that the cheat software most likely performed a scan each and every time it ran on a user’s computer. Parents are likely to be alarmed at the findings detailed below.

wallhax log1

From this low point, things somehow manage to get worse. One log entry references a browser tab called ‘patientportal.mhsgenesis.health.mil login’ while another carries the label ‘MHS GENESIS Patient Portal – COVID-19 Results.’

“MHS Genesis is the patient portal for the United States Department of Defense,” Guris writes. “I believe these log entries represent the cheat software’s logging of the browser windows containing MHS Genesis Patient Portal sessions, including health care information.

“Based on this information, it appears that the Wallhax cheat software was scanning the computers of, and logging data from, active duty military or Department of Defense personnel.”

patientportal

The URL referenced in the declaration

From the text in the declaration that isn’t redacted, there’s no evidence to indicate that logging military personnel data was an explicit aim of the cheat, but in itself that’s unlikely to be of much comfort to users of the cheating software.

“In sum, the Wallhax cheat was fundamentally designed to breach private data spaces, evade security measures, and attempt to ensure that cheat users could continue to access Destiny 2 and achieve success against other Destiny 2 players based not on their own skill, but on the cheat software’s technology,” Guris concludes.

Badger’s Declaration in Support of Bungie

While it’s safe to assume that Patrick Schaufuss (Badger) filed his declaration of his own free will, albeit within the confines of his agreement with Bungie, the document bears the polish of a legal professional. As such, it devastates any defense Larsen would’ve had, if he’d actually tried to defend himself, which it appears he hasn’t.

Schaufuss says that the Wallhax business was a partnership consisting of him, Nelson and Larsen. The Wallhax software “exists for the one purpose and only one purpose” – to enable users to cheat in videogames, Destiny 2 included. Schaufuss says he left Wallhax in 2022 but Nelson is still paying towards his legal fees.

wallhax badger

“When I first joined the Wallhax partnership in 2012, I was the primary software developer for the business,” Schaufuss writes.

“Larsen initially joined the partnership as a forum moderator and asked me to teach him programming and reverse engineering in lieu of payment. He was a good student and learned very quickly, and I continued to mentor him for the next three or four years.

“Reverse-engineering games is an essential part of Larsen’s cheat development process, and therefore his role at Wallhax,” the cheat developer adds.

“Larsen Understood That He was Violating Game Companies’ Rights”

The next several pages detailing the Wallhax software are completely redacted. Claims that Larsen willfully violated the DMCA are not.

“Larsen and I knew that the Software was wrongful and that it violated the DMCA. In fact, in an effort to taunt me about this litigation Larsen specifically told me that he was well aware that what we were doing violated the DMCA,” Schaufuss writes.

“At some point between 2016 and 2018, Larsen decided to make a cheat for Overwatch, which is a game from Activision/Blizzard. After Larsen made that cheat and Nelson began promoting it, Activision/Blizzard reached out to us and told us that they would sue us if we started selling it. Larsen’s reaction was, essentially, ‘Ha ha, try’.

“Nelson and I each signed agreements with Activision/Blizzard saying that we would not touch their games, but Larsen refused,” Schaufuss adds.

James Barker, Bungie’s Deputy General Counsel, also filed a declaration in support of Bungie’s motion for default judgment. Barker says that cheaters ruin the Destiny 2 experience and with 1,700 hours of gameplay under his belt, he can “viscerally understand the aggravation of encountering a cheat software user.”

Like Schaufuss before him, Nelson also filed a declaration in support of Bungie.

From the statement that many Wallhax customers “are based in the United States, and send us payment from the United States” to Larsen being aware of the lawsuit but refusing to hand over his copyrighted cheat code, exits were closed one after another.

The declarations referenced above are available here (1,2,3, pdf)

From: TF, for the latest news on copyright battles, piracy and more.

View the full article

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Our picks

    • Wait, Burning Man is going online-only? What does that even look like?
      You could have been forgiven for missing the announcement that actual physical Burning Man has been canceled for this year, if not next. Firstly, the nonprofit Burning Man organization, known affectionately to insiders as the Borg, posted it after 5 p.m. PT Friday. That, even in the COVID-19 era, is the traditional time to push out news when you don't want much media attention. 
      But secondly, you may have missed its cancellation because the Borg is being careful not to use the C-word. The announcement was neutrally titled "The Burning Man Multiverse in 2020." Even as it offers refunds to early ticket buyers, considers layoffs and other belt-tightening measures, and can't even commit to a physical event in 2021, the Borg is making lemonade by focusing on an online-only version of Black Rock City this coming August.    Read more...
      More about Burning Man, Tech, Web Culture, and Live EventsView the full article
      • 0 replies
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
×
×
  • Create New...