World of Warcraft secretly embeds user data in screenshots

By on September 11, 2012, 3:00 PM

A new report suggests that Blizzard is secretly embedding unique watermarks into World of Warcraft screenshots taken using the in-game screenshot tool. The watermark reportedly contains the account ID, a timestamp of when the screenshot was captured and the IP address of the realm in which the player was in at that time.

The issue came to light recently when Slashdot member kgkoutzis noticed some strange artifacts showing up on screenshots taken using the WoW game client. Further investigation revealed a pattern of repeating marks and after three days of working on it, a group from OwnedCore was able to decipher the code. Furthermore, they discovered the patterns were present on all screenshots dating back to at least 2008.

All of this, according to a post on the forum, can be used by hackers to target specific spam or scam attacks. Blizzard likely uses the information to track down private WoW servers although their terms of service agreement doesn’t mention anything about embedding data into screenshots. The publication feels that this is a violation of user privacy as the content, albeit undetected up to this point, is being shared publically with anyone that has access to screenshots taken by others.

Full instructions on how to check your screenshots can be found at OwnedCore but at least one reputable publication has been able to replicate the repeating patterns. It’s worth pointing out that only screenshots captured with a quality of nine or less show the marks. When the user sets the screenshot to max quality, the markings disappear – perhaps because they would be too visible on high quality captures.




User Comments: 15

Got something to say? Post a comment
amstech amstech, TechSpot Enthusiast, said:

Blizzard keep track of every damn thing with WoW and always has. They search for patterns and monitor ALL player accounts to some degree, some more then others.

On a side note I am actually pretty excited about the new expansion but I think they could cut the monthly fee down some... @ $10 a month I would consider turning back on my glass cannon space goat.

RubinOnRye RubinOnRye said:

Do you smell that?? Smells like class action lawsuit... and it smells GOOD!!!

2 people like this | treeski treeski said:

Just another reason I'm glad I jumped off the WoW bandwagon a few years ago...

... and am now very much enjoying GW2

Guest said:

All I have to say is : so what?

1 person liked this | treeski treeski said:

All I have to say is : so what?

So with privacy being the hot topic that it is (and will continue to be), people should know when their personal details (in the case, especially account name) are being distributed to everyone without their knowledge.

H3llion H3llion, TechSpot Paladin, said:

All I have to say is : so what?

So with privacy being the hot topic that it is (and will continue to be), people should know when their personal details (in the case, especially account name) are being distributed to everyone without their knowledge.

Warden apparently snoops through your files (or maybe just the active processes which PB also does).

Blizzard does not need to track down PServers, just look at voting sites. I doubt they would want to ban their subscribers who play on PServers, if they did that to me I would of quit WoW long time ago (well Iv already quit since jan/feb 2011).

As long as they don't go into private data that has nothing to do with WoW, I honestly don't care.

H3llion H3llion, TechSpot Paladin, said:

Just another reason I'm glad I jumped off the WoW bandwagon a few years ago...

... and am now very much enjoying GW2

WoW was a solid game until 3.3.5 or near 3.3.5 and after that it was rather appalling. But that is just my point of view, I much enjoyed Ulduar times and S4,S5,S6,S7 as well as a Arena Player. S8 was alright but WOTLK dragged on. During Cata early days, I was already juiced out and decided to quit near the end of T11.

imho WoW has lost its touch. I think future of MMOs is F2P/B2P and MTs that are not game breaking. But then again if the game is good enough and people like it, then the SUB fee is not really a problem.

Sniped_Ash said:

As far as I know, the "AccountID" is an internal Blizzard thing and not your login name or BNet name. So at most someone can deduce what time the shot was taken and what realm you're on and someone can probably figure that out if you don't black out your character name and the game clock anyway. This whole thing is avoided by using JPEG at the highest quality level, TGA, or PNG for screenshots, so big deal. This reeks of Activi$ion-Bli$$ard chemtrail paranoia. Guess what? Bobby Kotick already knows your IP address.

MilwaukeeMike said:

This reeks of Activi$ion-Bli$$ard chemtrail paranoia. Guess what? Bobby Kotick already knows your IP address.

Chemtrails aren't real?! What?

This whole 'they're watching us' campaign is so stupid, it's making TS look ridiculous. You guys are seriously embarassing yourselves.

2 people like this | Darkshadoe Darkshadoe said:

This reeks of Activi$ion-Bli$$ard chemtrail paranoia. Guess what? Bobby Kotick already knows your IP address.

Chemtrails aren't real?! What?

This whole 'they're watching us' campaign is so stupid, it's making TS look ridiculous. You guys are seriously embarassing yourselves.

Yea..Our browsers aren't tracking our information. Our webcams and cellphones can't be remotely accessed. People don't use our information to make money. Our governments don't actively monitor our web use to profile us. Companies don't collect our emails and other information to spam their products. None of that stuff happens.

Techspot..what were you thinking?? :P

Guest said:

"

Just another reason I'm glad I jumped off the WoW bandwagon a few years ago...

... and am now very much enjoying GW2"

You do realise guild wars 1 did this exact same thing, only they never hid it they made it public. I wouldn't be surprised if guild wars 2 did it as well.

1 person liked this | dennis777 dennis777 said:

So diablo3 and SC2 screenshot might have contain the same embedded data?

H3llion H3llion, TechSpot Paladin, said:

This reeks of Activi$ion-Bli$$ard chemtrail paranoia. Guess what? Bobby Kotick already knows your IP address.

Anyone can track your IP and the general location you live at if you are part of forums or register on a website. That is unless you are using Proxy Services / VPN.

complexxL9 complexxL9 said:

Most probably that data is used to track down and ban accounts which are posted on sale with screenshots, or for posting some exploits etc.

H3llion H3llion, TechSpot Paladin, said:

Most probably that data is used to track down and ban accounts which are posted on sale with screenshots, or for posting some exploits etc.

Posting exploits? Whaa What I gathered they take SS of your screen, the ingame screen not randomly taking screens of your monitor while not playing. Of course when you play with more then 1 monitor maybe the screenshot would contain a screen from the other monitors ...

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.