World of Warcraft secretly embeds user data in screenshotsBy Shawn Knight 15 comments
A new report suggests that Blizzard is secretly embedding unique watermarks into World of Warcraft screenshots taken using the in-game screenshot tool. The watermark reportedly contains the account ID, a timestamp of when the screenshot was captured and the IP address of the realm in which the player was in at that time.
The issue came to light recently when Slashdot member kgkoutzis noticed some strange artifacts showing up on screenshots taken using the WoW game client. Further investigation revealed a pattern of repeating marks and after three days of working on it, a group from OwnedCore was able to decipher the code. Furthermore, they discovered the patterns were present on all screenshots dating back to at least 2008.
All of this, according to a post on the forum, can be used by hackers to target specific spam or scam attacks. Blizzard likely uses the information to track down private WoW servers although their terms of service agreement doesn't mention anything about embedding data into screenshots. The publication feels that this is a violation of user privacy as the content, albeit undetected up to this point, is being shared publically with anyone that has access to screenshots taken by others.
Full instructions on how to check your screenshots can be found at OwnedCore but at least one reputable publication has been able to replicate the repeating patterns. It's worth pointing out that only screenshots captured with a quality of nine or less show the marks. When the user sets the screenshot to max quality, the markings disappear - perhaps because they would be too visible on high quality captures.