Watch out for Insta-Bans

[Torpedoes]

I decided to share my experience with Overwatch bans after seeing this post.

I got banned the day the game got released (May 24) for the usual "Unauthorized Cheat Programs" reason. Blizzard support did not unban my account and closed my ticket right after the first response with a general "Screw You" attitude. I want to stress the fact that I did not cheat during any of the games I played after the game got released. I did however, use a custom wallhack during the Open Beta.

At first I suspected that I got banned for cheating during the Open Beta but after seeing the post above I know it's probably because I injected a DLL. Here's what happened. Before the game got released, I wanted to update the offets for my hack, unfortunately I could not properly scan the memory because the game client kept crashing. I played the game a bit and then left. On the login screen I wrote several external applications to try and figure out what they were doing, I used cheat engine and other applications to scan certain regions of memory, but the client kept crashing. I also used API Monitor to monitor system calls.

Around 7:00 PM EST I decided to write a DLL which would scan the memory regions from within the game (as suggested by this post) but the client kept crashing anyways. About two hours later, my account was banned (I never actually logged in after I injected the DLL or conducted other tests). Until the post above, I could not confirm the reason but now I'm pretty sure it was because of the DLL injection. I used Remote DLL to inject my DLL (Probably dumb, but I was on the login screen so I didn't think it mattered) and I'm pretty sure I had the Battle.net app open at the time.

So the moral of the story... If you're gonna do anything funny, it's probably best to do it on another computer with no internet connection. Or a computer where you haven't logged in before. Probably a good idea to rotate your IP address as well before and after experimenting. Good luck everyone and stay safe.

A good timeline of events can be found in this thread.

EDIT: I got banned a second time, just now (May 28 - 10:20 PM EST). I had this account for maybe two days now but havn't actually done anything, I only played it normally on the same computer as before. I did change my IP address before logging in. So they're banning HWID or something along those lines. Sent a ticket to support, will update when I get a response.

[chancity]

Good info, thanks for the heads up.

[hexvoid268]

Using a white-list is not something I can see Blizzard doing. So how does it distinguish between legitimate injections from various overlay features such as GPU monitors and hacks? One easy way would be to see if the injection is in plain sight and is injected into every running application - would be a rather obvious way to go about it but pretty useless once discovered though.

[Torpedoes]

Well I got banned again, see original post for more info.

[WiNiFiX]

Oh well, 3rd time lucky Torpedoes :P

[Cecu]

Well I got banned again, see original post for more info.

I guess you had not reinstalled Overwatch and purged the WoW registry off the Blizzard records as well?

Since this is popular "hwid" identifying method by Blizzard since decades.

[Torpedoes]

Since this is popular "hwid" identifying method by Blizzard since decades.

I've never had HWID issues with Blizzard games.