Wargaming Mods contain Hacks and Exploits – and Wargaming allows it!

Another day, another epic fail in World of Tanks.

Ok, folks, you know all those THOUSANDS of fucking mods they’ve made for this shit game for years, some of which are illegal, that people have bitched about since day one?

Well, what if we told you that the reason your computer is fucked up, your game is laggy and you crash all the time and your account got stolen or hacked is because of the very mods you downloaded from Wargaming’s mod center?

Don’t think so? Well, you’re fucking WRONG! Because that’s exactly what causes it.

The beans were spilled completely by the guys over at Overclockers.ru.

Here’s how he brakes it down and full credit to him:


You probably are all aware that the mods for World Of Tanks are written in python, which allows the author to do pretty much anything with your computer that the author wants should you use it.

What’s more, with all the different distributors of mods, you can’t be sure that the particular distributor didn’t open a mod, add ddos ​​with trojans to it, repackage it and send it on to you.

World of Tanks from day one has had a small, limited cast of programmers that make the mods for the game. There are also, however, many distributors of these different mods that make “packs” and re-distribute them. So odds are good that depending on where you get the mod any number of people could have opened, modified, added hacks, ddos, trojans or anything else to it and then passed it on to you the unsuspecting end user.

What’s more, you make yourself powerless against them because you grant them permission to install them to your system when you download them.

Let’s take for example the mode “Sweepable Objects”, the author of which is the modder Stealthz. Stealthz is responsible for many cheat mods in World of Tanks.

In general, in almost all the mods from Stealthz, the DDoS and Trojan files are included. Support for domains, as well as assistance in writing codes, is carried out by PolarFox and Lelicopter modders, the creation of computer-deployed DDL wired in the trainer tundra from DrWeber, who does it as DrWeber or Makct.

Exhibit A:

Well, let’s start the mod. Here’s what we see:

Wargaming has never been able to secure the game, so the game is patched when you install the mod and a special key and third-party modules are downloaded to unlock the game’s privileges. You may be wondering what the highlighted IP address is. Well, this IP address belongs to the mods2all.com domain, the owner of which is the PolarFox mod writer, and by the way, the DrWeber tundra also sends and downloads questionable data to it.

As if that weren’t enough, next a specially written DDL (Trojan constructor) is loaded, which is installed on your computer for ddos ​​and the ability to steal your passwords.

The WotZone domain information is also recorded and sent to the PolarFox model. As the mod installed the trojan and connected to the Internet, a small Stealthz mod script executes and sends the competitor’s information to the moder’s website https://Delysid.ru.

And again, as if that’s not enough, if they want to cripple you and lock you out of a game, the mod can ddos you not only by domain but also by IP address. The above code allows you not to write 127.0.0.1 to the host file in order to access IP directly.

Note by Thing 1: Remember all the DDoS lockouts in clan wars a few years back? This is how it was done.

Now imagine what happens to the site if there are thousands of such computers and also imagine how many passwords of accounts all of the people who use these mods are stolen at will.

Mods from mods Stealthz, PolarFox, Pavel3333, Sae, Ekspoint are full of this stuff!

Here is a short list of files that trojanize computers:

icudtl.dat
snapshot_blob.bin
cef_browser_process.exe
cef_200_percent.pak
libegl.dll
libcef.dll
d3dcompiler_43.dll
cef_extensions.pak
dbghelp.dll
libglesv2.dll
ffmpegsumo.dll
cef_100_percent.pak
d3dcompiler_47.dll
cef.pak
natives_blob.bin

Here is a short list of sites from which these exploit scripts are downloaded to the game:

steal-chit.ru/advertise.html
wotsteel.ru/ad.html
itvonline.org/ad.html
wotzone.ru/caps.csi
wotzone.ru/static/libs
sae-mod.ru/advertise.html
wotzone.ru/ad.html
wotsimple.ru/ad.html
stealthz.ru/advertise.html
stealthz.net/advertise.html
pavel3333.ru/ad.html
lom666.beget.tech/g1.html

What can I say? This criminal group of programmers is probably going to jail for a long time if they are ever caught.

The bigger problem is that Wargaming can’t mention its inaction when this happens. I have very high hopes that Wargaming will respond to this, fix these mods and start making the game safer for people.

For python specialists, I am attaching proof of the criminal programming in this code. The mod is obfuscated and anyone who knows it will not open it, but a programmer with knowledge may do so, but even through hex and a debugger you can see what kind of crime it is: https://yadi.sk/d/uCj0HFDYiuI9Ig

After this article was published, the criminals reacted to it very quickly and removed all links from the sites as well as updated all the mods and also disconnected all Trojans for downloading or moved to other domains.

It turned out it tried to download a trojan to the game. On the screenshot above, it is clear that virus total cannot even determine the type of files that the attackers use to protect their hacks. You can also see that even more files are decrypted when they are launched. After the article was published, the experts might not have time to look at the files, spreading out what computers are being trojaned to learn from by anti-virus companies: yadi.sk/d/zLidC8QQ6363w

It is very sad that the company Wargaming allows this in their game!


And that’s it, folks!

Now, here’s where it gets even worse: You have all those other “mod packs” out there put together by every Tom, Dick and Harry on the fucking planet that have NO CLUE what is actually in these mods putting them all together and giving them to you.

Most of these illegal hack modders are in one mod or another in multiple packs in the official World of Tanks mod pack page RIGHT FUCKING NOW.

So all that glitchy play, all that lag, all that game crashing, all that “what the fuck happened to my account”, all that “I’ve been hacked” shit all comes from the mods, folks.

Not long ago, we were accused of hacking several people. I couldn’t for the life of me figure out how. I mean, we’ve done everything we can to eliminate people ever having to supply us with any fucking thing since day one.

Now we all know where it all came from. The mod packs.

And Warfailing allows it to go on unabated. What a crock of absolute shit, eh?

You may also like...

19 Responses

  1. Gomez_Adams says:

    Why am I not surprised?

  2. WolfAttack_1 says:

    This is my take on this ; I have zero sympathy for those bastards who use cheat mods. As far as the other “legal” mods, don’t load them.

  3. Thing 1 says:

    I agree whole-heartedly dude, but consider: Wargaming allowed mods that they don’t even know how to police. They couldn’t even tell us all with any clarity what was and wasn’t allowed. There were also differences on what was allowed from server to server. On top of it all they have no fucking clue what these mods are actually doing to people.

    This is really a shit load more on them than it is the people using them.

  4. Insurrectional_Leftist says:

    Truly a mind numbing experience at Wargaming. The Fail is so real it simply blows you away right out of your shoes across the room. I mean how can anything possibly good come out this much corruption, which rots so many layers deep. The entire game is one big Hack & Exploit. And, all those high stat players thinking their big shits in the game (What a joke). And Victor Kisyli, paying people off on those articles, and golden joystick awards; what a farce. Yes, the Fail is so real: War Failing, built on Exploits and Hacks.

  5. Gomez_Adams says:

    Wargaming hasn’t won a legitimate award since 2013.

  6. Zeedox says:

    This explains why there were warnings on cef_browser.

  7. Icon_Charlie says:

    Well guys. Did I not say years ago on how the lack of quality control there is in this game? I’m just glad that I don’t play much of this game anymore.

  8. WolfAttack_1 says:

    The game IS nothing more than “Hack & Exploit”. I would be curious to know how many of those forum trolls do it (90% my guess). What I want to know is who do YOU know that was banned for violating the “fair misuse” policy? They hide their so called ban wave ids via the “No Name and No Shame” mod. Therefore, they ban nobody or, they ban stagnant accounts. World of Cheating Trolls!

  9. Thing 1 says:

    To date, that they can prove, nobody has ever been permanently banned from World of Tanks.

    Other games like War Thunder, Eve Online, and more post the names of the banned accounts publicly. There’s no rule against doing so.

    Wargaming has always completely fucking made up this bullshit about legal troubles for revealing user names. It’s complete, total bullshit. It doesn’t exist. They do it for one simple reason: they never ban anybody for anything. They just tell the person to change their fucking name and keep a lower profile.

  10. WolfAttack_1 says:

    Here’s an interesting article by THE Jimquisition Himself.
    https://www.youtube.com/watch?v=7S-DGTBZU14

  11. Thing 1 says:

    He makes a good point, but god damnit! He could have summed that up in 5 fucking minutes. The guy just likes to hear himself speak, and for a fatass with a whiney voice, that’s not a good thing.

  12. WolfAttack_1 says:

    It’s already my belief that WGing RU has plans to scrap the game. They got their money out of this horrid pos, now they are running it for as long as they can profit from it, without improving a fking thing.
    The NA dumbasses continue to make matters worse with the increase need to input codes for missions (what shitbag thought this was a good idea?). “Bowtie” continues to look like a lost nerd at a Harley rally while doing the weekly videos (an absolute waste of internet space).
    Funny how Claus Kellerman can get away with this: https://www.youtube.com/watch?v=quD369GKcbU
    Maybe WGing realizes that any reaction to another CC would only result in a disaster similar to the SirFoch incident. Claus does a really good analysis of what is happening with the bullshit surrounding premium tank sales and the misleading info that WGing puts out. NA should just fold up and resign – they just suck.

  13. GettysburgAddress says:

    Every WarGimmick game is an RNG shit show. Play COOP and (1) track your stated fire rate in port VS your actual fire rate at end game and (2) track your max HE and AP shell damage compared to your actual damage per shell type.

    I guarantee both will be well below in port WarGimmick listed “average damage” or/and “fire chance.” Meanwhile bots with a port listed fire chance of ~ 8-10% will achieve actual fire rates of 80+ %.

  14. GettysburgAddress says:

    Oh yeah………did I mention I have a prepaid Credit Card that I only use for WG games only……. and three (3) times I have had fraudulent charges on it in the last 4 years. Two (2) of which are out of London (pasta maker and rice boiler/steamer) and one (1) out of Turkey (sandwich press/maker). ONLY WarGimmick has this CC number.

  15. Insurrectional_Leftist says:

    Yea, I watched the video Jimquisition above. I like those adjectives, and how he drops those descriptive terms sometimes however. The part where he was referring to the Devs and bad players in the industry by referring to them as,” Nasty parasitic bastards that know exactly what they are doing… those seedy, slimy bastards with their offshore tax havens !” lol 🙂

  16. Thing 1 says:

    I love it when I log in and everybody is posting the same shit. Shows we’re not the only ones thinking this shit and wondering if we’re losing our fucking minds.

  17. Zeedox says:

    “Bowtie” reminds me of a South Park version of Pee Wee Herman but much less funny.

  18. Thing 1 says:

    That’s it! HAHAHAHAHA!

  19. Insurrectional_Leftist says:

    @Zeedox, yea Bowtie, tries to pull of that “Ed Sullivan Show” effect, but it just doesn’t work! Only Ed Sullivan can do Ed Sullivan, unless you’re a good character actor or something. But, then again, Ed Sullivan didn’t wear a Bowtie either ! 😀 LOL

Leave a Reply

Log in with your Wargaming ID