Blizzard’s Official Statement on Diablo 3 Auction House Duping


Blizzard has issued an official-sounding statement about the Diablo 3 Auction House Duping exploit and ongoing recovery process.

Hey everyone,

I’m John Hight, the production director for Diablo III. As most of you know, after the release of patch 1.0.8 a small number of players exploited a bug to duplicate gold. The bug has since been fixed, and the Auction Houses and gold trading are back online.

While the issue is resolved, we know a lot of players have questions about what happened and what we’re doing about it, so I wanted to take some time to discuss the details with you here.

So, What Happened?

Shortly after we released patch 1.0.8 in the Americas on Tuesday, players discovered a bug that allowed gold to be duplicated via the real-money Auction House. The bug was the result of a coding error that was exposed when we increased the gold stack size from 1 million to 10 million. This resulted in an overflow on cancelled auctions that yielded a greater amount of gold in return. Only a relatively small number of players had the billions of gold necessary to exploit the bug, and only 415 of those players chose to use this exploit for personal gain.

To all of you who reported this to us, thank you! As soon as we confirmed what was happening, we took the Auction Houses in the Americas offline and suspended gold trading in order to isolate the problem. From there, we were able to troubleshoot, develop a fix, test it, and deploy it to all regions before the day ended—also ensuring that patch 1.0.8 rolled out in other regions (without the bug) as scheduled. The Auction Houses remained offline and gold trades remained suspended until we completed a full audit of all transactions that occurred during this period. Once that was completed, we brought everything back online.

While this was happening, we locked accounts that appeared to be exploiting the bug as well as collaborators that held gold or items for the exploiters. Once we confirmed that an account was involved in this exploit, we either banned or rolled back the account depending on their activity.

What Does That Mean for Me?

Soon after the exploit was discovered, we contemplated doing a complete rollback, as was suggested by a number of players here in the forums.

The vast majority of players did not participate in the exploit and we didn’t like the idea of punishing them for the bad behavior of a few people. A rollback would mean bringing the servers down for a lengthy period and a loss of all progression since 1.0.8 was released. Many players made significant accomplishments in the game that required time and dedication, and we felt it was worth the work involved to try to preserve these efforts and go after the exploiters instead.

With this in mind, we elected not to roll back the servers in The Americas and are instead working to remove duplicated gold from the economy through targeted audits and account actions (as indicated above) without taking away progress that our players rightfully earned.

As of this this post, we have already recaptured more than 85% of the excess gold from the accounts involved, and over the days ahead we will continue to pore over our audit data to reclaim as much duplicate currency as possible. We’ve also done a full audit of our code to help make sure that something like this doesn’t happen again.

So, What’s Next?

Many people bought and sold items and gold on the Auction House on Tuesday. We’re making sure that all legitimate transactions go through. This means that if your account was not involved in the exploit, you will get to keep your items and gold, as well as any money you received from sales on the real-money Auction House. We’ll also be donating all proceeds from auctions conducted by the suspended or banned players—including all of THEIR sale proceeds that we intercepted as well as our transaction fee—to Children’s Miracle Network Hospitals.

Thank You!

On behalf of the development team, I just want to say thanks again to those of you who took the time to notify us about this situation, as well as apologize for any inconvenience this issue may have caused you personally. We highly value fair play, and we’re going to continue to monitor the game and take steps necessary to prevent exploits like this from happening in the future.

If you’re wondering, yes, this seems to be our introduction to the new boss. John Hight is a long time industry veteran, but a very new hire to Blizzard. His Moby Games bio page is impressive and lengthy, with his last title the “Director of Product Development, Sony Computer Entertainment of America.” His last game credit is Journey, in 2012.

Welcome to your new job, John. Hope you enjoyed the past week; emergencies resulting in massive fan outrage are kind of what the Diablo community does best.

Tagged As: | Categories: Auction House, Blizzard People, Diablo 3 Hacks

Comments

You're not logged in but can still post comments. Register or login to remember your details.
  1. **** that loser.

    …Actually, he seems like a decent guy. I just had to go and say that.

    • Flux should have checked the updated Linkedin page instead of Mobygames page which is old. If he didn’t try to hide the last the title the new director worked on.

      Here’s the last title he worked on.

      World of Warcraft, Mists of Pandaria (lead game producer) – 2012

      Not surprising… 🙂

  2. Bravo! Honestly I think they handled the whole thing pretty well. Nice touch donating the ill-gotten RM proceeds to a very worthy charity.

    • PR move
      nothing more
      Blizzard probably makes more in a day from WoW subscriptions than Blizzard donated to the charity

      • The money had to go somewhere. It went to an established and deserving charity that does good work. It doesn’t matter if it’s a PR move, it’s a good thing that will help people who desperately need it. You are an ass.

      • I can’t believe you just typed that.

  3. ” Only a relatively small number of players had the billions of gold necessary to exploit the bug, and only 415 of those players chose to use this exploit for personal gain.”

    What a Load of BS.

    I can name specifically around 12 people that I know and have played with personally who all have well over a few hundred billion in gold now and a couple trillionaires. A few of them even bought a shit load of items of the AH. Every single one of them are currently able to play and have lost none of their amassed wealth from duping…

    I suppose giving some exact number and pretending like the issue was solved is really the only thing they can do to squelch economy fears, but it’s a crock. A couple of these guys are going to make an insane amount of money off the RMAH with the new itemization patch.

    • Did they hire Baghdad Bob as a representative?

    • Right, so we’re to believe you, the guy with anecdotal evidence over the guy who has all the numbers at his fingertips. If you’d paid attention you would have seen that he said 85% of people had been audited, it’s an ongoing process, so yes, some people have not lost their gains yet. Regardless, you electronically signed an agreement with Blizzard that you would report exploiters, so if you can personally name ‘specifically around’ (*facepalm*) 12, go ahead and name them, gamertags and all. If you won’t because you don’t ‘rat on your friends’, then you also can’t complain about being disadvantaged, you’re as complicit as Blizzard.

      Look who’s dishonest now?

      • I’m not complaining at all about being disadvantaged. I stopped playing back in October and have logged maybe 10 hours of a3 inferno farming since.
        I don’t know where you got the idea that I am complaining about being disadvantaged, but I’ll chalk it up a simple failure with comprehension rather than simply calling you a moron.

        As for your simplistic dishonesty charge goes, I think your use of the Bnet TOS is kind of sad. Not only did I not read it since I only care to play the game and gladly skipped reading the TOS, but I would venture to estimate most players haven’t read it and could care less too. Lets suppose though that I did read it. Since I don’t log in to d3 and haven’t played for months I have no way of knowing their battletags or reporting them. Admittedly If i did login I still wouldn’t report them since not only are they friends, but blizzard seems mighty specific and confident about those 415. Who am I to argue against the mighty blizz with my “anecdotal evidence” that just so happens to be 12 people that all duped gold and have not been punished in anyway.

        Really you not only come off as a douche, but a pretty ignorant person. Take a little time to comprehend what you read before responding.

        • I apologise, I was under the impression that you took the time to write three paragraphs to call Blizzard’s bluff because you were upset at the way the situation was panning out, I had no idea it was because you like to appear clever and clued in on forums for games that you don’t play. Sarcasm aside, let’s not get personal here. I didn’t have to resort to calling you ‘moron’, ‘douche’ or ‘ignorant person’ to call you out, so let’s not let the insults fly where they’re not warranted.

          I have a few questions though. Why do you think that ‘gladly skipping’ the ToS entitles you to not be bound by them, in both a legal and moral sense? Why do you also think that because everyone does it, disregarding them is ok? Also, what is stopping you from logging on and fulfilling that agreement? And why must it be a case of going up against the ‘mighty blizz’ in an epic battle of anecdotal evidence vs statistics? On the topic of comprehension, my point was that you agreed to /co-operate/ with Blizzard in identifying exploiters, not show them up because they missed a few here or there. I’m sure they wouldn’t tell you to put it somewhere if you gave them the names (read: battletags) of your exploiter friends, they’d likely be thankful to you for playing your part as a conscientious consumer of their product. If you simply cannot be bothered logging in and looking at your friend list, then why bother coming to these forums to call BS?

          Finally, my use of ‘look who’s dishonest now?’ was an exercise of rhetoric, emphasising the irony of your statement ‘what a load of BS’ in consideration of the agreement you signed and thus consented to regardless of whether you read it. Such rhetoric is not to be interpreted as accusatory in a literal sense, to call you a dishonest person in general because of how you deal with a video game company in one circumstance would be ‘simplistic’.

          I’ll understand if you don’t respond. I wouldn’t spend time on a forum for a game that I thought was crap either.

          • O_O holy crap lol

            Not sure if really mad or aspie D3 fan. Either way this should be almost as good as the old Thrall days.

            *starts eating popcorn*

          • +1 gatsby. maybe blizzard made a good game, and it’s actually attitudes like chimpomon that “ruin” the game?

    • I did wonder how come you needed to have “billions” in order to exploit a bug involving selling somewhere between one and ten million.

  4. Guy sounds kind of dry/technical. Maybe that’s a good thing, a guy who’s better w/ hard numbers and data and less on “feeling.” A guy w/ enough math skills to realize why cramming too much DPS on percentage based affixes (main stats, crit chance and crit damage) was such a dumb idea.

  5. Cool after months of absence and non interest in DIII I decided to check if there is anything new, and indeed there is! (or not)

    I’m glad this faceplant is still good for a nice chuckle.

  6. Have they named a new game director?

    1. Wyatt Chang
    2. Lylirra
    3. this guy

  7. “We highly value fair play”

    “RMAH back online”

  8. To all (future) bug exploiters around the world:

    Exploit the bug! and help out Children’s Miracle Network Hospitals 🙂

  9. “We got 85% of it back.”

    Any idiot with even half a brain should immediately realize that they pulled this figure completely out of their ass. (Just like every other figure they site) Then once you realize that it should also then dawn on you that this was not a “small group of people”.

    The good news is that the damage caused by not getting all the gold back was going to happen eventually anyway so really all this did was simply move the timeline forward a bit.

    The AH has ALWAYS been circling the drain because it was a bad idea from the jump. Jay might only now be admitting that “it harms gameplay” but it’s also destined to fail because of the constant influx of bot gold, the ease at which players farm gold, and the lack of a viable gold sink. Well a gold sink other than players quitting which I honestly think has saved “the economy” for the time being.

    I like to think they resisted the idea and Kotick forced them to include the AH at gunpoint. Lets hope the design failure was on purpose and they plan to use it as a reason to open an AH free server with fixed drop rates.

    • I realize the point of your post is to complain about the AH which you obviously hate, but nothing in the Blue post is necessarily a lie or PR spin.

      Obviously we don’t know if the 85% figure is accurate, but it seems like Bliz should know exactly how much gold was duped by the bug. They must have records of everyone’s account balance, and they can easily see when some of them suddenly added a bunch of 2 trillion deposits on Tuesday morning.

      The hard part for Bliz is getting it all deleted, since those guys didn’t just let it sit in their accounts. They instantly bought hundreds of 2b items, gave gold to friends, etc. And those people spent some of the gold they got, etc. Thus spreading it more widely. Even with the AH and gold trading shut down fairly soon after the patch, there must be some lengthy chains of transactions for the bliz tech guys to unravel.

      • Yes very lengthy chains. It’s going to be insanely hard for their tech guys to undo all that damage if not impossible because it also changed the pricing of peoples normal items and commodities that day. I’m sure their were also people attempting to “smartly” exploit the game that day and conduct sales well under the “2beez” radar as well as laundering the gold in other clever ways that may be under their threshold of investigation.

        To say “we got 85% of it” implies that they know where 100% of it is located. I don’t believe they know that. I think they will nail all the 2beez guys and blatant exploiters and that’s about it. Like I said before though the total quantity of gold is always growing so I think this is really just moving the timeline forward and not that horrible of a thing if they don’t get all the gold which they won’t.

        After all is said and done I’d love to hear about how many bans occurred, how much gold was deleted, and how much charity money was donated to the Children’s Miracle Fund. If it was a small group of people posting that shouldn’t be a terribly big ordeal.

        • You have to be a real idiot or a computer noob to not realise that you can retrace EVERYTHING in a central controlled server system anytime.

          It is just a question of “push the button James” and let it roll.

          I am glad Blizz donated the extra money to charity. A pity it will not help your IQ.

          • If it was that easy it would have taken them a matter of hours to “push the button” and retrace/delete 100% of the extra gold. Clearly that didn’t happen because they conduct audits after a trace of the duped gold went to an account that may or may not have been a willing participant in the exploit. Maybe they conducted what they viewed as legitimate business that day as prices were skyrocketing and had no idea the gold they got was duped. That’s when it gets tricky but I’m sure you understand all that being so smart with computers.

            So you should probably email them and educate them on how to properly undo the damage by pressing buttons. I’m sure they would love to hear from someone with your superior intellect. I certainly enjoy reading your drivel in the comments it’s always worth a good laugh.

  10. “Only a relatively small number of players had the billions of gold necessary to exploit the bug”

    So the rich get richer , been like that since time began .

    Greedy bastards .

  11. I apologise, I was under the impression that you took the time to write three paragraphs to call Blizzard’s bluff because you were upset at the way the situation was panning out, I had no idea it was because you like to appear clever and clued in on forums for games that you don’t play. Sarcasm aside, let’s not get personal here. I didn’t have to resort to calling you ‘moron’, ‘douche’ or ‘ignorant person’ to call you out, so let’s not let the insults fly where they’re not warranted.

    I have a few questions though. Why do you think that ‘gladly skipping’ the ToS entitles you to not be bound by them, in both a legal and moral sense? Why do you also think that because everyone does it, disregarding them is ok? Also, what is stopping you from logging on and fulfilling that agreement? And why must it be a case of going up against the ‘mighty blizz’ in an epic battle of anecdotal evidence vs statistics? On the topic of comprehension, my point was that you agreed to /co-operate/ with Blizzard in identifying exploiters, not show them up because they missed a few here or there. I’m sure they wouldn’t tell you to put it somewhere if you gave them the names (read: battletags) of your exploiter friends, they’d likely be thankful to you for playing your part as a conscientious consumer of their product. If you simply cannot be bothered logging in and looking at your friend list, then why bother coming to these forums to call BS?

    Finally, my use of ‘look who’s dishonest now?’ was an exercise of rhetoric, emphasising the irony of your statement ‘what a load of BS’ in consideration of the agreement you signed and thus consented to regardless of whether you read it. Such rhetoric is not to be interpreted as accusatory in a literal sense, to call you a dishonest person in general because of how you deal with a video game company in one circumstance would be ‘simplistic’.

    I’ll understand if you don’t respond. I wouldn’t spend time on a forum for a game that I thought was crap either.

    • I’m sorry, but did Diablo already die? Oh, that’s right. The game isn’t even over yet. In fact, only 85% of the gold has been recovered. Does not having the other 15% of trillions count as a loss? Is that what you’re saying? Because if you’re saying that I can assure you that you’re wrong. Why would you make this post when the auction house is still up? Bobby Kotick are still playing right now and he has been richest in the US for how many fiscal quarters now? He’s against one of the worst games in history Aliens Colony Marine who just happen to have a lead in player base because they’re ‘avin a laugh. But you know what? They still suck. Deeablo is one of the best franchises in the history of gaming, it was 50/50 last month and would of won those gaming awards if the walking dead didn’t cheat. Maybe you should shut up before you make retarded posts like this. You know why? Because you’re going to be embarrassed when Bobby Kotick makes “2beez” off the RMAH. Oh look at that, I just bought a BoJanglers for 2beez, just like Jay did a few nights ago. Are you drunk? Are you autistic? You are an idiot and you should never make a post on this board again I’m serious. I almost have a feeling you’re the only guy making all these propaganda posts because you’re a hater who doesn’t know how to butterfly magic like Maghda because it’s good. Be good at something in YOUR life and then maybe try to troll these teams on the comments sections, like I give a ****. It’s so easy to spot out your posts now, you’re a retard. Always doing stupid **** like this. Why don’t you try to be a good poster? Just for once? For once in your life try not to make a post like this. That’s just you, you’re always right at getting it wrong. **** you. You are nothing.

  12. Most of the gold will still be in the game,. most of the items gotten from duped gold will still be in posession of players who directly or indirectly profited from this exploit.

    Nothing other than a rollback (and saying it would be lengthy is bullshit) could fix an issue like this.

Comments are closed.