Hacking agar.io

If you remember from previous posts on here, I managed to successfully hack the popular agar.io game to remove the advertisements. I thought I would follow-up with some pertinent information about the company Miniclip who makes the game. Please read on, you’ll be glad you did.

Over the months since then, those posts on my site have been quite popular. They’re quite possibly the 3rd-highest content for organic search engine hits here on WordPress for my blog. At some point, I would guess that my posts became known by the game makers themselves at Miniclip who have actually invested time and effort to try to block me from their game.

The first level of pushback from them came when they tried to prevent me from entering my name 👁‍🗨⚙ in the interface by messing with the character kerning between both characters, making it look stupid, basically (something like this 👁‍🗨          ⚙). So of course, I just changed my name to ⚙👁‍🗨 instead and played on.

This worked for some time (a year?) After this and for some unremembered reason, I wanted to temporarily change my name. When I went to change it back, I found that Miniclip now blocked me from entering either character—they actively prevent the use of these two characters in the game simply for the purpose of spiting me!

So I changed my name and played on. But perhaps three days ago, my iPad was bricked. I actually had to stay on the phone with Apple support since it wouldn’t get past the initial registration screen. So I had to restore the iPad and then apply a previous backup. After all that things seemed to be back to normal.

And then I played the agar.io game and it bricked itself during game play. You guessed it: Miniclip has added this evil code to their game for taking out users they don’t like.

From the wiki page on Miniclip:

On 1 September 2005, the United States Computer Emergency Readiness Team issued an advisory concerning Miniclip:

The Retro64 / Miniclip CR64 Loader ActiveX control contains a buffer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute an arbitrary code on a vulnerable system…. Although the ActiveX control is no longer in use by either retro64.com or miniclip.com, any system that has used certain pages of these web sites in the past (prior to September, 2005) may be vulnerable.[7]

In 2006, several security firms reported that some Miniclip users had installed a “miniclipgameloader.dll” which contained the hostile code identified as “Trojan DownLoader 3069”.[8] In the same year, another download related to Miniclip installed “High Risk” malware called “Trojan-Downloader.CR64Loader”.[9]

So Miniclip already has a history of installing malware in their games for the purpose of hacking their users.

I would strongly suggest boycotting Miniclip and uninstalling any of their apps as a result of these findings. I will be reporting them to Apple iTunes as a result of this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s