Playing Dirty

Automating computer game play takes cheating to a new—and profitable—level

13 min read
Playing Dirty
Photo : Jeff Newton; DigItal IllustratIon: Sandbox Studio

Photo: Jeff Newton; Digital Illustration: Sandbox Studio

Richard Thurman is like a lot of 35-year-old guys. He's married. Has a couple kids. When he wants to blow off steam, he flops into his chair in front of his PC, and he fires up a computer game.

But Thurman is no ordinary player. In the weird and burgeoning virtual universe, he's a former outlaw. While earnest gaming geeks spend hours slaying dragons to earn booty playing Sony's EverQuest, Blizzard Entertainment's World of Warcraft, and other multiplayer online games, Thurman spent years using his coding chops to cut to the chase: rigging his computers to play games automatically and rake in gold. It took three months and 50 000 lines of code to pull off the feat. And it was all perfectly legal, at least in the real world.

In December 2003, however, when a person or persons unknown of the gaming underworld began threatening Thurman's real-world family, he unplugged his operation and took a programming job with a major corporation, which he'd prefer not to name. Now that he's out of his gaming business, he agreed to give IEEE Spectrum an inside look at his pioneering automated gold-farming system. The games today have changed, but the way a person profits from them remains very much the same.

Players and game makers despise the kind of hacking that was Thurman's specialty, because it makes their lives more difficult. That doesn't bother Thurman. ”I'm a metagamer,” he says. ”Game companies lay down their rules. Some play by them, and some don't.”

Thurman wasn't hacking for fun. In the new online economy, virtual cash, earned in games by killing a monster or performing a service, has real-world value, thanks to sites specializing in what are called real-money transactions (RMTs). People covet the jewel-encrusted super-sword in a game but can't spare the time to log the kind of hours they'd need to actually earn the virtual gold to buy it. So they obtain it the newfangled way: with their credit cards. In other words, they pay real money to buy virtual things.

Edward Castronova, an associate professor of telecommunications at Indiana University, in Bloomington, and author of Synthetic Worlds: The Business and Culture of Online Games (University of Chicago Press, 2005), puts the annual total market value for virtual assets between US $200 million and $1 billion. Although that may sound like small potatoes--the cellphone ringtone market is roughly $5 billion per year--the cheating is already wreaking havoc in the virtual worlds. In one episode a few years ago, cheaters unleashed fake currency into the world of EverQuest , one of the most popular online games, inflating its economy by 20 percent.

Gamers and game makers are feeling swindled. ”It's criminal, in the context of a virtual world,” says Scott Hartsman, senior producer and creative director of EverQuest II at Sony Computer Entertainment America, in Foster City, Calif. ”The entire reason societies have laws and mores is to protect people from getting hurt. By definition, people are getting hurt.”

There are odd and controversial real-world repercussions to the cheating. News accounts during the past year have described the rise of sweatshops in Asia, especially China, where low-paid workers play online games for 12 hours a day to amass virtual goods to be sold on the black market.

”This is evidence that there really isn't anything special about virtual worlds,” Castronova says. ”We've been reading about globalization of labor markets, about software engineers in India taking jobs, and this is just another example of that phenomenon. Americans will spend money for online goods; wage rates are lower in Shanghai. The Internet allows [these transactions] to happen. It's the globalization of the labor market.”

Isn't this unauthorized activity illegal? Aside from possible violation of local labor laws, the answer is no. No real-world laws cover online gaming, so the players and makers instead rely on their own terms of agreement, which users accept when they install games on their home computers. The agreements basically state that everyone will play by the rules--and allow the delicate balances of make-believe worlds to survive. But none of it is legally binding anywhere in the world.

Thurman was one of the first geeks to take breaking the rules of virtual worlds to a new level by engineering the automation of gold farming. Many others followed his lead. Although no one knows for sure how many gold farmers there are, Thurman guesses as many as a million worldwide. Their shadowy world has become big enough to have its own published manifesto: Gary McGraw and Greg Hoglund's Exploiting Online Games (Addison-Wesley, 2007).

Thurman has been part of it from the start. You might even say he helped establish it. A software specialist with a bachelor's degree in business information systems and a master's in computer science, both from the University of Phoenix, he spent three years applying himself to milking Ultima Online , then one of the most popular multiplayer games, for all he could. At his peak, he had a fleet of 30 computers automatically raking in game gold, earning him more than $25 000 per month.

Subverting video games isn't new. Geeks have been figuring out how to exploit game technology to their advantage for decades, giving themselves extra ”lives” in Pac-Man or switching into invincible ”God mode” in Doom . When massively multiplayer games such as Ultima Online , from Electronic Arts of Redwood City, Calif., and EverQuest came onto the scene during the last decade, the emergence of virtual economies raised the stakes. You weren't just competing for ego anymore; you were gaming for dollars.

Other factors helped attract hackers. For example, economies of scale. Online games are not just for nerds. The action is mainstream. Hordes of engineers, accountants, lawyers, and other wannabe knights and knaves do battle in EverQuest (dubbed ”EverCrack” for its addictiveness), World of Warcraft , and other games. Schoolchildren, college students, and GenXers are playing such online games as Halo 3 on the Xbox 360 or Madden NFL 2008 on the Playstation 3. Many graying gamers take to casual online games, such as bridge and chess. It doesn't take much more than a computer and an IP address to access your passion.

Thurman started playing Ultima Online as an undergraduate in 1997. He couldn't help but wonder if, through a few hacks, there was a way to make his game-playing experience better. After surfing around, he came upon software such as UOAssist and EasyUO. When run in conjunction with a game, those programs gave players advanced macros, which are keyboard shortcuts to speed up mundane tasks such as healing yourself after battle. He realized he was on to something.

Thurman left Phoenix in 1998, moved to Dallas, and began working full time as a support engineer for a large software company, which he also prefers not to name. He continued thinking about hacking Ultima Online , and he became aware of the growing real-world market for virtual gold. The problem was that he couldn't amass it fast enough to make a decent buck. But, he thought, if he could create an auto-playing robot, something that could basically play the game for him--then maybe he could cash in.

Drawing on his programming knowledge and with the help of DIY hacker sources online, such as, Thurman got to work. He started by shelling out $800 for a reverse-engineering software tool called IDA Pro from DataRescue of Liège, Belgium. IDA Pro lets users see the structure of a program's logic. Point it at a program, and it creates a flowchart of how the software works. Thurman directed the tool to the ”client” software he'd downloaded to his PC to let him to play Ultima Online . (The client software is what every player downloads in order to play.)

Basically, IDA Pro reverse-engineered Ultima Online 's inner workings. Not only did it let Thurman see the basic functions of the client software, it also let him see the specific memory addresses where the software stored key variables such as the player's location in the game world, an inventory of the player's possessions, and the status of the player's health.

That information led Thurman to write a chunk of C++ code that he inserted into the client software to allow it to communicate with Microsoft.Net, a development environment for Windows computers. In effect, the C++ code functioned as a kind of outlet to the servers running the game. With that done, he needed, essentially, to write a plug to stick into the outlet. He wrote that plug in Visual Basic. Once complete and installed in his machine, it could exchange information with the Ultima Online client in his computer and, through that client software, the Ultima Online servers at the Redwood City headquarters of Electronic Arts. In other words, he got access to the brains running the game.

Next, Thurman set up his bank of computers [see photos, GAMEBOTS]. He chose the cheapest off-the-shelf PCs available that had enough power to run Ultima Online , and he bought 30 of them. Each was equipped with an Intel Pentium 4 or a Celeron processor, a gigabyte of RAM, and a 20â''GB hard drive. He connected the bank of PCs to three monitors and a network of six cable modems, four routers, and a Toshiba tablet PC that he used to manage the whole operation.

Then he got down to business. The plan was that each of the 30 PCs would play the game individually, creating a character and then using that character to perform tasks that would earn gold. Thurman wrote software to randomly generate details about the characters--names, classes (fisherman, say, or fighter), and skills (such as magic or cooking), saving him the trouble of creating each character manually. He cloaked his identity by purchasing anonymous gift cards to set up accounts rather than paying for them with a personal credit card (the gift cards are no longer being sold).

Once his computers logged into a game, communication between them and the game server was fairly straightforward. For every action happening in the game that involved one of Thurman's 30 characters, the game server sent the details back to the relevant client computer, and vice versa. The details included the skills of a character, the status of its health, and the size of its bank account. Thurman eliminated the human element--cut out the middleman, you might say--by programming his computers to automatically respond to the incoming data from the game server.

The application performed the functions that a normal player would have to do with many repetitive keystrokes ( Ultima Online players use keyboards, not joysticks). One thing the program couldn't do was sniff out moneymaking opportunities, so Thurman did that himself. But once he identified an opportunity, he would quickly write code that told his characters what to do to capitalize.

For example, in Ultima Online , gamers can make money by cooking and selling chickens to tavern keepers. Thurman programmed his characters to buy raw birds from the butcher and then prepare the food. Ordinarily, a gamer can cook only one bird at a time, but Thurman automated the process so that his 30 PCs could cook as many as 500 birds at a time; he sold them in huge quantities to the taverns. In minutes, his bank of computers could rack up an amount of virtual money that it would take an individual player weeks to earn.

But wouldn't it be easy to spot a user who was cooking and selling, in minutes, enough chicken to feed an army? Absolutely. And that's where the real finesse of being a game hacker comes in. A big part of the tradecraft is simply managing to avoid getting busted by the company game masters, whose job it is to prowl for hackers. If they even suspect illicit activity, they look up the associated Internet Protocol address and can take action. ”They would mass-ban your accounts,” Thurman notes.

So he installed countermeasures. First, he got a separate account for each of the 30 computers. He had six cable modems, with five accounts tied to each one. He also paid his Internet service provider an extra $16 per month to get four IP addresses to use (most households have just one), and wrote software to instruct the modems to release one of those IP addresses every six hours and grab a new one to replace it. In a network with dynamically assigned IP addresses, any modem outage and reboot results in a new address assigned; Thurman effectively generated his own outages so that he could get new IP addresses. His constantly shifting array of IP addresses made it hard for the sleuths at Electronic Arts to notice the fantastic quantities of chicken he was selling, to say nothing of the ore he was mining, melting into ingots, and exchanging for game currency [see photos, MAP HACK].

But churning the IP addresses wasn't a foolproof countermeasure, he realized. Just in case his activity aroused suspicion, he rigged his bank of computers to alert him via text message or instant message to odd bursts of activity--for example, when a person from Electronic Arts was confronting one of his automated systems to see if it was, in fact, a real player or just a proxy.

That happened a few times, Thurman says, and they were close calls. One time he was traveling in Arizona when an instant message came through on his phone. The game server had sent a message to his client indicating that a game master, an employee or volunteer who, in the form of a game character, roves the game enforcing rules, was on screen. Game masters are identifiable by a special flag their avatars carry. ”GM Alert!” the message read. Thurman had set up the machines to automatically log out his other characters when that happened, just in case. But he left his one character online with the GM because it'd be too suspicious if he suddenly vanished.

Game masters try to verify that players are in front of their monitors, often by challenging them with questions that they presumably could answer only if they were sitting in front of the screen. But Thurman had anticipated such a challenge, and he had rigged his instant messaging system so that it could send crude but useful screen shots to his laptop computer. ”Are you there?” the GM asked. ”Yes,” Thurman replied. ”Prove it,” the GM replied. ”What color is my shirt?” No problem. ”Red,” Thurman typed after glancing at the screen shot. And the GM went on his way.

It took Thurman nearly two years, from February 2002 to December 2003, to perfect his system. The ”labor of love,” as he describes it, paid off. Soon he was making 45 000 units of gold per hour and, eventually, as much as 2 million units of gold every 15 minutes. All told, that translated into as much as $2400 per hour of real money: $80 per hour per character, and Thurman had up to 30 characters at his disposal. It was around then that he quit his day job as a software consultant.

With ”game gold” in hand, the next step is converting the virtual cash to real-world money. Dozens of companies are happy to help gamers do that. The biggest is Hong Kong–based IGE, which Thurman compares to Wal-Mart. The company employs more than 800 people in Seoul, Hong Kong, and Shanghai. Founder Brock Pierce said in a phone interview last year that the site brokers real-money transactions, taking a piece off the top as it connects sellers of virtual gold, earned legitimately, with buyers. He put the estimated annual earnings at $700 million. (IGE did not respond to requests for an update.)

But the secondary market is, to put it mildly, shadowy. It revolves to some extent around hackers who scoff at efforts by online game companies to fight against automated software. It also depends on hundreds of loosely organized gold farmers in China, who game for money around the clock and then cash out their winnings to online brokers. They may not be breaking any rules, technically, but they are sure violating the spirit of the games. In a sense, such people constitute a manual version of the automated software written by the likes of Thurman.

Documentary filmmaker Ge Jin has been chronicling the gold farms in China for a movie to be released next year. He says that while gold farming may be an oddity--if not anathema--in the West, it's more widely accepted abroad. ”The unemployment rate is soaring in China,” he says, ”so [hired gold farmers] are happy to have a job, which pays no less than other jobs available to them. The majority of them are game fans anyway; they are happy that they can be paid for playing games and can enjoy games that are expensive to subscribe to or even those not imported into China.”

According to a June report in The New York Times Magazine by Julian Dibbell, a typical gold farmer in China works 12-hour days for weeks on end, with only a few days of rest per month. The farmers work at long tables strewn with computer monitors and keyboards in small rooms crowded with dozens of people and thick with cigarette smoke. Dibbell estimated that 100 000 such workers are employed in what are called youxi gongzuoshi, or gaming workshops.

Unlike Thurman, the Chinese workers actually do go out into the ”worlds” and game. But they do so in teams--which gives them a distinct advantage in certain situations. For example, they can gang up on giant monsters whose slaughter will be rewarded with big piles of gold. ”Gold farmers attack high-level mothers,” Thurman says, a little enviously. ”They're not cooking birds.”

Patrick Bernard, 31, joined a worldwide gold-farming team after working as a product manager for a Silicon Valley dotâ''com (he declines to say which one). The gold-farming work quickly became tedious, he says. ”We just pooled monsters and killed them for dozens of hours,” he says. ”I could generate $1000 in gold per hour; my pay, at the time, was $15 per hour.” Bernard now works on the other side of the business, running Gamer's Loot, an online RMT service--one of the companies that convert game gold into real money and vice versa.

While there's no law against real-money transactions, game companies are understandably uncomfortable with the whole idea. ”We all admit that sort of thing is out there,” says David Swofford, spokesman for NCsoft of Seoul, maker of the online game Lineage. ”But it's not anything we endorse.

”It's a hazard of the business. What we're trying to do is have games create the best possible experience. If people are doing things in violation of rules…we don't want them in our game.”

Game companies and hardware manufacturers such as Intel are going after hackers with varying degrees of aggressiveness. Among the most intense is Sony. The company says that during the past few years it has booted out more than 20 000 players suspected of farming gold in EverQuest; Star Wars: Galaxies; Vanguard: Saga of Heroes; and other Sony online games. And the game companies don't take kindly to operations like IGE. ”They claim they don't have any employees doing farming,” Sony's Hartsman says, ”but they have thousands of contractors doing it. You push a button that says, ’I would like to sell a coin'; within 5 minutes you have people respond. And they're not asking where that coin came from.”

But here's a hint at how alluring, and maybe insidious, gold conversion is: for all its prosecutorial zeal, Sony itself has succumbed to the temptations of gold conversion. It now has its own service, called the Sony Exchange, which allows players to buy and sell virtual items online. Sony gets a cut, of course.

Real gamers are fed up. ”It's disconcerting to find out that the warrior decked out in purple epic bling bought all his kit on eBay,” complains Drew Shiel, webmaster of a World of Warcraft fan site called the Wizard of Duke Street ( ”Having someone come in and buy a high-level character makes a mockery of the effort that other people have put into their own characters.”

But as online gaming worlds become more realistic, there's little chance of getting rid of the perceived criminal element. If anything, the most gamers and companies can hope for is that the metagamers eventually do what Thurman did: grow up and log off.

After a couple of years of gaming for dollars, Thurman got tired of living on the edge. The clincher came when a competing gold farmer began sending him messages threatening him and his family. ”We thought he'd show up at our house and kill us,” Thurman says. Even the biggest sword in Ultima Online would not be able to protect him from that.

Click here for a story on The Oldest Profession

About the Author

Contributing Editor DAVID KUSHNER blogs for Spectrum Online at His latest book is Jonny Magic and the Card Shark Kids (Random House, 2005).

To Probe Further

To check out the largest online retailer of virtual items for games, go to

Julian Dibbell’s book on his adventures inside the ­virtual game economy, Play Money: How I Quit My Day Job and Made Millions Trading Virtual Loot, was just released as a paperback by Basic Books. Dibbell’s New York Times Magazine article, ”The Life of the Chinese Gold Farmer,” appeared in the 17 June 2007 issue.

This article is for IEEE members only. Join IEEE to access our full archive.

Join the world’s largest professional organization devoted to engineering and applied sciences and get access to all of Spectrum’s articles, podcasts, and special reports. Learn more →

If you're already an IEEE member, please sign in to continue reading.

Membership includes:

  • Get unlimited access to IEEE Spectrum content
  • Follow your favorite topics to create a personalized feed of IEEE Spectrum content
  • Save Spectrum articles to read later
  • Network with other technology professionals
  • Establish a professional profile
  • Create a group to share and collaborate on projects
  • Discover IEEE events and activities
  • Join and participate in discussions