Here is why I don't believe it's a DDOS attack.
" People who hate the game would just cease playing. You don't understand how much actual DDoS cost. I doubt someone will spend millions of dollars to sustain serious DDoS for months because he doesn't like the game. Maybe if they banned You-Know-Who like some non-smart people on reddit wanted. But he's playing and fine. Last edited by Hornsent#1110 on Jun 26, 2025, 8:58:44 AM
|
|
"Neither do you. |
|
" It could only be done from the game client, after the login. There is no way any server, more so game server, allows for "complex computations" without login. It's actually worse for web servers, since sites could be viewed by anyone without login and DDoS can target heavy pages. GGG use Cloduflare for that, though. Game servers should require login, no login means requests are rejected. And having to login means GGG could find those who cause trouble and ban them. Last edited by Hornsent#1110 on Jun 26, 2025, 9:05:48 AM
|
|
" You're completely wrong here. A DDoS attack doesn't require being logged in or even using the game client at all. Game servers don’t care if traffic is legit or not, they just receive massive floods of fake packets aimed directly at their IP, overwhelming bandwidth or server resources. This has nothing to do with complex computations or being authenticated. In fact, most DDoS attacks target the network layer or pre-login endpoints, and they're done through botnets or spoofed sources. Banning accounts does nothing when the attacker isn't even logged in to begin with. It's a network-level attack, not a game account issue. There’s really not much that can be done to prevent DDoS attacks entirely. At best, companies can mitigate the impact, but if stopping them was as easy as banning accounts or requiring logins, this wouldn't still be a problem for even the biggest studios today. Hobby Gamer and Professional Software Engineer & Systems Architect from Tennessee
“Two things are infinite: the universe and human stupidity; and I’m not sure about the universe“ - Albert Einstein |
|
" This kind of DDoS attack should be mitigated by services such as cloudflare. Also like some people noticed it's weird that the attack seems to just destroy current instances and then server works properly. If that was classic DDoS attack from a botnet, people wouldn't be able to play right after DC, they would be unable to connect for some minutes (since DDoS attack would not even allow packets to reach the server). Like the web server returns 502. It still feels for me as it's internal problem. Since right after crash the server often works perfectly. As if instances that caused load died. " You do realise that a network-level attack should't affect instances at all? Sure YOU lost connection to the server, but why is the map gone? If you enter the map, clear it and then physically disconnect your internet, you get booted, but you keep the loot. Last edited by Hornsent#1110 on Jun 26, 2025, 10:19:15 AM
|
|
"At the end of the day you know nothing about GGGs game servers and everything you say is nothing but pure speculation. For all we know GGG might not even be the main target and they're suffering from collaterals, caught in the crossfire if you will. This isn't unusual. |
|
" There's a lot to address here. first of all, a DDoS attack can last forever. There's no time limit beyond the heat death of the universe, or a solar flare roasting all electronics on earth or and a lot more likely, the person doing it keels over from a heart attack (and in fact that might not even stop it if it's a bot network). If the person doing it is in a country that has poor legislation against doing this, there's not much that can be done legally speaking even though it is in most countries, very illegal. Secondly, it is impossible to safeguard 100%. Any server connected to the internet is at risk of DDoS attacks. This has been a problem for about as long as online gaming has been a thing. Companies far richer and far bigger than GGG has been powerless to stop it in the past. Thirdly, When EU players all go to NA servers, it is not weird that NA servers get problems. A lot of players trying to join the same server at once, is close to what a DDoS attack is. When a server gets loads of packets at once, it can crash. This is why people do DDoS attacks, because it crashes servers. A server doesn't care if the packets and pinging is legit or fake, to the server it's all the same. In a way, EU players unintentionally DDoSed the NA servers. Also, companies are usually not open about DDoS/DoS attacks. In 2024 there were approximately 13 MILLION unique DDoS attacks registered by various cybersecurity agencies (StationX DDoS Statistics). In 2025 Q1 there were 20 million blocked DDoS attempts, that's a near 400% increase from 2024. Have you heard about any of those? Porbably not, so no companies are not open about it and they don't have to, they are victims of a crime. Should they be open about it? I would say yes, but it's entirely up to the company and it is NOT a red flag if they aren't. We also don't know, whether they told us when they found out or if it's been a problem for months and for whateer reason they are only just telling us now, we don't know. Finally, servers have problems for a whole host of reasons. just because PoE2 had problems and PoE1 has problems, does not mean it's the same problem. To users, server problems usually look the same regardless of what the problem is, that is the server is crashing or being slow. Personally, most PoE league launches have had degrees of server issues. This is a problem of expectations, both from GGG and the playerbase. They underestimate the traffic they'll see, consistently and i don't know if you can truelly estimate that correctly, and the playerbase treats GGG like they are made of money and resources. Again far bigger companies, with a lot more resources have had huge issues with DDoS attacks in the past, so logic dictates that GGG probably is not going to be better at mitigating DDoS attacks. |
|
" Peak was 170k player, did they underestimate that this many players would play poe 1? lmao, i don't think so.... |
|
" That's simply not correct A packet that doing bad request and gets 403 and a packet that triggers heavy calculations are very different. What you have said just means their servers aren't capable of serving legit players playing the game. Which is 100% GGG problem, since those players do not DDoS, they just play. Last edited by Hornsent#1110 on Jun 26, 2025, 12:10:34 PM
|
|
" EU servers and NA servers are not the same servers, if the population from one server suddenly moves to the other server, the other server might get problems. I also if you read what i wrote, did not say EU players DDoSed anyone. I did not say it's the same as a DDoS, to clarify because apparently that's what i have to do, in ESSENCE it's SIMILAR to what a DDoS attack does. Overloading a server. If this is not a problem, please explain the existence of server queues. All i want to know is what kind of magic machinery you work with that apparently cannot breakdown ever. I think you should share you secrets with the world and become a billionaire selling it to server providers. Solved the holy grail apparently. Last edited by CptBlackout#6588 on Jun 26, 2025, 1:54:31 PM
|
|
