MCPE-Craft » Articles » How hackers brought the most anarchic Minecraft server to its knees
[Votes: 1 / Average score: 5]

On the surface, Minecraft is all about fun and games. Here we admire the people who recreate the world of The Lord of the Rings, as well as the incredible visual tricks that can be created with just a little ingenuity. But the game has a much lesser-known (though often no less popular), darker side.

2B2T is one of the most popular “anarchic” servers of the game, where there are no rules, and the map is several terabytes in size and has not been reset at all since the distant 2010. The server, whose name stands for 2 Builders 2 Tools, was designed to be inhospitable and evil, so at times it was awarded the title of “worst” Minecraft server. Of course, gamers from the server did not support such statements.

In their view, 2B2T is an example of Minecraft’s incredibly broad appeal and ability to engage players in creativity: it’s a place with real history and action that defines the landscape. Thanks to the established 2B2T community and how the server has evolved over the years, it became part of the Videogames: Design / Play / Disrupt exhibition, which took place in the halls of the Victoria and Albert Museum in London.

But this story began in 2018, when two players discovered a vulnerability in the Paper plugin, which is designed to fix bugs and improve the performance of multiplayer Minecraft servers. The exploit essentially tricked the server into thinking they were clicking on all the blocks on the map – even those outside the rendering area.

As a result, the server was forced to instantly process thousands of chunks (the 16×16 blocks that make up Minecraft maps), resulting in a guaranteed crash. It would seem that this is just another fatal error that the PaperMC software developers will fix very quickly.

And “quickly” became the main problem.

Leijurv, one of the programmers who worked on NoCom (but since the beginning of 2020), wrote a large and detailed post in which he explained what exactly the group was able to do and why it worked.

According to Leijurv, the reason NoCom has gone undetected for so long “is because there really isn’t the ‘exploit’ or ‘backdoor’ that everyone has been imagining. In other words, the server is not ‘misbehaving’ or doing anything suspicious. This an absolutely expected and planned reaction, the code does not do anything secretly or secretly, in fact everything is much simpler.”

PaperMC, the creator of Paper, “fixed” the original exploit in a way that the hackers who later created NoCom expected. Now it was possible to click on blocks only in the area that was rendered by a specific player. This way, hackers could still click on blocks to learn about their contents – a common process in Minecraft.

At the same time, all attempts to interact with blocks located far outside the area where the “player” is actually located were blocked: that is, the ability to “click” on a block anywhere in this endless, generated world, and get information about it.

Why do you think this is so important? As soon as this exploit became available, the people behind NoCom began checking whether certain map chunks were loaded or unloaded. The first indicated the presence of other players in a particular area, and their locations were recorded and stored, indicating where bases or other useful locations were located. This ingenious NoCom exploit has upset and annoyed players on the server for the past three years, chosen by griefers as a target for harassment.

In 2020, NoCom activity began to reach its peak – there was more and more data, it was as accurate as possible, and therefore players increasingly succumbed to temptation. Countless bases were destroyed, untold wealth was looted, and the community was plunged into full-blown panic to the point where many refused to enter the game.

An active discussion began among the 2B2T community, with more and more people claiming that something strange was happening on the server. But the creators of NoCom launched an entire disinformation campaign on subreddits and Discord servers (using memes to hide the exploit and other gaslighting techniques), claiming that everyone who was worried was simply paranoid.

As NoCom gained momentum and its presence on the server could no longer be hidden, the creators of the exploit realized that the end was near. In June and July, NoCom was running at maximum capacity, trying to squeeze every last drop out of the available data before the server administrator finally managed to fix it by limiting the number of packets that accounts could send per server tick.

NoCom may have disappeared, but its shadow will linger over 2B2T for a long time. The extracted data is still available and will be accurate until communities and players move their bases: far from an easy or convenient process. Now most fantastic creations are banal hostages of luck. 2B2T continues to exist, but what happened is perhaps the most significant event in the history of the server.

Leave a Reply

Your email address will not be published.