Excuse my ignorance in this field of security. I'm not sure if this is even appropriate for this section of the forum but just wondering really and not sure where to ask. Warden works on windows API as far as I've read. I know hoborbuddy doesn't work on Linux but via WINE you can run World of Warcraft. Does that mean Warden wouldn't be able to function correctly under Linux? Even so any spyware they pulse or detection methods they use I'm guessing would be void under Linux?
"WoW can be run under Wine on Linux. Warden currently detects whether it is running under Wine so it can modify its behavior slightly, though it remains fully functional" That is what I read when looking into the subject if you can believe wiki. In 2012 there was an article about Linux/wine getting people banned. They claimed to never used a bot. I mean all convicts are innocent right? ..
In Linux, barring some security flaw, it's impossible to scan processes from other users unless you have root privileges. Warden is a part of WoW. If you run WoW under wine, you als run Warden. The only solution here is to create a bot that runs under Linux. WINE (Wine Is Not an Emulator) ! Warden will never detect other applications that are running under Linux.
But all this, and we don't even know if it was the program that was detected or a way to detect the injection process, If it was the later I wouldn't matter.. because the end result would be same... a program injecting into wows memory.
But you dont need to read memory of other process to detect bot. That is reason why honorbuddy.exe can be in process list without problem.