A damaging batch of documents leaked from the Pentagon appears to have been initially shared on the video game chat platform Discord in an effort to win an argument about the war in Ukraine, according to open-source intelligence analysts.
The bizarre provenance of the leak may seem unusual but it is far from the first time that a dispute between gamers has sparked an intelligence breach, with the overlapping communities causing problems for military and gaming platforms alike.
The existence of the leaked cache was exposed as documents showing estimated casualties in the Bakhmut theatre of battle began circulating on public social networks last week.
Two versions of those documents, one of which had been crudely digitally altered to understate Russian casualties and overstate Ukrainian ones, were passed around among observers of the war. One, with the correct figures, stemmed from a leak to 4chan, the chaotic image board best known for birthing the “alt right” movement.
At the same time, a second set of documents, including the edited image, were being passed around pro-Russian Telegram channels.
Neither was the original source, however. Before they emerged on to the public internet, the documents had been shared on closed chatrooms hosted by Discord, a gamer-focused chat app. In one server, called “Minecraft Earth Map”, 10 of the documents were posted as early as 4 March, a month before they appeared on 4chan.
“After a brief spat with another person on the server about Minecraft Maps and the war in Ukraine, one of the Discord users replied: ‘Here, have some leaked documents’ – attaching 10 documents about Ukraine, some of which bore the ‘top secret’ markings,” said Aric Toler, an analyst at the investigative research group§ Bellingcat.
That user had, in turn, found them on another Discord server, run by and for fans of the Filipino YouTuber WowMao, where 30 documents had been posted three days earlier, with “dozens” of other unverified documents about Ukraine. However, even that did not appear to be the original source: a third Discord server, named “Thug Shaker Central”, among other titles, may have been where the documents were originally posted as early as mid-January.
“Posts and channel listings show that the server’s users were interested in video games, music, Orthodox Christianity, and fandom for the popular YouTuber ‘Oxide’,” Toler said, referencing the military-themed YouTube channel. “This server was not especially geopolitical in nature, although its users had a staunchly conservative stance on several issues, members told Bellingcat. Racial slurs and racist memes were shared widely.”
Although the scale and sensitivity of the leaks are significant, this is not the first time that an intelligence breach has been traced back to an argument about video games. One game in particular, the vehicular combat simulation War Thunder, has become notorious for the sheer quantity of leaks linked to it.
The game, which has a reputation for accuracy, has 70 million players worldwide, leading to regular disputes about balance and accuracy – as a result, users have made breaches in at least 10 separate cases since 2020, frequently through posting classified documents about the capability of active weaponry in an effort to argue for the digital version of the vehicle to be improved.
In October 2021, for instance, classified design details about the French Leclerc tank were posted to win an argument about turret rotation speed. In July 2021, a user claiming to be a tank commander in the British army posted documents about the armour structure of the vehicle to win an argument. In January this year, design documents covering at least five separate fighter jets were posted by four different users.
The game has become such a shorthand for intelligence failures that the military contractor Raytheon was forced to deny reports that it specifically asked about War Thunder as part of a security clearance process.
The developers of War Thunder have even had to enact specific policies against the sharing of classified material on their forums. Anton Yudintsev, the founder of Hungarian developer Gaijin Entertainment, warned users after one of the January incidents that posting such information wouldn’t help them win arguments with the development team. “We always delete posts containing classified or restricted information from our forum as soon as possible. We forbid our users to share documents like this on our platforms. We remind our users again and again that it’s both illegal and pointless, so they should never do that,” he said.
“We never use them in our work and that policy will never change. Development team does not even look at the contents of the documents, moderators just check if the information on the military vehicle or armament in question is still classified or not. If the answer is a yes, we delete everything ASAP.”
Intelligence agencies have been aware of the need to monitor gaming communities for some time. In 2013, the cache of documents leaked by NSA contractor Edward Snowden revealed that the agency was actively monitoring Xbox Live, the voice chat platform for Microsoft’s console, and had even deployed real-life agents into the virtual world of Azeroth, the setting of the World of Warcraft series.
One document, written in 2008 and titled Exploiting Terrorist Use of Games & Virtual Environments, warned that it was risky to leave gaming communities under-monitored, describing them as a “target-rich communications network”. The notes warned that so many different agencies were conducting operations inside gaming services that a “deconfliction” group was needed to prevent them spying on each other by accident.