Sombra ARG/Leads Guide

From Game Detectives Wiki
Jump to: navigation, search

Main Page > List of Investigations > Sombra ARG > Leads Guide

Sombra ARG Past & Present Leads

This page serves as a comprehensive guide for use in providing knowledge in order to minimize backtracking by those partaking in ongoing evaluation.

Please see if the clue you are thinking about has already been investigated before opening a conversation about it on the Discord or posting on the subreddit.


Clue Discovery Date Status Details Outcome
Tracer Trail 2016-08-02 Live A base-64 string was found 8 seconds into the summer games trailer. When decoded it reads "Salted__" followed by a string of characters. This is an indicator that it is a salted string, or a string where you need to remove or decode a smaller part of the string using separate means from the main encryption. Until the salt is treated, the encrypted string will only yield incoherent results.

There are ongoing attempts to brute force the string, based on the observation that the string is encrypted using OpenSSL salting, which follows a certain predictable pattern. The technical details can be found here: http://axxim.net/ow/gol-guesser/info.php . It is highly likely, due to the nature of ARGs in general, that the key for solving the salt, the key for solving the encrypted string, or both, are hidden somewhere else. The difficulty of brute forcing a cipher gets next to impossible when there is no way to confirm whether the attempt was successful or not(since confirmation requires additional decryption). There is possibly more information to be found in terms of key words or methods of encryption that can be used to confirm a successful attempt.

Compass Directions 2016-08-02 Confirmed Visible in the background of the Summer Games Video. Many attempts were made to apply these directions to other clues. determined that the directions corresponded with specific heroes positioned in the 9x9 grid from the same video (NW = top left, for instance). Used to create a passphrase to decode the Acheivements Code Vigenére cipher. The passphrase was the names of each of the heroes, in the order the directions appeared in the video.

There is some speculation that the code may have multiple uses.

Skycode / Skymap 2016-08-03 Cold On the developer livestream that happened on August 3rd, Jeff Kaplan and other members of the dev team were asked about the compass (video) (mirror):
"I'm being told to ask you guys about the compass.  Are you allowed to make any comments on that?"
"The compass."  "The compass?"  "The compass?  That sounds like deep CIA level stuff.  Way above our heads."

The phrase "above our heads" led solvers to look towards the sky. They found that on the Dorado map, looking directly up at the sky would reveal this image after some editing. Even more visible images are available here, the bottom two pictures have been "unwrapped" to be a square. This pattern was not visible in previous updates.

It is confirmed that the code in the sky is not a regular ShotCode, since a regular ShotCode can only contain 40 bits of data, and the code we are seeing in the sky is atleast 128 bytes big. It is also not an Annular Barcode since those need to have a startpoint, which ours does not.

It may also be that the image is impossible to decrypt due to some error with the original screenshot and image editing job(the bottom right corner looks incomplete).

Ongoing investigative focus on this may have triggered Blizzard's creation of the Dorado Datamosh, to put people back on track.

Flight Times Board 2016-08-03 Cold Players also took use of the developer quote of "Way above our heads." as possible hint to the flight board in Numbani. Many attempts to correlate it to usable data have been proven inconclusive.

One of the attempts was to try an ADFGVX cipher on the flight number prefixes, to try to see if any pertinent data was available. Nothing has been recovered from the cipher.

Another attempt was to map out all of the locations listed on the flight board, but nothing has come out of that yet.

Dorado Datamosh 2016-08-08 Confirmed A datamoshed photo was found on the playoverwatch.com media page. Based on the difference between the original photo and datamoshed version, the following text was found (English translation):
"Why are you looking at the sky? The answer isn't over your heads, it's behind you. Sometimes, you need to analyze your previous achievements."

Led to the discovery of the achievements code.

Achievements Code 2016-08-11 Confirmed Based on the hint yielded from the Dorado Datamosh, the playoverwatch.com achievement pages were investigated. Viewing the source of these pages revealed a commented section of text, including a new cipher. Led to the following message (English translation):
Damn, not bad. However, I'm getting bored. Let's try something new in the same direction. uczihriwgsxorxwunaarawryqhbrsfmeqrjjmu 5552E494
78T3 4VM9 OPL6
IS8208O913KRlrx

Decrypting the string of characters as a Vigenére cipher, using the passphrase from the compass directions clue, ultimately resulted in the discovery of the URL of the Volskaya Datamosh image.

Passphrase: tracertorbjornwinstonsymmetradvamercybastiongenjimccree

Volskaya Datamosh 2016-08-11 Confirmed It was found based on the up-side down "?" achievement found on players profile. Running through the supplied cipher text in the sourcecode which the compass and character names as the key (tracertorbjornwinstonsymmetradvamercybastiongenjimccree) yielded the image By taking the difference between the original and the datamoshed image, we got the ASCII Skull with some text:
Parece que te gustan estos jueguitos... por que no jugamos uno de verdad?

Translation:

"It seems you like these little games... Why don't we play a real one?"
ASCII Skull as code/cipher 2016-08-11 Live Various attempts have been made to find a useful strings of characters that may lead to a passphrase/message or similar for the tracer trail salted string, including:
  • Stripping out the characters from the string 'SOMBR@'
  • Removing all punctuation
  • Focusing on numbers, such as the seven instances of the '7' character
  • Considering patterns of characters as potential binary
  • Considering patterns of characters as potential morse code
So far the investigations have been inconclusive
ASCII Skull visual layout 2016-08-11 Live Attempts have been made to look for visual patterns in order to reveal certain characters that may feed into a further line of investigation.
  • Symmetry of the skull/how each side differs - attempts at overlapping/highlighting have been made.
  • Appearances of similar skulls in other Overwatch media (including vague similarities to Reaper iconography).
ASCII Skull as sugar skull 2016-08-11 Live The 'gaps' around the eyes of the skull are commonly thought to represent the design on a sugar skull (or 'calavera'). This further continues the American Spanish/Mexican theme, which is a key aspect of the Sombra character (supported by other Spanish clues and elements of the Dorado map).

Sugar skulls are primarily associated with the Mexican 'Dia de Los Muertos' or 'Day of the Dead', which may point to a relation to the Los Muertos gang from the Overwatch universe. This may be nothing more than background information on the character.

'Real Games' 2016-08-11 Live The message that came with the ASCII Skull considered as a clue.
 "It seems you like these little games... Why don't we play a real one?"

It has been speculated this referred to

  • a Gamescom reveal/clue
  • a traditional mexican game (sugar skull imagery)
  • Overwatch itself as a 'real game'
  • other 'real games' as passphrases/keys (possibly for tracer trail)
While nothing substantial has yet been found in relation to this message, it might very well be a significant clue. Any clear reference to "real games" could be a key word for the salted string encryption.
'Over our heads' 2016-08-03 Live see skycode/ skymap This phrase led many to look up and find the 'skycode' which then went cold as displayed on its section of this page. This phrase is still being classed as 'live' due to it seeming the phrase could be used for other uses as the skycode was dismissed.

There is still speculation that this phrase could mean nothing due to it simply being a response to a question asked in a live-stream, however, this phrase is till seen as a form of clue due to the large number of developers saying the same or a similar phrase.

CIA 2016-08-03 Live see skycode/ skymap The use of the phrase 'Deep CIA level stuff' in the response to a question about the 'compass' led a number of people to believe that there would be some link to the sombra ARG and something the CIA have done, a technique they use or that a reference to the CIA would have been hidden by blizzard in another place. Although many see this as a far reach due to desperation for a new lead, some believe that this phrase was purposely used to help them on their way to uncovering sombra
Summer Games Trailer Luke Warm Hidden clues and ciphers have been attempted found in the trailer found here: Multiple secondary investigations of the trailer have been attempted, including deciphering a light pattern in the background as 6 bit braille, analyzing a possible waveform, and looking for frame-by-frame differences between equivalent animations and versions of the trailer. Nothing coherent or significant has been found.
Overwatch and Blizzard Websites Luke Warm Attemps at finding new information hidden on the websites. The sites and their respective source codes have been searched for hints, with no results. An attempt to look for hidden subdomains has also yielded nothing. This image shows something appearing to be a binary sequence when manipulated, but this has also proved inconclusive.
Dev Video Cold This developer commentary video has been investigated for hidden messages or codes. Searching for hidden frames, comparing different versions of the video, looking for information in the captions, the color bars that show up at the end of the video, and even analyzing Jeff Kaplan's blinking patterns has yielded no results.
Sounds Cold This is a general collection of sound-related investigations:
  • Comparing the audio on the North American and European Trailers.
  • Ambience in the market and final checkpoint areas in the Dorado map.
  • There are playable bells all around the Dorado map. A sequence of tones played on these bells could have some effect.
None of the analyses have been successful.

The overwatch theme was played on the bells, but there was no apparent effect.

Gamescom 'Broken Screen' Cold A screen in the Blizzard display at the Gamescom trade fair in Germany was photographed as showing a static filled garbled output. This may have been a mere technical issue, but some think it may have something to do with the ARG (perhaps the 'real games' clue).
Hacking Spree Newspaper Cold After a few days without much action past a percentage, a newspaper was found within the PTR describing a "Global Hacking Spree" within the Overwatch universe.
Source Code From VolskyaIndustries.com If you go to VolskyaIndustries.com And View Source Code Then Click on assets/img/favicon.png then View Source Again and Scroll all the way to the bottom you find
   <?xpacket end="w"?>õo\� cHRMz%€ƒùÿ€éu0ê`:˜�o’_ÅF��IDATxÚì×;hTA�ÆñßF��µ�ƒ¯ �°°�µ1(jjEˆv‚�Å"�%¨QAƒÁ'(�$ñ¯ ئŒD‹H�4±��Á·DˆAMX›�†á†ÍÆ•möÀ�÷?‡9ߝùΙÙ\>ŸWΨRæ¨�¨�(»€\o}]+ê1‚\à�±�;"žÃ	<˜d®e¸9øièÉõÖ×-F�–Fƒ?`�ÎcyÄ?¡�ƒE&Ÿ�r¬ŠØG¬¯Â�ìÄpôr.öã�~D¼�íA}1q!Iþ�»0ð×�½!Y�›°�-	¯Ek�É�ÂjÆцîÔ„í¸Ÿ�<ˆ/èJx�¶N ùêðõqtãLV�äшˆMÅ9ÜÆˤz®�c�ÕèÀ̈½Æ>ŒŽW†_±�C�›�¶ç8¾G|^H0}œò¾‚•��	[ñ®P�xŠc	Û€58á‡“�s4b{ÂNáÑD�Ñ5ÜIØ¡P:]�|[ô¼.CèC\*¦�æq�Ï�?´á�^%ü2�avh63¢÷ƒaEF‹mşÞÅû^�¾8í��BâëX�ñá0ÇûÉž�}hNØÆP^­�|KÂŽ†�óO‡Q�n%¬�o�œ�wC©–ä4lB?ô<�gƒ�^dŒïǁ॒��ÂÞ¤?Ô�sub,�Û€o¥¾�ô��Ʊ9�2—¬Ö³ÿu!¹�Ü�ÇÂhžÎ�¿”üFÔŒ'aÙ?†ß��gTLá�QåIE@E@¹�ü�‰ vRGÆe%IEND®B`‚