Fixed versions of these hacks often incorporate several standard quality-of-life updates that go beyond simple bug squashing:
An anonymous security researcher (who goes by the handle "MotobugSec") published a now-viral Twitter thread revealing that Duo Hack.com never actually "hacked" game servers. Instead, it exploited a man-in-the-middle vulnerability in older versions of Sonic Forces (pre-v4.2.1). The site would intercept a specific API call meant for the in-game shop and replace the "purchase" parameter with a false one. Duo Hack.com Sonic Fixed