didn't hack anyone as its complex for automation, i just tested with a friend for over an hour.
you just need to replace some of your session particulars with another person, and for a short time you'll be in control of the other party, then you get errors.

My suspicions are the same as Bashiok, this was well coordinated, and the guys targeted people from the start. Collected the passwords and details. Then they did the "hack at once.

here's the setup tho a very very simplified one.

2 pc in the same network. By network I mean me and mate using my router.
No opendns, No dns crypt, No authenticator used, firewall and my IPS turned off.
after trading and dropping items left and right for about half an hour and monitoring packets with tcpdump,
i just copied some token values from my friend to my packets (a certain open source scarab javascript packet interceptor i bet you know was used )

For a few seconds, i got him off his account. Then I got the i got kicked of battle net error.

what i can suspect is that my token and session weren't matching the ones on battlenet so i got kicked off, as the next few packets sent from me was using my original values, instead of the "malformed" packet.

Its doable but based on my setup its quite a below basic one, its still a long way for me.
Will try to pass u a dump with better values if i can get some sort of poc.

edit: wouldn't be surprised if chinese have pwned bnet