Combating cheats is an ever-evolving arms race. The scope and complexity of cheat development grows every year along with the stakes in online gaming. The pressure is on for game studios to level up when it comes to detecting and preventing bad actors. I’m Michael “Perma” VanKuipers, and I used to be one of those bad actors; I spent over a decade developing cheats for various games and earned the ire of at least one large game studio in the process. These days I work on Riot’s Anti-Cheat team, helping secure League of Legends from scripts, bots, and exploits. In this article, I’m going to show you some of the details and strategies behind our latest anti-cheat initiative, including a technical overview of the steps we took to mitigate certain types of cheating.
I’ve been playing League of Legends for six years, and I may (I wasn’t sure) have seen cheating once or twice. Riot’s work seems to be paying off.
This has been going on for decades, obfuscation is a cat and mouse game. It will never end until one of the parties gets bored of playing the game. Just as the devs take steps to detect hacks, motivated hackers can take steps to impede detection.
I wonder if they attempt to detect virtualization? A target running under CPU virtualization can’t really stop debuggers on the host (or in the kernel) from reading/writing it’s memory.
For an extremely covert attack, a sophisticated hacker could run his code from ring 0, which is one of the ultimate hiding spots as it’s inaccessible even to the OS kernel.