Hackers of India

BYPASSING ANTI-CHEATS & HACKING COMPETITIVE GAMES

By  Rohan Aggarwal  on 20 Apr 2023 @ Hitb Sec Conf


Presentation Material

Abstract

With the increasing popularity of games having a competitive element, cheats have become a common method for hackers to gain an advantage. These cheats could range from a sniper bullet that felt just a little too accurate to a player teleporting across the map, and chances are that you must have been outsmarted by some sort of cheat code. Some of the most common methods include Aimbot, Wallhack, SpeedHack, DropHack, etc.

Game developers like Fortnite, Valorant, and Apex Legends constantly face the pressure to prevent hackers from cheating. The result? Probably spending millions of dollars on Security and Anti-cheats, but still outsmarted by hackers. Due to the limited supply of skilled hackers and a huge demand, Game Cheat development has grown to be now a multi-million-dollar industry. It’s very challenging for hackers to keep coming up with new bypasses as Anti-Cheats are improving daily and are extremely invasive, making it harder for cheats to stay undetected.

In this talk, we will share the current state of Cheats and Anti Cheat mechanisms. This talk is an outcome of our research that lasted several months, analyzing various anti-cheat leaders in the markets and us discovering multiple bypassing techniques. The talk will also dive deep into the history of anti-cheats, how they actually work, and several techniques hackers are using to bypass them.

During our research, we also developed a kernel-mode and External Hardware cheat for some top twitch streaming games and will be showcasing it. The session will end with the release of a basic kernel-mode driver and an External Hardware cheat that can be used as a learning resource for bypassing different anti-cheats in the market. The adage, ‘cheaters never win’ may be moralistic but cheaters very often win in the competitive games, join us to see how hackers have been hacking against anti-cheat mechanisms.

AI Generated Summarymay contain errors

Here is a summarized version of the content:

The speaker is discussing how to create a pixel bot, , a type of cheat used in online games that uses Arduino and serial communication to automate mouse movements. They mention that Vanguard, not only monitors serial ports but also has signatures for public cheats, . However, by encoding or adding prefixes to X and Y coordinates, the signature can be changed to evade detection.

The speaker also discusses spoofing the Arduino board by changing its name, vendor ID, and product ID to make it appear as a different device. They share two videos demonstrating the pixel bot in action, with one video showing the setup and the other video showing the automated aiming feature.

To counter these pixel bots, game developers like Valerian can remove enemy outlines , making it harder for the bots to detect enemies. However, AI-powered bots using YOLO (You Only Look Once) technology can still detect enemies even without outlines.

The speaker also shares resources for learning more about kernel-level drivers and Arduino projects, including Guided Hacking, Unknown Cheats, and a YouTube channel focused on kernel-level drivers.

During the Q&A session, an audience member asks if using a secondary PC with a stream link to control the Arduino can help avoid detection. The speaker confirms that this is possible and has been done before. Another audience member asks about loading unsigned kernel drivers on Windows, and the speaker explains that it’s possible by exploiting signed drivers.