Anatomy of cheating in computer games

Malware is something that is usually associated with malicious software used to steal proprietary data or hack websites in politically motivated online attacks. Sometimes, however, it can serve in achieving a slightly different goal. Researcher from SophosLabs - Tamas Boczan, studied how players use malware to win against other players.

Anatomy of fraud

The expert dealt with the subject of cheating online games because he saw how much he links them with malware used in online crimes. Codes used to cheat, change the game in real time. For example, in Ghost Recon: Wildlands, they allow the user to see things he should not see - where the opponents are or what weapons they have.

Similar code works in the case of cheating in the popular game GTA - the player can make a huge jump, and then become invisible.

Boczan claims that the cheats are similar to malware, because their methods of operation are exactly the same - they differ only in purpose. There are more and more groups of cheaters in online games, and companies are issuing more and more to create solutions to prevent their actions. The arms race between them has been going on for 15 years. The methods of both attack and defensive in the video game industry over the years have become more and more advanced. Compared to network security, this fight is delayed by about 5 years, but you can see significant similarities. It can be said that the security industry in games is the younger brother of network security.

The number of game frauds is growing rapidly, so the number of collateral offered by various companies has also increased. Both sides regularly raise the bar and use more and more technologically advanced solutions and employ people with ever greater skills. Hacking games is not as easy as it used to be. A few years ago, even a novice hacker could break the game script, now it's an advanced game requiring advanced skills. It may be amazing, therefore, that a person with such competences is wasting his time on hacking video games, but it is a surprisingly lucrative job.

Evolution of cheating tactics

The oldest method of cheating in the game is the injection of malicious software. The process is as follows:

  • Cheater modifies game data or code in memory.
  • Gets access to memory via DLL injection.
  • Finds the right structure.
  • Overwrites a part of game data or code in memory.

The second method involves the use of bots. It is used especially in those games in which automatic tasks are rewarded. Bots perform specific activities for the user and are online 24/7, and their advantage is that they can be used in a variety of tasks. Many hackers sell their services or cash them as botnet fragments.

The methods based on spam and phishing are also extremely dangerous in the gaming world. They do not require technical skills and are the easiest way to steal accounts or advertise. The following example illustrates how this attack might look like. The window on the left is a spambot advertising the website. On the right side we can see how the user masquerades as the game administrator, during a phishing attack:

Although game developers want to improve their tools, there are ways to better protect themselves from cheaters, which should be introduced to all users.

  • You should report any fraud - the manufacturer will probably check your application and ban the fraudster. Such a process, however, can take several weeks.
  • All rules for securing passwords and authentication have a special application in games. This especially applies to the use of complex passwords and double authentication.
  • You should report all thefts in games - usually the account can be recovered.

It should also be remembered that every application brings game manufacturers closer to protecting their products more effectively and ensuring the safety of users.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.