Since the inception of video games, individuals have sought ways to cheat. Enthusiasts have historically focused on identifying game vulnerabilities to create cheats for sharing or sale. With the rise of online competitive gaming as a profession, this hobby has evolved into an industry selling unfair advantages.
Developing and selling game cheats can be a profitable enterprise, prompting video game developers to strengthen their anti-cheat teams. These teams aim to ban cheaters, neutralize the software they use, and target cheat developers. Many companies have started implementing kernel-level anti-cheat systems, which have high privileges in the operating system and can monitor all activities on the machine running the game.
A notable example of such a system is Vanguard, developed by Riot Games, which produces popular games like League of Legends and Valorant. Phillip Koskinas, Riot’s Director and Head of Anti-Cheat, states that Vanguard forces cheats to be visible. Thanks to these efforts, Riot Games bans thousands of cheaters on Valorant daily, reportedly reducing the percentage of competitive matches with cheaters to less than 1% globally.
Koskinas described various strategies used by Riot’s anti-cheat team, including leveraging Windows security features, fingerprinting cheaters’ hardware, infiltrating cheat communities, and psychological tactics to discredit cheaters. Vanguard utilizes security features like Trusted Platform Module and Secure Boot to prevent the system from booting if tampered with by malware or cheats.
Koskinas’s team spies on cheater communities, sometimes presenting as members themselves. They gather intelligence by sharing anti-cheat information to gain trust, allowing them to monitor cheat usage and ban all users involved.
Some developers sell premium cheats to a select few customers to avoid detection. Riot counteracts by publicly discrediting these developers and strategically allowing minor cheating to prevent spiraling advances in cheat development. Hardware fingerprinting helps hinder repeat offenders by making it challenging for them to reuse cheats.
Cheaters typically fall into two categories: those using easily detectable cheats for immediate satisfaction and those using sophisticated, harder-to-detect tools. Advanced cheats often involve external devices or DMA attacks, enabling cheaters to gain unfair advantages through techniques like wallhacks and aimbots.
Koskinas expressed concern about AI’s potential in developing more efficient cheating methods. Despite the privacy implications, Riot does not plan to abandon kernel-level anti-cheat technology due to its effectiveness against kernel exploits.
The company strives for transparency, engaging with the public and publishing insights into its anti-cheat efforts, asserting that players deserve to understand how the advanced anti-cheat system is utilized.
