Since the dawn of time, gamers have tried to hack and cheat in video games. It began with the early 80’s and 90’s games, then players ‘hacked’ Config files to give themselves infinite resources or apply ‘God mode’ cheats for endless ammo/health/whatever.
Generally speaking, the early cheats were harmless, games were ‘single player’ and the cheat only affected the player that used them, if that player enjoyed a hacked game -– more power to them!
This all changed when games became online, now gamers had the option of playing against other gamers via the internet. Players could either play together against the game or against other players (PvP – Player vs Player or PvE – Player vs Environment). As this change happened, cheaters began to affect the game experience for other players which were not cheating, and not in a good way.
Gamers play for two main reasons:
- Immersion
- Showing off & honing skills
Cheating takes away both of these experiences in a game. Nothing else kills a game for gamers faster. A game can be buggy, a game can have various flaws and gamers will still play and love it. But cheating takes a game they love and turns it into a game they hate. Good examples are Modern warfare 3, GTA Online and Call of duty: Warzone pacific, among many others.
With the rise of online gaming, gamers began to suffer from a surge of cheaters, demolishing the game experience for gamers and killing the game in the process. A cheater saturated game is a game players do not want to play.
Here are some statistics from the 2021 Unity report about online gaming toxicity:
- 61% of gamers agree that first person shooters are the most cheated games
- 67% of gamers will stop playing if they notice toxic behavior from another player
- 68% of gamers personally experienced toxic behavior directed at them
- 75% of gamers agree that toxicity is a problem across gaming platforms
- 92% of gamers think solutions should be implemented and enforced to reduce toxic behavior
To combat this new “online cheating” phenomena, anti-cheat companies started to emerge, this included companies such as Punk buster, Battleye, Easy and others. These companies figured out that cheaters are able to hack the game in two main ways:
- Change the game’s binary (the actual code in the file) and give the cheater an unfair advantage.
- Read from and write to the memory space the game uses, thus injecting manipulated data to the game or reading hidden data from it, such as enemy positions.
The solution anti-cheat companies offered was twofold as well:
- Digitally sign game files in such a way that detects any alteration of the file.
- Monitor processes that read from and write to the game’s memory, if a process is not authorized, the computer the game resides on is marked as compromised.
However, there is an inherited flaw with the approach traditional anti-cheat companies are trying to fight cheaters; The game is installed on the cheater’s computer, thus the anti-cheat that should protect that game also resides on the cheater’s computer, well guess what, the cheater controls every aspect of the anti-cheat process because they control the operating system in which the anti-cheat software runs on.
There is a saying: Never trust the client machine, it is always & forever compromised!
This opened up a never ending arms race between the cheaters and the anti-cheats; cheaters are finding new ways to fool the anti-cheat, and in turn, the anti-cheat tries to close those holes when they are found. In this never ending cat and mouse fight, there are clear winners – the cheaters, and they are multiplying at an alarming rate, annihilating great games in the process. Look at the numbers:
- Fortnite – 25M known cheaters
- Overwatch – 9M known cheaters
- Warzone – 4M known cheaters
In the last and recent iteration, cheaters used ‘kernel mode’ access (deep operating system permissions that touch the most sensitive processes in the OS, such as memory allocation) to fool the game and it’s anti cheat in thinking that the cheat is a legitimate OS process that needs access to the game’s memory. To combat this, anti-cheats mandated that they have kernel access as well – so now most games have ‘kernel mode’ permissions, meaning if someone hacks your game, they have full control over your PC ☺
Sadly, that’s not the end of the bad news; Around early-2021, rumors began to circulate about a new artificial intelligence (AKA AI) cheat. Unlike other cheats, this cheat did not change the game’s files or memory, it used AI algorithms to play for the cheater, doing a much better job at it and making it totally undetectable by anti-cheats. The way this new AI-cheat works is by capturing the game’s images (frames) directly from the cheater’s graphic card, then uses computer vision algorithms to analyze the images in real time to detect in-game enemy silhouettes. Once an enemy is detected, the cheat takes over the I/O (mouse and keyboard signals) and manipulates the cheater’s character by moving the cursor over the detected enemy and shooting with remarkable precision.
In essence, cheat companies created Terminator’s Skynet and it’s kicking the ass of every major studio that owns a first person shooter (AKA FPS). Studios are in a state of panic and are utilizing every means at their disposal to scrub all related cheat files from the internet, with little to no luck.
The gaming industry is a $200B industry; Fortnite, Call of duty and battlefield franchises alone are worth ~$80B. Online betting is a big deal, involving huge amounts of money and is ever growing; to give a sense of scale, Esports are filling 150K stadiums and are bigger than Hollywood and the music industry combined.
Pro league players were caught using AI Aim-bot cheats in major competitive games, major influencing game streamers were also caught using similar cheats. They were all caught due to different mistakes they made, exposing incrementing evidence, totally random. Most abusers are never caught.
Keep in mind, cheating is legal and currently there are multiple (legitimate) companies that are developing AI Aim cheats, among others.
In 2018 Valve announced an AI, server side anti cheat solution, named VAC-net (Valve anti cheat). It detected 95% of cheaters but took four minutes of compute time to analyze a two minute match, becoming unscalable. Until this day, valve is heavily struggling with compute efficiency and only fits one game – Counter Strike and its mods.
OK, so now what? Well now we need a new approach, similar to the one next gen cheats are taking. We need to leverage AI to fight AI, in essence, creating Arnold from Terminator 2, but this time, Arnold needs to kick Melting metal’s ass when they first meet! Stop cheating – Getgud!
