On Line Gamers use Malware to Cheat!

On Line Gamers use Malware to cheat!

We usually think of malware as something used to steal data from Businesses or to affect websites in politically motivated attacks. But if you’re a gamer, sometimes it’s simply a tool for winning.

Threat researcher Tamás Boczán has been studying this trend, and recently gave a review of his findings and below we detail some of the salient points.

In one instance from Ghost Recon: Wildlands, he shows how the player can see things he shouldn’t. The Player/Cheat can see from the frames where the enemies are behind the walls, and some data about them, like what weapon they are holding. The enemies here are other players. Tamas said games are similar to malware in that their methods are exactly the same. The difference is in the purpose. Their economy is also similar. There are cheat groups and companies creating anti-cheat solutions, and there has been an arms race between them for 15 years.

He mapped out the sequence of events this way:

  • All this was originally about having fun.
  • Then the gaming industry grew.
  • The games went online.
  • People began to cheat for profit, just as hackers often do when targeting companies.
  • In response, an anti-cheating movement has sprouted up that mirrors security companies

Boczán told his audience that the oldest cheating method is file injection. He mapped out the process:

  • The cheater modifies game data or code in memory.
  • They access memory through DLL injection.
  • They find relevant structure and go to town.
  • The goal is either to override some part of game data or code in memory.

Nowadays both cheat and anti-cheat developers are focused on this method, he said. Anti-cheat solutions heavily obfuscate the memory contents and try to detect injections.

The Wild Cards

Spam and phishing are the wild cards in the world of game cheating. They don’t require technical skills, and they are the easiest way to steal accounts or advertise.

Spamming can happen on the chat in-game, where there are no anti-spam solutions, and attacks are not mitigated at all.