Unveiling the underground world of Anti-Cheats
In a world where billion players spend money in games while playing, it was obvious that a parallel market had to come out of it. This not that new world is related to Cheats, Cheat and Anti-Cheat Developers fight in an endless holy war to see who will be the last standing defending champion. The reality is that none of them have found a way to actually win this war once for all, and they keep playing the cat and mouse game trying to make things harder for the other side.
During our research, we analyzed, tested and discovered multiple bypassing techniques against different current market Anti-Cheat technologies such as XignCode3, EasyAntiCheat and BattleEye, to understand and determine the current state of the art of Anti-Cheat software. We use a combination of static and dynamic techniques to document the different techniques to protect and unprotect gaming software. As a result, we put together a tool “AntiCheat-Testing-Framework” that contains a series of bypassing techniques to test them against current market Anti-Cheats software, this will allow attendees and researchers to understand the virtues and weaknesses of them.
This talk pretends to caught the attention from new people to experts on the field, starting with a state of the market and interesting cases around the cheating world, and finishing with a deep explanation of each analyzed technique and the results we obtained during the journey.
Joel Noguera joined the Immunity team in 2018 where he has performed different tasks such as exploit development, reverse engineering, security research and consulting. Before that Joel participated actively in Bug Bounty programs and CTF competitions. He has also taught trainings on web exploitation. Joel has over four years of experience within the information security field.