How Riot Games is Fighting the War Against Video Game Hackers

Riot Games has reduced cheating in Valorant to under 1% of ranked games through its controversial kernel-level anti-cheat system Vanguard, according to the company's anti-cheat director Phillip Koskinas. The system enforces Windows security features like Trusted Platform Module and Secure Boot while preventing code execution in kernel memory.

Beyond technical measures, Riot deploys undercover operatives who have infiltrated cheat development communities for years. "We've even gone as far as giving anti-cheat information to establish credibility," Koskinas told TechCrunch, describing how they target even "premium" cheats costing thousands of dollars.

Riot faces increasingly sophisticated threats, including direct memory access attacks using specialized PCI Express hardware and screen reader cheats that use separate computers to analyze gameplay and control mouse movements. To combat repeat offenders, Vanguard fingerprints cheaters' hardware. Koskinas admits to deliberately slowing some enforcement: "To keep cheating dumb, we ban slower." The team also employs psychological warfare, publicly discrediting cheat developers and trolling known cheaters to undermine their credibility in gaming communities.

This sort of thing

[zeeky boogy doog]

Brings to my mind reading about incredibly elaborate schemes for academic cheating.

The sort that when I hear of I think, "JFC man, if you'd spend half that effort on just learning the material you'd get an A without being a cheating piece of shit."

Re:

[Anonymous Coward]

Most cheating schemes are born by laziness of the examiners.

I teach small classes, "tests" are small and parceled out evenly to require work throughout the semester, the final is oral.

Come on and cheat me.

Re:

[thegarbz]

People are cheating you. The the real laziness is the examiners who are too lazy to identify the students that are cheating. It doesn't matter what you do, someone is attempting and likely succeeding in cheating you. The only question is if you're good enough to identify it.

Re:

[DNS-and-BIND]

They're not playing the game they bought. They're playing a different game called "cheat and get away with it." To some people this is intoxicating. It's why people who are already rich commit white collar crimes or do things like stiff plumbers for a $300 job despite having millions in the bank.

Re:

[Luckyo]

This is an examiner and structure of the test issue. Examiners are lazy/desire efficiency, and want something easy to grade. So they reuse a lot of questions, and even whole tests.

Gaming cheating is the opposite. Every game is different so active effort must be made by both cheat creators and anti-cheat makers to adapt to each other constantly. Also pretty much everything relevant is remote only, so games effectively have to operate in uncontrollable hardware and software environment. Unlike tests, where yo

Police state methods

[simlox]

over a f.... video game???

Re:

[Mr. Dollar Ton]

But they can they sell the "tech" back to the state, which is potentially yuge, man.

Re:Police state methods

[thegarbz]

over a f.... video game???

You sound like the type of person who thinks that video games remain something you play on your Nintendo on your home TV, rather than something that has a ranked league, sponsored teams, contests with actual real world money to be made, etc.

You sound like the type of person who would dismiss the idea that trolls and idiots who cheat for the lulz are just kids being kids rather than a group who are actively making a a game less fun to play for others and by extension less popular and directly affecting the bottom line of the company who is producing it.

Cheating in some games has real world consequences. Notice there's no kernel level anti-cheat systems in single player games? What people do on their own system is their business. When they affect others, especially those with financial interests, expect the big guns to be brought out.

Re:

[evanh]

Video games are exactly home TV entertainment. You're an idiot company for offering money for those antics.

Re:Police state methods

[thegarbz]

Video games are exactly home TV entertainment. You're an idiot company for offering money for those antics.

And round balls are just to kick around in your garden. You're an idiot for paying to see someone do it, leagues are idiots for expecting people to want to watch it, teams are idiots to pay people to do it professionally. yadda. yadda. yadda. Have you ever watched the Superbowl? That is also home TV entertainment for most people.

The reality is that there are professional leagues in Valorant. The reality is your entertainment on a gaming platform is related to your experience, and cheaters ruin that experience. You can ignore all this and not play the game, but then please sit out discussions you don't understand about why people play cat and mouse games with cheaters.

Objectively there is money changing hands which elevates this to be more important than home TV entertainment, that you and I don't participate in this doesn't change this fundamental fact - there are profits to be defended.

Re:

[ThurstonMoore]

I get the impression you get beat a lot playing online games.

Re: Police state methods

[drinkypoo]

The majority of people do, only a few are at the top and even they don't always win.

Game cheaters are assholes. Single player fine, cheat as much as you want, pve whatever, pvp FU.

Re:

[SirSlud]

Next you can tell us how stupid sock hops are!

Re:

[e3m4n]

I imagine it eont be but a few more years before Fanduel betting starts cashing in on eSports.

Re:

[fafalone]

Kernel anticheats are the equivalent of strip searching and digitally probing body cavities to prevent cheating in a real world event. Even high stakes, big dollar events don't put players through that. You sound like the type of person who thinks such a measure would be justified. It's not. Regardless of real world financial consequences, there's a line for "too invasive to be ethically justified" as a routine measure applied to everyone.
And they don't do Olympic level doping tests where someone watches

Re:

[Entrope]

digitally probing body cavities to prevent cheating in a real world event.

Nobody tell chess grandmaster Hans Niemann [nypost.com]!

Re:

[WaffleMonster]

You sound like the type of person who thinks that video games remain something you play on your Nintendo on your home TV, rather than something that has a ranked league, sponsored teams, contests with actual real world money to be made, etc.

You sound like the type of person who would dismiss the idea that trolls and idiots who cheat for the lulz are just kids being kids rather than a group who are actively making a a game less fun to play for others and by extension less popular and directly affecting the bottom line of the company who is producing it.

Many of us don't want to play in a ranked league, get sponsorship for our team or make a single penny yet this impacts everyone regardless.

Ultimately this is a fools errand attempting to solve governance problems which the tech industry is comically bad at with technology in ways that are never going to work. Guaranteed in a year or two cheaters will be having AI play for them completely OOB of the PC... then what?

Will there be encrypted tamper proof mice and keyboards required to play in the future? Will

Re:

[Cajun Hell]

Notice there's no kernel level anti-cheat systems in single player games?

Not anymore that I know of, but shit like that [wikipedia.org] has happened. If people stop being wary, it could happen again.

Re:

[darkain]

Online multiplayer video games are the bleeding edge of security technology. I can almost certainly bet that World of Warcraft had 2FA a solid 5-10 years before your bank did.

Re:

[gl4ss]

Wow came out like a decade after my bank at the time had 2fa.

Sure at first it was over telnet and phone lines so it wasn't terribly secure at first..

Re:

[misnohmer]

Yea, if that video game sales provide for employees, investors, etc, then yea, they will spend money to stamp out cheating as not to detract your honest customers. No different than paying for security for a warehouse storing toys, or people locking their home doors so that thieves don't steal their TV's (or even video consoles).

Bullshit. This is just malware propaganda

[Shadow of Eternity]

Kernel level anticheat is inherently insecure and inherently dangerous. It is by definition malware in and of itself, and is a growing vector for other malware to spread to systems infected with it. They're lying about something nobody can disprove to try and normalize the idea of giving some of the most incompetent, untrustworthy, and malicious corporations out there kernel level access to people's computers just to run a video game. It's the same as why they go out of their way to sing the praises of malicious hardware level DRM.

Mods? Private servers? Playing your game when you want where you want and not only when and where your corporate overlord's servers say you can? It's all going the way of the dodo.

You will own nothing and be happy.

Re:

[gl4ss]

Yes inherently its just running on the customers computer anyway, so they don't actually have control.

Not sending other players locations when not necessary etc would be cooler.

And you can cheat by off-device means anyway, you can do an aimbot that doesn't run any code on the computer now.

Network lag and game world prediction

[DrYak]

Not sending other players locations when not necessary etc would be cooler.

The extremely hard part is predicting when it would suddenly become necessary.

Networked games have inherent lag that is compensated and cheated around:

What you see on your own screen is supposed to be "the now", but is based around informations that was sent to you be the server a few ticks ago, and its own view of the world is based on pings that your adversaries sent a few fractions of blinks before. You screen is based on slightly outdated information.

The art of good network game code is hiding these inc

Re:

[Aighearach]

I don't install the stuff on my computers, so it could be presumed I'd agree with you, but instead of making a rational argument you loaded it down with dishonest hyperbole where you apply a pejorative label, and then use that to imply the software does something different than what they say.

Hardware DRM exists all over the place. It's stupid and I avoid it, but that doesn't make it "malicious."

Surely the stuff that you mention as "going the way of the dodo" died, or is dying, also because of prevalent chea

Turn based

[DrYak]

And chess, which is competitive but where the types of cheating that work can also be detected server-side by post-game analysis.

Also chess is turn based.

So it's not afflicted by the need to balance between the server sending enough information to compensate for network lag in a fluid manner versus sending too much information and the players being able to infere information about their adversary that wouldn't be able just from the screen informations, as real-time action games are.

Chess is, as your mention, entirely based around secretly augmenting the decision making process of a player, which is indeed an entirely different can of

Re:

[ThurstonMoore]

Best comment here.

alternative?

[VirtuallyUnlimited]

Why not just lump all the known or suspected cheaters in with each other? If you have the tech to identify them, just push them into a lobby with others. Kind of like an unlimited class where you can do whatever you want, but you don't get to mess with the stock folks.

Gaming System

[bobbutts]

If you play competitive multi-player games and care about security it makes sense to have a system dedicated to gaming. These types of anti-cheat measures aren't appropriate for a secure general purpose system.

Hope these pointless endeavours were worth it

[WaffleMonster]

Really sad you can't even pay for a game and just play for fun anymore. Between the endless data exfiltration and games that demand the installation of kernel malware I've stopped caring about games altogether.

Get the impression half of them wouldn't even let me play anyway between scanning systems for debuggers and vm software to demanding nonstarters like TPM. Won't be long until people start rigging up AI bots to play for them. I hope the industry enjoys its fools errand while it lasts.

TPM and secure boot are because of VBS

[Pinky's Brain]

They started to demand TPM because they can't look into the Hypervisor which runs with Virtualization Based Security (which runs parts of Windows Hello). They need to trust it and for that they need attestation it's straight from Microsoft.

Before they had virtualisation detection and had full view of the kernel, so secure boot wasn't so essential.

who owns my computer

[bferrell]

I paid a handsome sum for it, but somehow everyone else seems to thing they can demand a fee for me to use it and take control of it