Unveiling the Underground World of Anti-Cheats

Presented at Black Hat Europe 2019, Dec. 5, 2019, 10:45 a.m. (50 minutes).

In a world where billion players spend money in games while playing, it was obvious that a parallel market had to come out of it. In this not that new world is related to Cheats, Cheat and Anti-Cheat Developers fight in an endless holy war to see who will be the last standing defending champion. The reality is that none of them have found a way to actually win this war once for all, and they keep playing the cat and mouse game trying to make things harder for the other side.

During our research, we analyzed, tested and discovered multiple bypassing techniques against different current market Anti-Cheat technologies such as XignCode3, EasyAntiCheat and BattleEye, to understand and determine the current state of the art of Anti-Cheat software. We use a combination of static and dynamic techniques to document the different techniques to protect and unprotect gaming software. As a result, we put together a tool "AntiCheat-Testing-Framework" that contains a series of bypassing techniques to test them against current market Anti-Cheats software, this will allow attendees and researchers to understand the virtues and weaknesses of them.

This talk pretends to catch everyone's attention from new people to experts on the field, starting with a state of the market and interesting cases around the cheating world, and finishing with a deep explanation of each analyzed technique and the results we obtained during the journey.


Presenters:

  • Joel Noguera - Security Consultant, Immunity Inc.
    <p class="p1"><span class="s1" style="font-size: 10pt;" data-mce-style="font-size: 10pt;">Joel Noguera joined the Immunity team in 2018 where he has performed different tasks such as exploit development, reverse engineering, security research and consulting. Prior to joining Immunity, Joel actively participated in Bug Bounty programs, reaching top 50 in famous platforms, and in multiple CTF competitions since he was a teenager. He has also taught multiple trainings around the world, including Web Exploitation the last two years at InfiltrateCon. He has more than four years of experience within the information security field. Joel has presented recently at Recon 2019.</span></p>

Links:

Similar Presentations: