How Hackers Bypass Kernel Anti Cheat

Check out 365Games here! ✅ win.365games.net/Ryscu

"do you trust the developer of the game you're playing?" the entire league community: no but its not gonna stop us

You know normally I hate kernal level anti-cheat, but maybe I should thank Vanguard for making me quit my 8 year league addiction...

DMA users have been caught only because they all used the same driver for their DMA cards. In order to hide the DMA card, it pretends to be a network card, but Vanguard just banned every user that used that one network card. Those who used different drivers (not many) for their DMA didn't get banned. Edit: Yes that means legit users of that network card did get banned. But when was the last time Riot cared.

Allat just for most games to still be full of hackers Vanguard classifies people trying to play on Linux as hackers more often than it does actual hackers, basically because Linux doesn't just let people start writing shit to the kernel because that's stupid Also, having Vanguard boot up on startup, you know that kinda sounds like a virus

Bros videos are an artform now

Honestly with how many more people make cheats vs employees making anticheat, i dont think it will ever be possible to make an uninvasive anticheat that has no workaround, one of my favourite bits of real life lore was when ubisoft (i think it was them at least) put new anti piracy measures in and the guy who cracked it left a note file in his pirated version of the game saying something like "good job with all those months of development, it made my team take about 7 minutes longer to pirate" Cheaters will always find a way, no matter what

Do i trust riot games with a kernel level driver? Having seen the shitshow that is the league client for 13 seasons, the shitshow that is the league API and the general decline in QA quality since they laid off a bunch of staff, the answer is Fuck No This was the straw that broke the camels back and what drove me away from league, been league free since vanguard was added and i don't regret that decision for even a second

Honestly I repect the bravery of people who played League for more than a couple games and decided that's the company they trust to not (intentionally or unintentionally) fuck up their system with Kernel level software.

Dude I didn't expect a whole documentary, this is sick

For the last question: no, I don't trust Riot and Tencent with my information

Side note on vanguard, riot recently added "in-game detection" where it pops up a message in game that says "CHEATER DETECTED", but they didn't actually implement any server-side detection for cheaters as they would have you think, all they've done is made it so that once your account is banned, if the account is in game at the time of banning it will terminate the match, and these bans are always delay bans from the first game injection being detected, but riot likes to let scripters play 10-20 games per account before ban to "obfuscate" the detection, but they will actively let someone script in your games and then pop up a "CHEATER DETECTED" message as if they've just discovered it to make you feel like theyve done something new

I've stopped playing league after implementing vanguard (linux user) and holy shit, my life got better from that point. I will never return to league

A correction for 2:40 - the cheat shown with Flash having zero cooldown was possible not because of cheating software, but because runes and masteries used to be saved locally on your PC, allowing people to open those files with a text editor and sink 30 mastery points into summoner spell cooldown reduction. This exploit was fixed by moving runes and masteries to be stored server-side.

The question of balancing user privacy with game integrity is one that developers are simply going to ignore, forever, until large enough percentages of their games' player base collectively boycott the game. As it is, this question won't even appear on their radar of concerns.

The cheater crying about his DMA ban was beautiful.

That kid almost crying when he got banned live in valorant had me smiling ear to ear.

Hearing the compilation of cheater screams was music to my ears

Anticheat was never about making cheating literally impossible, just enough of a pain in the ass that most people won't bother, and those who do can be caught manually.

Tbh, a combo of hardware and kernel modules is probably the way to go in terms of cheating in basically 100% of games. DMA, rerouting input through a second PC instead of an arduino, and writing a custom driver to neuter anti-cheats would probably make it practically impossible for any anti-cheat to do literally anything about it. How’s riot gonna scan your PCIe port if it doesn’t know it exists because you hide it from its view during boot up?