How Riot Games is fighting the war against video game hackers

There have always been video games, there were people ready to find ways to cheat. Amateurs has long deviated themselves to find weaknesses in games, and often the goal of developing cheating that they can share or sell. But since competitive games online became a legitimate profession, these hobbies have turned into an entire industry aimed at selling an unfair feature for those who want to pay.

Development and sale of cheating in video games could be a profitable work, and video game developers in recent years have been playing their anti -cheating teams, whose mission is to ban cheaters, neutralize the programs they use, as well as following fraud developers. More companies take a somewhat controversial step in spreading insect control systems that operate at the Kernel level, which means that they have the highest privileges in the operating system and can monitor everything that happens on the device that is running on the game.

One of the most prominent levels of anti -level levels is Vanguard, which was developed by RIOT Games, which is making popular addresses such as multi -playing Battle Arena online game Myths League and Online shooter the first person Brown.

“He placed on this land to ban the blocker of cheaters from the online video games,” said Philip Kosenas, director and head of the Antarctic in the riot, who describes himself as “one of the anti -craftsmen”, who “put him on this land to ban the blocker of cheaters from the online video games.”

Thanks to Vanguard and Anti-Chaat team led by Koskinas, riots prohibit thousands of cheaters Brown Every day, according to a joint chart with Techcrunch.

Riot efforts appear to be working. As of early 2025, the percentage was the percentage Brown The company says that the “ranking” games – meaning competitive matches – that have cheaters are now less than 1 % worldwide.

In an interview with Techcrunch, Koskinas detailed the various strategies used by the Riot Anti -Cheating Team to fight cheaters and fraud developers: take advantage of security features in the Windows operating system, and CompIns’ Comparive devices to prevent them from overcoming cheating communities, and playing psychological games in an effort to form Cheats.

“We can only make them look like fools.”

A large part of Koskinas and his team’s efforts stems from Vanguard to have the deepest level of access to the player’s computer. To get rid of cheaters, Vanguard benefits from some of the safety features already included in Windows.

First, Koskinas explained, the CHEAT anti -“approximately” CHEAT program imposes some of the most important safety features in Windows, such as a reliable platform unit, a safe -based seat, and safe boot. These two techniques achieve whether the computer is modified or tampered with, such as malware or fraud, and prevents it from boot if so. After that, Vanguard checks that all computer drivers, which allow the operating system to communicate with devices, is updated to determine additional devices that can enable cheating. Finally, Vanguard prevents cheating from downloading and implementing code in Kernel Memory.

“Basically, I benefited from all safety features made by Microsoft and MACRACTORS MANUFATUSTIONS to protect the operating system, and we use or impose it,” Kosenas told Techcrunch. “We must have a stadium where we can play. We have to impose a certain level of safety.”

But the cheaters’ fighting is not only related to technology; It is also related to the understanding of the cheaters themselves and how they work.

He said that the Kosenas team has a “reconnaissance arm”, with its basic responsibility to obtain threats and catalogs, which sometimes involve the acquisition of fraud. The team gets partially cheating using the sock doll identities that infiltrate the cheating developer and cheating developers for years, such as secret operations.

“We went to the point of giving anti -fraud information to prove credibility. We will deny as if it were something [reverse engineered]”He explained how the anti -fraud technique works to prove that we know things. Then he took advantage of our way to something, then sit there until it is launched, leave it to get users and then block everyone,” Kosenas said.

Some fraud developers try to remain unimpressed by selling only for a few customers, and maintaining their products mainly as extremist or “distinguished” deception, as it calls them as Kosenas. Kosenas said this excellent fraud can cost thousands of dollars, and it is sold to a handful of customers only.

Cheating makers use this strategy to reduce the risk of selling to the Undcover RIOT employee, but also for customers who will be more careful about blatant cheating and exposing cheating.

Kosenas said that these developers mainly sell “the reputation of their lack of discovery.” He said that one of the “strongest weapons” of the RIOT fraud team is to discredit the fraud developers publicly, for example, the ban on all their players, or the leakage of screen shots that show that they are inside the channels of the dispute.

He said: “We can only make them look like fools.”

Koskinas and his team should be keen not to go down strongly. By leaving a little cheating occurs, within the reasonable limits, riots can slow down players to get better fraud. He said: “If we hit every player every time, they will change the fraud until they find the player who has not been discovered.”

“To maintain stupid fraud, we prohibit slower,” he added.

To stop the perpetrators of repeated crimes, Vanguard “fingerprint” can uniquely define their devices to determine their devices uniquely – to make it difficult for this player to get new fraud and continue cheating.
In a more psychological strategy, Kosenas and his colleagues also wander from cheaters publicly by describing them, among other things, “pathogens without brain”, which has “the inability to get good in this video game.”

Cash tools box

Thanks to all of these techniques and strategies, almost most of the cheaters can now be divided into two categories. The first, which represents the majority of cheaters, is formed by those who “angry fraud” using cheap tools that are easy to discover. RIOT employees are ridiculed by this fraud “Download-A-Ban”, according to Kosenas.

He said: “A lot of cheaters, if you are thinking about it, they are young.” “Many of them have not yet grown up.

“They will return, they will prohibit, and they will do so at the end of each week for two or three years … and then, they will strike puberty, and this hopes that he will do it,” said Kosenas.

The second category of those who use excellent fraud is difficult to discover. Koskinas explains that these tools are known as “outer” fraud, because they depend on the use of actual devices, not just programs.

One type of outer fraud depends on the direct arrival attack (DMA). DMA fraud requires players to use specialized devices-Think of high-speed PCI Express cards-which all exceed BrownA memory for a separate computer can check the game on custom devices, outside the Vanguard range.

By doing this, the separate computer can be used to determine other players; Things inside the game like walls, ammunition and weapons; Specifically, where there are players and elements on the map. This can also include invisible objects for players. After that, using the fixed -installed programs on the cards, cheating will create a radar on a second screen that they can look at to discover competing players – even if they are hidden – to gain an unfair feature.

A more advanced version of this type of fraud, according to Koskinas, depends on HDMI’s Mazarers, which receives what the separate computer reads the main screen of chef. In this way, cheating does not have to look between the computer screens to know the location of their opponents, allowing them to focus on the show they play with the game.

These technologies allow the cheat through the walls-known as “Wallhacks”-and given what is referred to as “additional perception”, is mainly great rules within the game.

“I think we are mostly discovered today, but it is a kind of repetition,” said Kosenas.

Then there is a fraud in the screen reader, where the HDMI output is sent to the computer to a second computer that discovers and classifies what is on the game’s display, such as the head of the opponent’s player. The second computer then sends instructions to a small computer from Arduino to control robots, for example, and it is connected to the chef mouse and allows the player automatically to other players-a kind of fraud known as “AIMBOT”. “The mouse, for all intentions and purposes, is subject to a machine.”

If the fraud is working well, it may be difficult to discover, but Kosenas said it is in the long run, “cheating does not appear” as a human player “because of the accuracy of their goal and shoots their competitors.

“You have to click on the human being [the cheat] “To some extent, the advantage is imperceptible to what a person can do,” Kosenas said.

Until then, this technique is common, recognized by Kosenas. The downside is that it requires an expensive possible second computer with a quick graphics processor to classify what is happening quickly on the screen and send instructions again.

The future of fraud

Kosenas says it is often worried about the use of artificial intelligence to classify the screen, to find out the shape of human inputs, and how to reproduce them.

He said, “This is already here.” “Especially in Brown With these bright broad lines, you can do it almost with an algorithm […] You can actually say if the percentage of this square is sufficient purple, press the fire key. “ For context, the characters in repetition have distinct and vital color systems.

Despite the risks of security and privacy associated with ATM technology that has a nucleus level, RIOT does not have plans to stay away from its approach to its anti -healing engine, at least for courage. Otherwise, it is easy for cheating to use the nucleus exploits, according to Koskinas.

In general, Koskinas is trying to be more transparent about RIOT efforts to combat insects, including publishing many blog publications on how the company notes cheaters, as well as talking to journalists. He said that the idea is that since Riot has “the most anti -conquest of invasions by asking people to provide service at all times”, the players deserve to know how the company uses this privilege.

“The best thing I feel we can do in ordering this level of arrival and existence like this is transparent about the outcome that we can,” said Kosenas.

“We do not tell you what is under the cap, but we will tell you almost anything else,” he said.