We monitor hundreds of cheat forums across social media and the web, and one thing we’ve noticed recently is an increasing number of people, aka cheaters, complaining. Specifically about being ripped off by cheat developers.
For example, we’ve seen developers shut up shop overnight and run off with their customers’ money, and cheaters complaining that their online identity has been stolen after downloading a cheat, and sold on to fraudsters who’ve simply robbed them.
‘Who gives a shit?’
‘Why should we care when cheaters are ripped off by cheat developers?’
These are both reasonable responses as cheats ruin games for millions of players every week. (Obi-Wan could well have been talking about the online cheat community when he described the cantina in Mos Eisley as a ‘wretched hive of scum and villainy’)
But still, should we be worried?
Well, not exactly. In fact, we should be encouraged. That’s because it offers those of us dedicated to reducing cheating, an opportunity.
To see why, we need to look at what exactly these scam cheat developers are doing.
So, we’ve all read how a cheat, like an aimbot or ESP, operates by manipulating game code. What we hear less about is how this requires the user to effectively turn off their machine’s defences and enable high-level privileges or permissions to run the cheat, often at a kernel level.
This not only opens the door for potential security vulnerabilities down the line but the cheats themselves often come packaged with malware that can infiltrate systems, open backdoors into user data, install crypto mining tools, or even software that searches for any wallets on a machine and sends over the keys it finds.
On top of this, when a cheat installs it’s doing all sorts in the background. It will install the kernel level driver, disable Windows Defender, disable application and security logs, disable Windows telemetry diagnostics, disable anything that may possibly act as an antivirus or antimalware and THEN it starts installing software borrowed from viruses.
Pretty ironic when you compare this to the fuss when game developers propose kernel level anticheat!
In today's increasingly digital world, the potential loss from stolen financial data has reached unprecedented levels. And yet all that data is now sitting on a computer which is opened up to the outside world with no security left, no oversight and a criminal now has the key to it all.
There’s then identity theft which still stands as a pervasive threat within cyberspace, as people find their personal information used for fraudulent activities ranging from illegal purchases to creating false identities.
It might not be the cheat dev doing this but they can sell any details onto someone who will. Or, it will just be the next hacker who comes probing that machine to see how vulnerable it is.
In recent years, another malicious trick has become more common in the cheating community: exit scamming.
This involves a cheat vendor taking your money under the pretext of providing cheats, then abruptly closing up shop, leaving cheaters both out of pocket and out of luck. It's a little like the cheat equivalent to a Fyre Festival cheese sandwich. Not what you paid for.
Exit scamming isn’t new and occurs across numerous sectors. In the gaming world, it’s most often associated with cheat vendors who promise game-enhancing exploits or hacks for a fee. Often the tiered pricing of these cheats will entice cheaters in with long term savings - year long memberships at a hefty discount or even lifetime memberships.
However, data from the Intorqa platform shows there has been a significant surge in exit scamming incidents over the past year with numerous cheat vendors absconding, aka doing a runner, with gamers' money, without providing the promised cheats.
Why do people fall for this?
For the same reason they're willing to install software they have no reason to trust: a desire to win at all costs and a normalization of this behavior.
As for why cheat vendors resort to exit scamming, the answer is simpler - easy money. Their main motivation is to make a quick buck, and they know that their target audience is hardly likely to complain to the authorities or even their peer group, because just like in ‘Inventing Anna’, the suckers don’t want to be known as suckers.
So how do they get away with it?
Some do just disappear without a trace, one day they’re pushing a marketing campaign to anyone who would listen, and the next they’re gone - all records scrubbed.
Others lie to their members and promise they’re still active despite all signs to the contrary. When pushed, devs will sometimes claim they’ve had a cease and desist order.
Believe it or not, one common excuse is the claim of having pressing family commitments or unexpected personal responsibilities. This was used by a developer we were monitoring for a client earlier this year, who cynically announced a huge discount on yearly subscriptions, the week before claiming they had to leave the market due to other commitments. This may have felt more sincere were it not a trick they’ve pulled many times previously.
Another oft-cited reason revolves around being detected by anti-cheats or the game developers.
In an era where anti-cheat systems continuously evolve and strive for greater accuracy in detecting cheating behaviors, dishonest developers are quick to point fingers (bless ‘em!) at these mechanisms when caught red-handed. They argue that their inability to bypass such stringent security measures forced them into leaving the scene. Some might suggest it's a touch convenient for their hacking skills to leave them just as these expensive commitments start to roll in.
But it works. It's still surprising how many people get fooled again, and again, as these same developers are back within months, or sometimes weeks; revitalized and making cheats under a different brand name.
On four different occasions in 2023 we have seen brands close down and leave paying cheaters out of pocket only to resurface with another cheat within two weeks. Another 15 within two months. Upon reappearing, these scammers present cheaters with seemingly new cheats, always under a different brand name. Yet upon closer inspection, it became apparent that this was smoke and mirrors - the same code lay beneath the surface, albeit slightly tweaked with a fresh lick of paint in an attempt to mask their true provenance.
What to do?
No one who’s been in the same lobby as a rage cheat, or seen one cheat their way to the top of a leader-board, is going to shed too many tears over a cheat being out of pocket.
More importantly, security teams have enough on their plates dealing with cheats that actually work and protecting honest players.
And that's exactly why, as we said at the beginning of this blog, this offers us an important opportunity to help with the problem of cheating in video games. Because one of the reasons why security teams are so busy is the number of players willing to cheat in competitive PVP games. More cheaters leads to more cheats being created, more developers to track and more updates needed.
If we can reduce the demand, even slightly, this is going to help the security teams.
We need to talk to and persuade players, particularly those thinking of buying and downloading a cheat for the first time, that it’s not worth the risk. That they’re opening themselves up to threats like exit scamming and identity theft, dealing with people who lack integrity, and can cause them long term problems.
That’s why the PR and Marketing teams within publishers and developers, have a role to play in the fight against cheating. Even if those considering cheating are not bothered about the ethical concerns, the potential consequences to their finances or online safety might give them pause before installing that cheat software.
So we’d ask anyone reading this, to share it with any colleagues they know in these teams, and ask them to do what they can to help.
Let's work together to keep our gaming communities fair and safe: free from scams and cheats.
Comments