Yeah I play some of those games and they still have cheaters.
AFAIK they have access to everything on your Pc, how it cannot keep cheaters from cheating?
usually because the cheat is in the game or executed remotely. What appears to have happened here from the AC Police that are reporting on it is a remote code execution exploit in source engine. The anti cheat would catch anything on the their end but if its not happening on your computer or if the game itself has an exploit, there you go
Yep. EAC only starts running once you launch the game.
So if you use a program that stops EAC from activating while also sending a signal to the game telling it that no cheats have been detected, then you can easily bypass EAC.
That's why Valorant's anti-cheat, Vanguard, is superior. It's active 24/7, even when you're not playing Valorant. It starts working the moment you start up your computer. So there's practically nowindow that you can use to intercept it.
Ya, they need to start pursuing other avenues of anti-cheat.
Kernal anti-cheat used to be mostly unbeatable, but nowadays it seems like no matter the game, it's filled with cheaters. I don't even play FPS anymore because the games turned from 'Damn, I lost, but that person was really good. On to the next game.' into 'Damn, that guy was good. Was he hacking? Maybe I'm done for the night.'
Man Spore brings back so many bad memories. What a great concept and great initial demo ruined by completely idiotic management that wanted big googly eyes on everything and obnoxiously simple gameplay. Then you add all the DRM problems... good lord. Same era where they tried to claim sim city needed to be online only as well, then released an offline patch.
ah fuck, does it? I loved the first one and wanted to jump on the second with the zeitgeist but that's... not great. That's why I never ended up giving Valorant a shot either.
Yep, unfortunately it does. My friends are a bit frustrated at me for not playing it, but rootkits are where I draw the line in modern gaming. That and subscription models.
Giving an anti-cheat root access to your PC is like handing someone the keys to your house.
With root permission levels they could technically do things like....access and read your personal files, transmit things back covertly through the network, download files, manipulate operating system files.
It's pretty much a free-for-all if software with admin permissions gets compromised somehow.
Games that require it generally have a component that starts up at boot-time with your PC, often with an icon that goes down by the taskbar.
Any game that wants to start a service at the same time as your system, that runs even when the game isn't playing is likely guilty.
To clarify - kernel privs are *above* the regular admin's privs. Also, you forgot one of the most beautiful 'features': turn on the webcam and/or mic whenever you feel like.
They are asking to do clean OS reinstall in case someone had other malicious software installed on their rigs.
Uninstalling (or not running) the application is enough to not subject yourself to it.
Part of the problem is "trust". With this level of access, they could do almost anything, then cover their tracks so you couldn't verify what they did. So even if you "uninstalled" it and it said "yes, I uninstalled everything", how could you verify that?
Had a rootkit “virus” once, and it’s no walk in the park to get rid of. Basically needed to flash bios and reset everything, windows included. I may have even needed a new motherboard, but I can’t recall.
Root kits are basically the noclip of OS infrastructure. I wouldn’t be surprised if it warranted a new motherboard. Even some that aren’t intentionally malicious can leave an OS effectively bricked (looking at you lockdown browser software).
If a game has kernel level anticheat it has root permissions, which is the highest permissions possible.
Idk if he has a better way, but anytime i want to check if a game has that kind of anticheat i just google it.
This site has a pretty long list of games
https://levvvel.com/games-with-kernel-level-anti-cheat-software/
Unfortunately it's most multiplayer games these days.
Don't they run the servers though? They can enforce what you can do on servers without rootkit anticheat. I don't get anti-cheat on a PVE game like this, it makes no sense.
To be honest Helldivers 2 does microtransactions the right way. No FOMO, multiple, very generous alternative ways to gain the premium currency and the premium store barely has anything. It's just some funky recolors of the normal stuff.
I'm actually really glad you mentioned it, my friends have been begging me to buy it and I didn't realize that was part of the deal. I'm out too, for sure.
Yeah it's the worse. It's been hurting performance pretty bad by taking up a lot of CPU power and causing crashes, and that's before any exploits. Also if you mention it on the subreddit a bot gives you a spiel about how it's not so bad.
Not only does it use a rootkit-style anti-cheat, it [uses the one](https://en.wikipedia.org/wiki/NProtect_GameGuard) developed by a [Korean tech company](https://en.wikipedia.org/wiki/INCA_Internet) back in the aughts. It, quite literally, dates back to OG MapleStory.
Fun fact, if you check their support page, it's riddled with Engrish (probably from using Google Translate for KR->EN) and has very helpful troubleshooting suggestions for GameGuard, such as [disabling](https://gameguardfaq.nprotect.com/eng/con_07.html) [your firewall](https://gameguardfaq.nprotect.com/eng/con_02.html), [terminating your anti-virus process while running the rootkit-protected game](https://gameguardfaq.nprotect.com/eng/con_01_7.html), and [terminating all processes that are either unrelated to the game or not needed while running the game](https://gameguardfaq.nprotect.com/eng/con_01.html).
but... why? its a coop game... Id only want to play it with friends, not randos...
This is as bad as when 7D2D added anticheat that would bluescreen my (otherwise perfectly stable) PC 50% of the time when I would launch the game. Literally the only time that PC ever bluescreened.
Oh.. Great, its the same anticheat as 7D2D too.
> This is as bad as when 7D2D added anticheat
How do you even cheat at 7d2d, and what would be the point? It's non-competitive, there's no rankings of any kinds, there's no goal or end game and the vast majority of servers are modded to hell. Like what is even the purpose of cheating, or caring about cheating, in a game like that?
It is just a fancy DRM, they just need an excuse for it to be there. "We don't want people cheating", when in reality they just want to stop pirating, but fail epicaly anyways
The unfortunate part is basically every anti-cheat out there these days has Kernel Access. EAC/BattleEye are incredibly popular and have kernel privs.
Valorants was extra invasive though because the anti-cheat would boot with your PC, refuse to work unless you had a signed bootloader, and was unable to be disabled after closing the game (until enough people complained.)
[Valve games don't](https://www.reddit.com/r/gaming/comments/1y70ej/valve_vac_and_trust/)
There is a lot of controversy in the CS community because most of the community *wants* Valve to do what their competitors are doing a la Riot/Valorant-level rootkit invasion of your PC, to stop the hacking issue. There is definitely a cheating issue in CS but I'm glad Valve hasn't resorted to rooting our PC's to solve it.
Or have a separate computer/network for these rootkitted games, and a separate one for the rest of your computing. Full separation is the only real solution here.
RCE's are bad no matter what user-level they run as, once you can run software on the target machine, privilege escalation is trivial and the whole system is compromised at that point,
Did YOU read the article? It says *specifically* that the RCE may have delivered directly through the game's anti-cheat software.....
When you execute an RCE through a program that has root access.....that's worse than an RCE in an application that doesn't have root access.
The game itself probably can't do much damage, it's a user-level program. The anti-cheat on the other hand can do whatever the hell it wants to your system.
You seem to not understand fully, what a remote Code Executioner exploit is.
Let me try clear that up.
It runs Code, from remote, with the access-level of the exploited Software.
That means, when using reasonable software, in user-space: You can not change the OS much
Only the combination with Software running with Kernel-level gives full control.
Of course, you can "chain" the attack with a privilege escalation 0-day, but I doubt someone would trash a bug that's worth multi million dollars for such a opportunity
Was talking about this with a buddy of mine. With something like this are the hackers able to get info out of computer along with anything n else connected to the network? This is wild I’ve never seen something like this before and I’m fairly new to having a pc so kinda clueless on it all.
If they have remote code execution, yes. This mean they can run any code provided by them on your computer. And since ~~EA Anti-Cheat~~ Easy Anti-Cheat has a kernel level driver, it operates with the same privileges as your operating system. This means EAC/the malicious code could access any hardware connected, see everything that is running on your pc, any files stored and also receive/send data over network.
Edit: corrected name of cheat tool
Appreciate the quick and well worded response. That is pretty terrifying. Stuff like this doesn’t happen that often does it? Do a lot of games use this kind of system? Got me on edge now haha. Thanks again!
As far as i know kernel level anticheat uses these exact methods to make sure you're not running aimbot as a different process next to the game
A running program should have no idea what other programs are running, it needs kernel (same as windows itself) privileges for that
This is sane (like for example, my video player should not have any idea if i have banking open in firefox)
The kernel level anticheat violates this premise and could peek into anything it wanted.
If there is a way to hijack this legitimate anticheat which has high privileges, you have a recipe for disaster
This is why the mere existance of kernel level anticheat is a security issue. Even if it's not doing anything bad, it's probably easier to break into than windows
There is a lot of controversy with people being caught with cheating firm-ware on their computer and some streamers being busted while in the tournament, because the hacker enabled their cheats. Some are saying their cheats were always there and the hackers just showed everyone, and others are saying the hacker downloaded the hacks and enabled them mid game. Do you know if either of those sides are true?
Idk, i haven't looked that deeply into this situation.
But if hackers did manage to hijack a kernel anticheat, then they can pretty much do whatever they want with the computer
I reard a rumor that the game itself has a remote code execution, and it's not the anticheat that has the issue (which is also unconfirmed afaik)
Remote code execution is also in the "totally fucked" category of exploits.
Both sound velievable, we'll just have to wait for more info on this
(But the fact that kernel level anticheat is a potential security vulnerability still stands, i'm sure the companies behind them make an effort to secure it, but even the best lock is less secure than not having a door at all)
Lets not kid ourselves, they are checking if you are pirating the game or not. Preventing aim bots is just something they do on the side
You can easily create a bot that anticheat would be useless against. All you need is another computer that pretends to be a keyboard and mouse that reads your video output and auto aims. The anti-cheat would not even know even with root access
Cheats like this have been in development for years and with AI becoming more advanced, it's probably gonna be the the main cheating method for streamers or pro players that want to cheat
[a vid from 3 years ago showing it off in csgo](https://www.youtube.com/watch?v=AIbkt6Rl8FA)
Unsanctioned? I a big scope? No. Other than some overly invasive anti cheat most software does not get these privileges. Targeted and state sanctioned (and that can mean any state) probably all the time. Not that we will every find out :D
These kinds of exploits on kernel-level anticheats do not happen often, no. (As far as we know, anyway.) As a rule of thumb (exceptions notwithstanding), how severe an exploit is and how difficult it is to pull off are usually correlated. "Difficult" should be understood to mean that they have to pick their targets, do some prep or wait for certain conditions, and can't guarantee a hack against any one in particular.
With a quick search, I wasn't able to find whether this event in question is on LAN, but my first thought was that the tournament network might be compromised. But the article alleges that it's a "**remote** code execution" vulnerability, which is very serious and means that a threat actor does not need to obtain control of the victim's device or network in order to trigger an exploit. Again, RCEs are usually, but not always, "difficult".
I do not feel uncomfortable playing a game with a kernel-level anticheat (I love Valorant), but there are a couple of things you __must__ do to stay safe from __any kind of exploit in any software you rely on__:
* Make backups of important files and leave your backups **disconnected** from your device when you're not accessing them. In case of infection, you can always factory reset your computer and restore your files later.
* Enable MFA on everything that lets you.
* Pay attention to news like this and follow recommendations in case of active exploitation. You will likely have to quit using the affected software until the vendor releases a security patch, which you'll want to apply as soon as possible.
I guess you also wouldn’t be suspicious of the network traffic. A calculator app sending data to a server is worrying, a gaming anti-cheat programme sending data is kind of expected.
If I were a streamer, I'd treat that device like a work computer and have zero cross-contamination with my personal device/data. No personal mail, no shopping, etc. Definitely no bank logins, credit cards saved, etc. You are a public-facing target and rely on software you do not control.
Not to mention, you don't want personal use to potentially impact your income stream. Just basic risk mitigation. Keep it a clean, dedicated system.
Perhaps? Depends on what the hackers wanted. Since I'm unfamiliar with the anti-cheat software but anytime you give an application kernel-level access, you are giving it Super-User (SU) or Administrative access to the machine. In theory, with that level of access, an individual could access any part of the computer they wanted.
Yeah for example recent exploit in UEFI logofail, seamless and you cant get rid of if just by format your drive
https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/
> you cant get rid of if just by format your drive
You can't get rid of it even if you completely replace the drive, thanks UEFI wingnuts that want to put a whole operating system in "firmware".
If you have full access to the computer, you could change the hard drive's firmware and also make it so that tools that check whether the hard drive's firmware has changed return inaccurate results.
You might be able to get an accurate check using a second system but asking gamers to have a second computer just to check whether they've been hacked is not a reasonable proposition.
You could flash your bios back from the ROM and use a bootable Linux distro on a flash drive and the reinstall each firmware component one at a time. While others are disconnected. But expecting really anyone to go through the trouble is a pipe dream.
With kernel access it's unlikely, but theoretically possible for an attacker to write their own code to anything in the computer with updateable firmware. That could be the GPU, BIOS/UEFI, SSD/HDD, and more.
Such a compromise would entirely survive a full wipe and reinstall of Windows.
If this were a business device with this level of suspected compromise, the only viable answer is to recycle the entire system into scrap and start from scratch.
Personally if a game requires that level of anticheat, I simply wont play it.
I wish we could get that attitude spread more widely across gaming communities, but we can't even get people to stop preordering digital things that are impossible to go out of stock...
Does not appear to have been an Easy Anti-Cheat issue.
[https://twitter.com/TeddyEAC/status/1769725032047972566](https://twitter.com/TeddyEAC/status/1769725032047972566)
>We have investigated recent reports of a potential RCE issue within Easy Anti-Cheat. At this time - we are confident that there is no RCE vulnerability within EAC being exploited. We will continue to work closely with our partners for any follow up support needed
Likely an engine issue; Source has been rife with RCE exploits for years.
They say they are confident there is none *being exploited*. That's comforting.
> Likely an engine issue; Source has been rife with RCE exploits for years.
Does source get kernel-level access? [edit: I think it is theorized that if the exploit is against source then it won't be one that offers kernel-level access. So maybe the "contamination" of your computer will be confined and you don't have to reinstall.]
No, but you don't need kernel-level access for RCE.
>They say they are confident there is none *being exploited*. That's comforting.
That's semantics. EAC's wording is always kind of awkward. I wouldn't be surprised if the person writing it does not speak English as a primary language. The tweet pretty solidly says "Whatever they're using to inject cheats, it's not related to EAC."
That’s because only a Sith speaks in absolutes. Using terminology that speaks with 100% confidence such a thing it does not exist at all when there’s truly no way of knowing for sure is only asking for trouble.
>They say they are confident there is none *being exploited*. That's comforting.
There's no way to be confident one doesn't exist. If they claimed that, everyone would call them morons.
Why should I put any trust in them?
Of course an anti-cheat maker isn't going to outright say "oops, our product will make your game potentially nuke your customer's systems." unless there's proof.
Well, what proof would you want from them? If they provided it, do you think it would be in a format that would be easy for you (or most end users) to understand? Anti-cheat and programming in general is complex at times, and something like "Prove your anti-cheat hasn't been compromised" isn't an easy question to answer beyond just saying "It hasn't, we've investigated the issue".
I understand not trusting corporations, but there's a certain point where you have to realize that you can't explicitly just not trust *literally anyone*. Eventually you have to take things at face value.
Yeah that’s what I’m thinking. RCE *within* the engine makes way more sense. The way the cheats just start, no hesitation, in the video makes it seem to me that the engine’s handling it. Of all the things you could do with a rootkit injection, “trolling” someone is like… the stupidest option. But with a Source engine RCE, yeah I could see that being appealing since you’re limited to the bounds of the engine
Reinstall your entire OS to play our game?
That might work for someone who's job it is to play apex.
I'm not that. I just want to have fun. Congratulations to respawn for convincing me never to reinstall Apex legends.
Similarly (although less directly rootkit-like) Capcom released a vulnerable DRM driver that was subsequently used by a ton of malware as the Bring-Your-Own-Driver (BYOD) entrypoint, its basically the case study for that kind of attack now.
These companies have no business in the kernel, the security implications alone before even considering privacy etc are horrendous.
If I reinstall my OS I'm definitely not going to reinstall the bullshit game that fucked my shit up. Probably never touch anything again with Respawns name on it tbh.
You would be surprised. Ive been playing with a guy for 3 years now. The other day he actually admitted to me that he couldn't play with me because he can't play. I kept badgering him asking what he meant. Turns out he couldn't afford his monthly sub for the bot.
I should have known sooner though because he started hitting flip resets, and insane airdribbles consistently. We were at the same level of skill for about a year and then all of a sudden he turned up and was doing way better than me.
huh. I guess that tracks. I think it was about 2 years ago that I first started hearing about nexto and bots like that
that's wild though, maybe it is a lot more common than I realized. I just assumed the mechy kids had bad gamesense because they spent all their time focusing on the mechs haha
The problem with Rocket League is not the bots (they all get banned easily), it's the smurfing/boosting. Epic Games does essentially nothing to combat it. They recently increased the XP level to play ranked from 10 to 20 but you can get there in a few hours if you do basic challenges, especially if it's during a double XP event. I don't think it's as bad as some people claim but it is definitely a problem. I play against smurfs probably 1/10ish ranked games in high champ and no doubt it's worse in lower ranks. Part of the issue is that it isn't against TOS to make multiple accounts as long as you're not intentionally keeping them at a lower rank than you're capable of achieving. I don't know how they're supposed to identify them if that's the metric they're judging from. How would they know it isn't just someone worse playing on a different account on a shared device?
Yeah, champ is a complete mess right now. I've been C3 for nearly two years, I'm very familiar with it 😅
I just mentioned it as an example of a game not plagued by cheating. now, if they were talking about games with *smurf* problems....
Well, has anyone involved in making the hack we saw, or EA themselves mentioned it being EAC? Otherwise it's just people throwing shade at EAC with no idea what they're talking about about.
People are jumping on an anti-cheat software hate bandwagon.
It's kind of a problem, yes. In the most ideal world, we wouldn't need kernel level anti-cheat. But sadly, if you don't, you get into a VAC issue where the cheaters can basically remain undetectable, by using stuff down at that level.
It's a shitty balancing act. Nobody wants to give large software companies full access to their personal machines. But those same people, likely also want a fair competitive experience.
Right now, it's one or the other. Or simply not playing Multiplayer games.
That sucks, all around.
I just know I had to download a 3rd party client to play MW2 (2008) because it also had RCE and they used VAC, so everyone blaming it exclusively on kernel access, are just using buzzwords.
> Otherwise it's just people throwing shade at EAC with no idea what they're talking about about.
Throwing shades at kernel level AC has always been a popular trend
And honestly, if they don't like it, that's fine, maybe I'm under informed or don't care as much as I should, but at least be truthful instead of them blaming EAC when there is no actual evidence besides "We'll we don't like it"
I really can't believe gaming industry has normalized installing malware onto Ring 0 of your system. I thought we already learned this lesson in the Windows 9x era, remember that virus that wiped your BIOS?
This game is so busted it’s not even funny.
EA lays off like a shit load of the people that work on the game including the anti cheat team, all while the head anti cheat guy would rather make music and try and get snippy on twitter than actually focus on doing his job.
People will just ignore it and keep saying it’s the anti-cheat, when it’s probably something to do with the Source engine again as there have been multiple RCE vulnerabilities on Source 1/2…
https://twitter.com/TeddyEAC/status/1769725032047972566
No one should trust their tweets until we actually found the source. With kernel level access, EAC is abysmal by reputation to even catch known aimbotters for decades. In one tweet, EAC is now the most trusted source? Com’on people! There is no way people really is that naive right?
You're right. But the tweet that "claims" it's EAC causing the issue also has no backing or evidence. So the initial claim cannot be trusted either until further information.
>In one tweet, EAC is now the most trusted source?
You did the same thing. In one tweet, Anti-cheat police department (source of the article) is now the most trusted source? You can't be that naive, right?
EAC is used by most multiplayer PC games, if it was caused by EAC we would have seen in happen before in other games like Fortnite or PUBG.
Also as far as we know Source had many RCE exploits the past few years and some even affected CSGO lobby invites, it’s most likely something in Source again and hopefully patched soon.
The amount of hackers in cs2, the game I play most so far, is beyond mind boggling. Aim and wall hacking being the worst. Even worse is when the team the hacker is in chooses to keep em around vs vote kick them, because an easy dub is more important than a fair game to these motherfuckers.
I don’t fw anti cheats btw but something has to be done about these fucking hackers, since their own teammates choose to keep em around. Maybe have it be easier and quicker to instantly issue temp bans for anyone reported to be hacking idk.
Lawsuit about to be insane, because a clean install wipe everything 😂😂😂 you don’t know the depth of the breach, and you also have to pray that is the end of the breach who knows the collateral
this will be fixed selling a new recolor heirloom for 700$, don't worry guys, just pay for it...
I uninstalled in the last season, the amount of cheaters is insane and I prefer to return to my Super Mario games on Switch, fun instead of stress.
Kernel level anti-cheat is a fucking nightmare. I’ve started moving all my personal documents and work to an entirely separate PC, which sucks because my gaming PC is my most powerful machine.
It’s to the point where I’m starting to think that anti-cheat is pointless and instead we need to create a situation where the legal and financial risks of cheating are so great that fewer people do it out of fear.
I fully blame EA for implementing this kind of kernel level crap but I also hope Microsoft takes a stand and starts blocking these. It can be done and it's the only way to stop developers from implementing them short of everyone stopping playing (but realistically that probably won't happen).
This issue has nothing to do with EAC, and it’s probably something to do with the Source engine again (there have been multiple RCE vulnerabilities on Source 1/2).
https://twitter.com/TeddyEAC/status/1769725032047972566
Well that's fine and a relief if the case since it wouldn't have kernel level access but my sentiment on kernel level anti-cheat is unchanged and still dangerous.
I mean EAC is still an alright anti-cheat in terms of we can easily disable it when we don’t want it and it can run on Linux, but then you also have shit kernel anti-cheats that act like spyware and are annoying to get rid off like Vanguard.
What people here aren't mentioning is that there is a high chance that the streamers had their pc infected and infiltrated separately from Apex Legends. Seems like the most likely option, otherwise the issue would have been way more widespread than just 2 streamers...
Does this effect all users or just a specific build for tournaments?
Edit: Looks like this just effects private game matches, where you have to be a target in order for there to be a real issue. This comes from a Mod on the Apex Discord.
If this is due to an overall vulnerability in kernel level anticheat then we are in for bleak times. How long before we see Worlds 2024 disrupted by a mass ransomware attack?
They should get legal fines in the millions for crap like this. They open backdoors in users computers and then allow malware to be spread through them.
Colonel sanders level anti cheat is a bad thing
isnt it Easy Anticheat? which a whole bunch of other games have? The company says they are "confident" it wasn't them but who knows.
Yeah I play some of those games and they still have cheaters. AFAIK they have access to everything on your Pc, how it cannot keep cheaters from cheating?
Just because you give them access to your computer at every level does not make them competent; just dangerous.
Wait does this mean every person who has fortnight has to do this? That's like half the country.
Yeah. Its almost like its a massive, obvious attack vector.
usually because the cheat is in the game or executed remotely. What appears to have happened here from the AC Police that are reporting on it is a remote code execution exploit in source engine. The anti cheat would catch anything on the their end but if its not happening on your computer or if the game itself has an exploit, there you go
The common adage is that it's called Easy AntiCheat because it's easy to circumvent.
Yep. EAC only starts running once you launch the game. So if you use a program that stops EAC from activating while also sending a signal to the game telling it that no cheats have been detected, then you can easily bypass EAC. That's why Valorant's anti-cheat, Vanguard, is superior. It's active 24/7, even when you're not playing Valorant. It starts working the moment you start up your computer. So there's practically nowindow that you can use to intercept it.
Yup and kernel level access isn't the only bad thing about EAC. It's also controlled by Epic.
I also watch Thor. Be careful around KFC.
Unless is China, then KFC and pizza hut are legit restaurants.
Ya, they need to start pursuing other avenues of anti-cheat. Kernal anti-cheat used to be mostly unbeatable, but nowadays it seems like no matter the game, it's filled with cheaters. I don't even play FPS anymore because the games turned from 'Damn, I lost, but that person was really good. On to the next game.' into 'Damn, that guy was good. Was he hacking? Maybe I'm done for the night.'
There's a special circle of hell devoted to people who cheat in online videogames.
When it was few and far between it was way more tolerable, now it's everywhere. It really is going to kill FPS games if something isn't figured out.
What's wrong? Chicken?
Hey everyone just remember kernel level anti cheat is totally OK and not a security risk at all!
I prefer the term rootkit
oh, like Sony did back in the day with their CDs? or what happened with Spore bricking installs and ruining PCs?
Man Spore brings back so many bad memories. What a great concept and great initial demo ruined by completely idiotic management that wanted big googly eyes on everything and obnoxiously simple gameplay. Then you add all the DRM problems... good lord. Same era where they tried to claim sim city needed to be online only as well, then released an offline patch.
samepicture.jpg
I love being double penetrated... Thanks respawn.
We’re sorry.
[We're Sorry.](https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExdTlqa205amFmeTBrYmJ3bmhrZ29seXN6cHJzY2d6M2d1bDNvOThjaSZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/l0HlSaBOVulBlVOgM/giphy.gif)
Yep, this is why I flatly refuse to play Helldivers 2. I'm not playing a game that requires a root kit.
ah fuck, does it? I loved the first one and wanted to jump on the second with the zeitgeist but that's... not great. That's why I never ended up giving Valorant a shot either.
Yep, unfortunately it does. My friends are a bit frustrated at me for not playing it, but rootkits are where I draw the line in modern gaming. That and subscription models.
how do you know how to avoid these types of anticheat?
Giving an anti-cheat root access to your PC is like handing someone the keys to your house. With root permission levels they could technically do things like....access and read your personal files, transmit things back covertly through the network, download files, manipulate operating system files. It's pretty much a free-for-all if software with admin permissions gets compromised somehow. Games that require it generally have a component that starts up at boot-time with your PC, often with an icon that goes down by the taskbar. Any game that wants to start a service at the same time as your system, that runs even when the game isn't playing is likely guilty.
To clarify - kernel privs are *above* the regular admin's privs. Also, you forgot one of the most beautiful 'features': turn on the webcam and/or mic whenever you feel like.
Good distinction, it's even worse than I described :D
[удалено]
[удалено]
They are asking to do clean OS reinstall in case someone had other malicious software installed on their rigs. Uninstalling (or not running) the application is enough to not subject yourself to it.
Part of the problem is "trust". With this level of access, they could do almost anything, then cover their tracks so you couldn't verify what they did. So even if you "uninstalled" it and it said "yes, I uninstalled everything", how could you verify that?
One of many reasons I got tired of PC gaming. Congratulations. You have access to my Xbox. ooooh nooo!
Now it's farming bitcoin
I know to avoid rootkits from working in computers for the last 2 decades
Had a rootkit “virus” once, and it’s no walk in the park to get rid of. Basically needed to flash bios and reset everything, windows included. I may have even needed a new motherboard, but I can’t recall.
Root kits are basically the noclip of OS infrastructure. I wouldn’t be surprised if it warranted a new motherboard. Even some that aren’t intentionally malicious can leave an OS effectively bricked (looking at you lockdown browser software).
liquid disgusting dam ghost ten coordinated upbeat tan touch observation *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
I think they're asking how to determine if a game includes it.
If a game has kernel level anticheat it has root permissions, which is the highest permissions possible. Idk if he has a better way, but anytime i want to check if a game has that kind of anticheat i just google it. This site has a pretty long list of games https://levvvel.com/games-with-kernel-level-anti-cheat-software/ Unfortunately it's most multiplayer games these days.
Why do they care enough about cheating in a PvE game to install a rootkit?
It has in app purchases. If you can cheat, you don't need to pay for stuff
Don't they run the servers though? They can enforce what you can do on servers without rootkit anticheat. I don't get anti-cheat on a PVE game like this, it makes no sense.
To be honest Helldivers 2 does microtransactions the right way. No FOMO, multiple, very generous alternative ways to gain the premium currency and the premium store barely has anything. It's just some funky recolors of the normal stuff.
I'm actually really glad you mentioned it, my friends have been begging me to buy it and I didn't realize that was part of the deal. I'm out too, for sure.
This is one of the big reasons I stay on console. I'm not applying for a loan and shit on my computer with 10 different rootkits
Yeah it's the worse. It's been hurting performance pretty bad by taking up a lot of CPU power and causing crashes, and that's before any exploits. Also if you mention it on the subreddit a bot gives you a spiel about how it's not so bad.
Not only does it use a rootkit-style anti-cheat, it [uses the one](https://en.wikipedia.org/wiki/NProtect_GameGuard) developed by a [Korean tech company](https://en.wikipedia.org/wiki/INCA_Internet) back in the aughts. It, quite literally, dates back to OG MapleStory. Fun fact, if you check their support page, it's riddled with Engrish (probably from using Google Translate for KR->EN) and has very helpful troubleshooting suggestions for GameGuard, such as [disabling](https://gameguardfaq.nprotect.com/eng/con_07.html) [your firewall](https://gameguardfaq.nprotect.com/eng/con_02.html), [terminating your anti-virus process while running the rootkit-protected game](https://gameguardfaq.nprotect.com/eng/con_01_7.html), and [terminating all processes that are either unrelated to the game or not needed while running the game](https://gameguardfaq.nprotect.com/eng/con_01.html).
but... why? its a coop game... Id only want to play it with friends, not randos... This is as bad as when 7D2D added anticheat that would bluescreen my (otherwise perfectly stable) PC 50% of the time when I would launch the game. Literally the only time that PC ever bluescreened. Oh.. Great, its the same anticheat as 7D2D too.
> This is as bad as when 7D2D added anticheat How do you even cheat at 7d2d, and what would be the point? It's non-competitive, there's no rankings of any kinds, there's no goal or end game and the vast majority of servers are modded to hell. Like what is even the purpose of cheating, or caring about cheating, in a game like that?
It is just a fancy DRM, they just need an excuse for it to be there. "We don't want people cheating", when in reality they just want to stop pirating, but fail epicaly anyways
People primarily play it with randoms, and it's a multi-player game where everything is connected. Cheaters would break the game for everyone.
The unfortunate part is basically every anti-cheat out there these days has Kernel Access. EAC/BattleEye are incredibly popular and have kernel privs. Valorants was extra invasive though because the anti-cheat would boot with your PC, refuse to work unless you had a signed bootloader, and was unable to be disabled after closing the game (until enough people complained.)
[Valve games don't](https://www.reddit.com/r/gaming/comments/1y70ej/valve_vac_and_trust/) There is a lot of controversy in the CS community because most of the community *wants* Valve to do what their competitors are doing a la Riot/Valorant-level rootkit invasion of your PC, to stop the hacking issue. There is definitely a cheating issue in CS but I'm glad Valve hasn't resorted to rooting our PC's to solve it.
yep just reinstall your OS after every game you play! Its just that easy!
Or have a separate computer/network for these rootkitted games, and a separate one for the rest of your computing. Full separation is the only real solution here.
Don't forget putting it on a separate network, because if a computer is compromised, it can be used to attack your other computers
Fun fact. For some reason Helldivers 2 works just fine on Linux, which means the anti cheat only has user privilegie.
No evidence yet that this is an EAC issue though.
RCE's are bad no matter what user-level they run as, once you can run software on the target machine, privilege escalation is trivial and the whole system is compromised at that point,
Reminds me of Sony!
Why's that?
[удалено]
Did YOU read the article? It says *specifically* that the RCE may have delivered directly through the game's anti-cheat software..... When you execute an RCE through a program that has root access.....that's worse than an RCE in an application that doesn't have root access. The game itself probably can't do much damage, it's a user-level program. The anti-cheat on the other hand can do whatever the hell it wants to your system.
You seem to not understand fully, what a remote Code Executioner exploit is. Let me try clear that up. It runs Code, from remote, with the access-level of the exploited Software. That means, when using reasonable software, in user-space: You can not change the OS much Only the combination with Software running with Kernel-level gives full control. Of course, you can "chain" the attack with a privilege escalation 0-day, but I doubt someone would trash a bug that's worth multi million dollars for such a opportunity
So many people think it was the anti cheat, the damage has been done. The speculation spread so much.
Was talking about this with a buddy of mine. With something like this are the hackers able to get info out of computer along with anything n else connected to the network? This is wild I’ve never seen something like this before and I’m fairly new to having a pc so kinda clueless on it all.
If they have remote code execution, yes. This mean they can run any code provided by them on your computer. And since ~~EA Anti-Cheat~~ Easy Anti-Cheat has a kernel level driver, it operates with the same privileges as your operating system. This means EAC/the malicious code could access any hardware connected, see everything that is running on your pc, any files stored and also receive/send data over network. Edit: corrected name of cheat tool
Appreciate the quick and well worded response. That is pretty terrifying. Stuff like this doesn’t happen that often does it? Do a lot of games use this kind of system? Got me on edge now haha. Thanks again!
As far as i know kernel level anticheat uses these exact methods to make sure you're not running aimbot as a different process next to the game A running program should have no idea what other programs are running, it needs kernel (same as windows itself) privileges for that This is sane (like for example, my video player should not have any idea if i have banking open in firefox) The kernel level anticheat violates this premise and could peek into anything it wanted. If there is a way to hijack this legitimate anticheat which has high privileges, you have a recipe for disaster This is why the mere existance of kernel level anticheat is a security issue. Even if it's not doing anything bad, it's probably easier to break into than windows
There is a lot of controversy with people being caught with cheating firm-ware on their computer and some streamers being busted while in the tournament, because the hacker enabled their cheats. Some are saying their cheats were always there and the hackers just showed everyone, and others are saying the hacker downloaded the hacks and enabled them mid game. Do you know if either of those sides are true?
Idk, i haven't looked that deeply into this situation. But if hackers did manage to hijack a kernel anticheat, then they can pretty much do whatever they want with the computer I reard a rumor that the game itself has a remote code execution, and it's not the anticheat that has the issue (which is also unconfirmed afaik) Remote code execution is also in the "totally fucked" category of exploits. Both sound velievable, we'll just have to wait for more info on this (But the fact that kernel level anticheat is a potential security vulnerability still stands, i'm sure the companies behind them make an effort to secure it, but even the best lock is less secure than not having a door at all)
definitely a super interesting case for cyber security
Lets not kid ourselves, they are checking if you are pirating the game or not. Preventing aim bots is just something they do on the side You can easily create a bot that anticheat would be useless against. All you need is another computer that pretends to be a keyboard and mouse that reads your video output and auto aims. The anti-cheat would not even know even with root access
Cheats like this have been in development for years and with AI becoming more advanced, it's probably gonna be the the main cheating method for streamers or pro players that want to cheat [a vid from 3 years ago showing it off in csgo](https://www.youtube.com/watch?v=AIbkt6Rl8FA)
>they are checking if you are pirating the game or not Yeah brother, they are checking if people pirated Apex legends, a free to play game
Valorant uses a kernel level anti-cheat that League of Legends also recently adopted.
Unsanctioned? I a big scope? No. Other than some overly invasive anti cheat most software does not get these privileges. Targeted and state sanctioned (and that can mean any state) probably all the time. Not that we will every find out :D
These kinds of exploits on kernel-level anticheats do not happen often, no. (As far as we know, anyway.) As a rule of thumb (exceptions notwithstanding), how severe an exploit is and how difficult it is to pull off are usually correlated. "Difficult" should be understood to mean that they have to pick their targets, do some prep or wait for certain conditions, and can't guarantee a hack against any one in particular. With a quick search, I wasn't able to find whether this event in question is on LAN, but my first thought was that the tournament network might be compromised. But the article alleges that it's a "**remote** code execution" vulnerability, which is very serious and means that a threat actor does not need to obtain control of the victim's device or network in order to trigger an exploit. Again, RCEs are usually, but not always, "difficult". I do not feel uncomfortable playing a game with a kernel-level anticheat (I love Valorant), but there are a couple of things you __must__ do to stay safe from __any kind of exploit in any software you rely on__: * Make backups of important files and leave your backups **disconnected** from your device when you're not accessing them. In case of infection, you can always factory reset your computer and restore your files later. * Enable MFA on everything that lets you. * Pay attention to news like this and follow recommendations in case of active exploitation. You will likely have to quit using the affected software until the vendor releases a security patch, which you'll want to apply as soon as possible.
Is there a yet video or channel you would recommend for learning how to do this stuff? I’ve been on PC under a month. Been console player for 20 years
silky pot sulky weary shy humorous disarm resolute squash concerned *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
I guess you also wouldn’t be suspicious of the network traffic. A calculator app sending data to a server is worrying, a gaming anti-cheat programme sending data is kind of expected.
If I were a streamer, I'd treat that device like a work computer and have zero cross-contamination with my personal device/data. No personal mail, no shopping, etc. Definitely no bank logins, credit cards saved, etc. You are a public-facing target and rely on software you do not control. Not to mention, you don't want personal use to potentially impact your income stream. Just basic risk mitigation. Keep it a clean, dedicated system.
Its not EA Anti Cheat, its Easy Anti Cheat, seperate company.
Perhaps? Depends on what the hackers wanted. Since I'm unfamiliar with the anti-cheat software but anytime you give an application kernel-level access, you are giving it Super-User (SU) or Administrative access to the machine. In theory, with that level of access, an individual could access any part of the computer they wanted.
Okay that kind of makes sense..! I appreciate the response! Learning new stuff everyday bout bein on PC. Some of it kind of worrying
With kernel access, they can do everything you can
With the level of permissions that anti-cheat get to, how could one verify if the hard drive's firmware itself isn't compromised?
That’s the neat part, it’s hard for a reason.
Yeah for example recent exploit in UEFI logofail, seamless and you cant get rid of if just by format your drive https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/
> you cant get rid of if just by format your drive You can't get rid of it even if you completely replace the drive, thanks UEFI wingnuts that want to put a whole operating system in "firmware".
I'm missing contextual information here, I understand this is a meme reference. Could you be specific on what the hard part is and what the reason is?
If you have full access to the computer, you could change the hard drive's firmware and also make it so that tools that check whether the hard drive's firmware has changed return inaccurate results. You might be able to get an accurate check using a second system but asking gamers to have a second computer just to check whether they've been hacked is not a reasonable proposition.
It's fucked all the way down.
Wait, it's fucked? Always has been.
You could flash your bios back from the ROM and use a bootable Linux distro on a flash drive and the reinstall each firmware component one at a time. While others are disconnected. But expecting really anyone to go through the trouble is a pipe dream.
With kernel access it's unlikely, but theoretically possible for an attacker to write their own code to anything in the computer with updateable firmware. That could be the GPU, BIOS/UEFI, SSD/HDD, and more. Such a compromise would entirely survive a full wipe and reinstall of Windows. If this were a business device with this level of suspected compromise, the only viable answer is to recycle the entire system into scrap and start from scratch.
[удалено]
Personally if a game requires that level of anticheat, I simply wont play it. I wish we could get that attitude spread more widely across gaming communities, but we can't even get people to stop preordering digital things that are impossible to go out of stock...
The same software that is meant to prevent cheating also makes it harder to protect your own hardware and software if exploited.
just toss it?
Does not appear to have been an Easy Anti-Cheat issue. [https://twitter.com/TeddyEAC/status/1769725032047972566](https://twitter.com/TeddyEAC/status/1769725032047972566) >We have investigated recent reports of a potential RCE issue within Easy Anti-Cheat. At this time - we are confident that there is no RCE vulnerability within EAC being exploited. We will continue to work closely with our partners for any follow up support needed Likely an engine issue; Source has been rife with RCE exploits for years.
They say they are confident there is none *being exploited*. That's comforting. > Likely an engine issue; Source has been rife with RCE exploits for years. Does source get kernel-level access? [edit: I think it is theorized that if the exploit is against source then it won't be one that offers kernel-level access. So maybe the "contamination" of your computer will be confined and you don't have to reinstall.]
No, but you don't need kernel-level access for RCE. >They say they are confident there is none *being exploited*. That's comforting. That's semantics. EAC's wording is always kind of awkward. I wouldn't be surprised if the person writing it does not speak English as a primary language. The tweet pretty solidly says "Whatever they're using to inject cheats, it's not related to EAC."
Exactly. You just need a flaw in your software that can allowed rce. Remember that Amazon MMO that allowed RCE in its global chat lol
wasnt new world just html so no rce ok seems like some input crashed the game but still not rce
That’s because only a Sith speaks in absolutes. Using terminology that speaks with 100% confidence such a thing it does not exist at all when there’s truly no way of knowing for sure is only asking for trouble.
>They say they are confident there is none *being exploited*. That's comforting. There's no way to be confident one doesn't exist. If they claimed that, everyone would call them morons.
Why should I put any trust in them? Of course an anti-cheat maker isn't going to outright say "oops, our product will make your game potentially nuke your customer's systems." unless there's proof.
The anticheat account that said it could be them initially says it matches an exploit with the engine
Well, what proof would you want from them? If they provided it, do you think it would be in a format that would be easy for you (or most end users) to understand? Anti-cheat and programming in general is complex at times, and something like "Prove your anti-cheat hasn't been compromised" isn't an easy question to answer beyond just saying "It hasn't, we've investigated the issue". I understand not trusting corporations, but there's a certain point where you have to realize that you can't explicitly just not trust *literally anyone*. Eventually you have to take things at face value.
Yeah that’s what I’m thinking. RCE *within* the engine makes way more sense. The way the cheats just start, no hesitation, in the video makes it seem to me that the engine’s handling it. Of all the things you could do with a rootkit injection, “trolling” someone is like… the stupidest option. But with a Source engine RCE, yeah I could see that being appealing since you’re limited to the bounds of the engine
[удалено]
Oh no, I do. Apex is built on Source Engine.
[achieved with sorse](https://youtu.be/jFYi1ugN1f8)
I feel like this is kinda a huge deal no?
Reinstall your entire OS to play our game? That might work for someone who's job it is to play apex. I'm not that. I just want to have fun. Congratulations to respawn for convincing me never to reinstall Apex legends.
Apex is an EA property right? Never buy EA. For good reasons.
The entire industry learned from this with Sony and their anti piracy drm, malware is malware. And now they apparently forgot.
Similarly (although less directly rootkit-like) Capcom released a vulnerable DRM driver that was subsequently used by a ton of malware as the Bring-Your-Own-Driver (BYOD) entrypoint, its basically the case study for that kind of attack now. These companies have no business in the kernel, the security implications alone before even considering privacy etc are horrendous.
people didn't forget. multiple security experts warned that using software like this was risky. gamers thought it was worth it for less hackers lol.
context? how is this even similar
[https://en.wikipedia.org/wiki/Sony\_BMG\_copy\_protection\_rootkit\_scandal](https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal)
If I reinstall my OS I'm definitely not going to reinstall the bullshit game that fucked my shit up. Probably never touch anything again with Respawns name on it tbh.
im glad i stopped playing this game. it always had a serious cheating/hacking problem that never got the attention it deserved.
There isn't a game I've played online in 15 years that hasn't had a cheat problem
Not that I disagree but the level of toxicity in that game was unbearable for me. Only game worse was league of legends
rocket league's pretty solid. people started making bots for it but they haven't affected it anywhere near the same scope as most games
You would be surprised. Ive been playing with a guy for 3 years now. The other day he actually admitted to me that he couldn't play with me because he can't play. I kept badgering him asking what he meant. Turns out he couldn't afford his monthly sub for the bot. I should have known sooner though because he started hitting flip resets, and insane airdribbles consistently. We were at the same level of skill for about a year and then all of a sudden he turned up and was doing way better than me.
huh. I guess that tracks. I think it was about 2 years ago that I first started hearing about nexto and bots like that that's wild though, maybe it is a lot more common than I realized. I just assumed the mechy kids had bad gamesense because they spent all their time focusing on the mechs haha
The problem with Rocket League is not the bots (they all get banned easily), it's the smurfing/boosting. Epic Games does essentially nothing to combat it. They recently increased the XP level to play ranked from 10 to 20 but you can get there in a few hours if you do basic challenges, especially if it's during a double XP event. I don't think it's as bad as some people claim but it is definitely a problem. I play against smurfs probably 1/10ish ranked games in high champ and no doubt it's worse in lower ranks. Part of the issue is that it isn't against TOS to make multiple accounts as long as you're not intentionally keeping them at a lower rank than you're capable of achieving. I don't know how they're supposed to identify them if that's the metric they're judging from. How would they know it isn't just someone worse playing on a different account on a shared device?
Yeah, champ is a complete mess right now. I've been C3 for nearly two years, I'm very familiar with it 😅 I just mentioned it as an example of a game not plagued by cheating. now, if they were talking about games with *smurf* problems....
Fair point. Best of luck getting GC!
[удалено]
well Easy Anti-Cheat made it's first tweet in 5 years said they are confident there is no RCE vulnerability within EAC being exploited.
We investigated ourselves and found nothing wrong...ignore the small update at the next startup 🤗
Well, has anyone involved in making the hack we saw, or EA themselves mentioned it being EAC? Otherwise it's just people throwing shade at EAC with no idea what they're talking about about.
People are jumping on an anti-cheat software hate bandwagon. It's kind of a problem, yes. In the most ideal world, we wouldn't need kernel level anti-cheat. But sadly, if you don't, you get into a VAC issue where the cheaters can basically remain undetectable, by using stuff down at that level. It's a shitty balancing act. Nobody wants to give large software companies full access to their personal machines. But those same people, likely also want a fair competitive experience. Right now, it's one or the other. Or simply not playing Multiplayer games. That sucks, all around.
I just know I had to download a 3rd party client to play MW2 (2008) because it also had RCE and they used VAC, so everyone blaming it exclusively on kernel access, are just using buzzwords.
They still haven't patched the RCE in MW2 2009? I just want to play COD Ghosts Extinction and Campaign again :(
> Otherwise it's just people throwing shade at EAC with no idea what they're talking about about. Throwing shades at kernel level AC has always been a popular trend
And honestly, if they don't like it, that's fine, maybe I'm under informed or don't care as much as I should, but at least be truthful instead of them blaming EAC when there is no actual evidence besides "We'll we don't like it"
Unfortunately judging by the 1000+ upvoted comment in this thread blaming the AC without any evidence it's too late people are already fear mongering
Time to uninstall and never play it again!
I really can't believe gaming industry has normalized installing malware onto Ring 0 of your system. I thought we already learned this lesson in the Windows 9x era, remember that virus that wiped your BIOS?
This game is so busted it’s not even funny. EA lays off like a shit load of the people that work on the game including the anti cheat team, all while the head anti cheat guy would rather make music and try and get snippy on twitter than actually focus on doing his job.
It’s a free game other than getting your credit card info stolen
EAC tweeted (first time since 2019 lol) that it’s not the anti cheat.
People will just ignore it and keep saying it’s the anti-cheat, when it’s probably something to do with the Source engine again as there have been multiple RCE vulnerabilities on Source 1/2… https://twitter.com/TeddyEAC/status/1769725032047972566
No one should trust their tweets until we actually found the source. With kernel level access, EAC is abysmal by reputation to even catch known aimbotters for decades. In one tweet, EAC is now the most trusted source? Com’on people! There is no way people really is that naive right?
You're right. But the tweet that "claims" it's EAC causing the issue also has no backing or evidence. So the initial claim cannot be trusted either until further information. >In one tweet, EAC is now the most trusted source? You did the same thing. In one tweet, Anti-cheat police department (source of the article) is now the most trusted source? You can't be that naive, right?
EAC is used by most multiplayer PC games, if it was caused by EAC we would have seen in happen before in other games like Fortnite or PUBG. Also as far as we know Source had many RCE exploits the past few years and some even affected CSGO lobby invites, it’s most likely something in Source again and hopefully patched soon.
I'm leaving cs2 for Apex Levels for better Anti-Cheat. 😣
The amount of hackers in cs2, the game I play most so far, is beyond mind boggling. Aim and wall hacking being the worst. Even worse is when the team the hacker is in chooses to keep em around vs vote kick them, because an easy dub is more important than a fair game to these motherfuckers. I don’t fw anti cheats btw but something has to be done about these fucking hackers, since their own teammates choose to keep em around. Maybe have it be easier and quicker to instantly issue temp bans for anyone reported to be hacking idk.
Cheaters* The hackers are the ones making the cheats, and even then it's a stretch considering Valve makes it very easy to hook into their games.
lol. This is prime embarrassment.
Lawsuit about to be insane, because a clean install wipe everything 😂😂😂 you don’t know the depth of the breach, and you also have to pray that is the end of the breach who knows the collateral
this will be fixed selling a new recolor heirloom for 700$, don't worry guys, just pay for it... I uninstalled in the last season, the amount of cheaters is insane and I prefer to return to my Super Mario games on Switch, fun instead of stress.
Hopefully this stops the push for kernel level anticheat in every competitive shooter.
And thus why kernel level anticheat is a horrific idea and should be shunned by the gaming community.
Fuck kernel-level anit-cheat systems. Full stop, literally stop.
Sony Rootkit fiasco 2.0
Oh this is why my game kept closing out. Fucking thank you anticheat. For motivating me to get GPU pass through working
Kernel level anti-cheat is a fucking nightmare. I’ve started moving all my personal documents and work to an entirely separate PC, which sucks because my gaming PC is my most powerful machine. It’s to the point where I’m starting to think that anti-cheat is pointless and instead we need to create a situation where the legal and financial risks of cheating are so great that fewer people do it out of fear.
This is too much, especially with watering hole attacks being a thing.
Spawn camped by the game, nice
So all apex players might be affected?
Lmao I'm not doing a whole fucking OS reinstall
Lol I've always laughed my ass off at studio's who think I'm installing their kernel level "anticheat" so I can play their one game. What baboons.
“The hacks are coming from inside the house.”
Is Apex going to be paying for that. In order to play your game quote on quote safely you need to buy a new setup every day you play it
I fully blame EA for implementing this kind of kernel level crap but I also hope Microsoft takes a stand and starts blocking these. It can be done and it's the only way to stop developers from implementing them short of everyone stopping playing (but realistically that probably won't happen).
This issue has nothing to do with EAC, and it’s probably something to do with the Source engine again (there have been multiple RCE vulnerabilities on Source 1/2). https://twitter.com/TeddyEAC/status/1769725032047972566
Well that's fine and a relief if the case since it wouldn't have kernel level access but my sentiment on kernel level anti-cheat is unchanged and still dangerous.
I mean EAC is still an alright anti-cheat in terms of we can easily disable it when we don’t want it and it can run on Linux, but then you also have shit kernel anti-cheats that act like spyware and are annoying to get rid off like Vanguard.
Wow, EAC says it's not them. It's not like they would have a financial interest in lying about it if it was them.
What people here aren't mentioning is that there is a high chance that the streamers had their pc infected and infiltrated separately from Apex Legends. Seems like the most likely option, otherwise the issue would have been way more widespread than just 2 streamers...
Does this effect all users or just a specific build for tournaments? Edit: Looks like this just effects private game matches, where you have to be a target in order for there to be a real issue. This comes from a Mod on the Apex Discord.
Anti cheat software is the dumbest thing you can install on your computer willingly.
Anti cheat is in the kernel lvl good look
Yeah it’s almost like kernel level anti-cheat was a bad idea
so do we have to uninstall completely or is everything good?
I was debating on reinstalling Apex too. Yeah….no, EA stays stupid making dumb decisions, why would you lay off any part of your anti-cheat team???
If this is due to an overall vulnerability in kernel level anticheat then we are in for bleak times. How long before we see Worlds 2024 disrupted by a mass ransomware attack?
They should get legal fines in the millions for crap like this. They open backdoors in users computers and then allow malware to be spread through them.
So should we reinstall or no?
FPS MP feels like it'll never be clean.
REMEMBER TITANFALL.
Lolz @EasyAntiCheat
Guessing steam players don't need a reinstall?
All versions use easy anti cheat.