On the front line of anti-cheating, game companies have launched an "arms race"
"Those who undermine fairness should be punished." This is almost a consensus in everyone's mind.
However, in the game arenas that gather tens of millions or even hundreds of millions of participants, the boundary of cheating behavior appears blurred.
In the field of online games, cheating has a more well - known name: "using cheats". It includes all behaviors of obtaining information and operational capabilities beyond those of normal players through non - officially permitted external programs or hardware. In the context of games, cheats usually do not include using data modifiers in single - player games, but specifically refer to tools such as wallhacks and aimbots in multiplayer competitive games.
Currently, in addition to cheat developers, some content creators on the Internet also use "cheats" as eye - catching materials for dissemination to gain traffic, and even advertise and promote cheats.
For example, in some late - night live - streaming rooms, streamers of the "treasure - hunting rat" type in tomb - raiding games will continuously show the audience "how they use the wallhack to precisely collect high - value items on the map". This kind of display packages cheating as an entertaining and curious spectacle, weakening the seriousness of anti - cheat efforts and making it difficult for game manufacturers to eradicate cheats.
The wallhack can directly display item information on the map.
After all, one of the means for cheat developers to continuously acquire customers is to actively lower the psychological threshold of potential users. In addition to creating gimmicks to gain traffic, they often package their products on social platforms, e - commerce channels, and private communities, calling them "assistive tools" or "stable plugins" to obscure their illegal nature.
Currently, the number of cheat users is increasing as the total number of domestic players grows. Whenever a phenomenon - level game appears in the market, cheat developers will respond within a very short time to quickly reap huge profits. Games like PUBG a few years ago and the current Delta Force have basically experienced the situation of "a surge in cheats when the game becomes popular".
Many UP owners also share their experiences of encountering cheats.
According to the statistics in the 2025 Game Security White Paper, the number of detected mobile game cheat functions has increased by 148 times in the past eight years. At the same time, the number of cheat samples on the PC side has exceeded 100,000 for the first time in a year, with a year - on - year increase of 124%. That is to say, both the supply and demand for cheats are constantly expanding.
Statistical data from the 2025 Game Security White Paper
Many cheat users lack an objective understanding of the legal nature of cheats and their association with the black market. They may not be aware that each use of cheats provides cash flow for the downstream black - market chain, objectively maintaining the low - threshold operation of the cheat market.
Nowadays, cheat development is no longer an individual act but an entire black industry chain involving huge interests. At the 8th Game Security Industry Summit held on June 8th, Ao Ran, the executive director of the China Audio - Video and Digital Publishing Association, mentioned that "when the number of participants in an industry is calculated in hundreds of millions, its security issue is no longer just a technical problem, but a public issue related to the order of the digital economy, the governance of cyberspace, and the vital interests of a large number of players."
01 A War without Gunpowder Smoke
The relationship between cheats and anti - cheats has completely gone beyond the pure technical dimension and is more like a continuous offensive and defensive battle between game developers and the black market. The two sides will engage in repeated confrontations in multiple dimensions such as technology, operation, law, and public opinion.
For game manufacturers, anti - cheat work is essentially a "tedious task" with a difficult - to - quantify return on investment. It requires the project team to allocate a certain cost to set up a security team in addition to basic R & D and invest server resources for real - time monitoring and retrospective analysis to establish an independent evidence - collection and processing process.
These costs are difficult to directly convert into revenue and are considered "a matter of course" by players. In short, there is no reward for doing well, but there is punishment for doing poorly.
APEX Legends is a typical case of a game that failed due to game security issues. This FPS game developed by Respawn Entertainment and published by EA quickly became popular after its launch in 2019, but was also targeted by cheat developers. At the peak of the game's popularity, players frequently encountered cheats such as speed hacks, aimbots, and wallhacks. In the most extreme cases, they could even encounter flying hacks and bullet - tracking hacks.
What's more serious is the change in players' mentality. As they continuously encounter cheats, some players' reactions will change from initial anger to the compromising statement of "it's normal to encounter cheats", further losing confidence in the credibility of the product itself.
Even today, there are still cheats that violently modify game values in APEX Legends.
Ultimately, APEX Legends fell into a vicious cycle: players left due to cheats, causing the game's popularity to decline, which directly led to a decrease in cheats. When players returned due to the decrease in cheats and the game's popularity rose again, the number of cheats would increase again.
All Respawn Entertainment could do was to make additional investments in a more passive situation to complete the anti - cheat system that should have been established earlier.
On the side of the cheat black market, the pace of evolution has never stopped. The cheat black market has now formed a complete chain with clear division of labor and concealed settlement. Among them, the upstream teams are responsible for the development of core functions and usually hide overseas to avoid domestic law enforcement jurisdiction; the middle - stream distributors distribute products to lower - level agents through un - reviewable instant messaging tools and provide teaching and after - sales services; the payment link generally uses virtual currency settlement, such as Bitcoin and USDT, cutting off the path of fund tracing.
Selling cheats is not something new.
The terminals used by users have basically abandoned the one - time purchase model and switched to the subscription system. Users pay on a weekly or monthly basis, continuously providing cash flow for cheat developers. Based on this model, cheat developers can also continuously adapt to the anti - cheat updates launched by the official to ensure the availability of their products.
Each node in this chain can be isolated. Even if the official cracks down on a certain distribution link, the cheat black market can quickly change channels and restock. This structural flexibility is also the root cause why cheats have never been completely eradicated.
The official's opponent is not a few hackers, but a commercial black - market group with organization, funds, and the ability to iterate technology.
Of course, in recent years, cheats have also found new breakthroughs at the technical level, introducing two new forms that can impact the traditional defense system.
The first is the DMA cheat. The biggest difference between the DMA cheat and traditional cheats is that it directly reads game memory data through an independent hardware device, neither modifying the client nor injecting additional code. Since these processes are completed at the hardware level, traditional anti - cheat software cannot detect its traces.
The logical operation diagram of the DMA cheat
The second is the AI vision cheat. This type of cheat also does not read game data. Instead, it collects video signals through third - party compliant software (such as OBS for live - streaming) and uses a trained vision model to analyze the screen in real - time, and finally completes operations by simulating input devices. This cheat model is also the one most frequently mentioned by players in self - media.
Of course, from the perspective of the official system, although the current AI vision cheat can bypass memory reading, it also makes its operation process cumbersome. Therefore, the security team can more easily distinguish cheat features through behavioral differences and quickly crack down on them.
These two new forms of cheats have shifted the anti - cheat confrontation from software to hardware and from code observation to behavior differentiation. It may not be possible for the official to completely contain cheats by writing one or a few pieces of software. They must provide high - frequency updates and engage in repeated battles like the cheat developers.
That is to say, the current confrontation between cheats and anti - cheats has evolved into an "arms race" for the core interests of the game. The side with a shorter iteration cycle and faster updates will gain the upper hand in the current game. In the most extreme cases, this window period may be as short as an hour.
02 How Far Should the Anti - Cheat Measures of Cutting - Edge Products Go?
To truly understand the current stage of the confrontation between cheats and anti - cheats, Delta Force under Tencent is a cutting - edge sample worthy of reference.
First of all, Delta Force has a large enough user base, which makes it a key target for cheat developers. Backed by Tencent, the game does not lack technical and cost support, so there will naturally be a high - intensity confrontation between the two sides. Just in the past two game seasons, the official has banned 1.82 million cheating game accounts. Secondly, Delta Force is an FPS game, which is in the main battlefield where cheats are most rampant, so the anti - cheat system has been more fully pressure - tested.
The official punishment notice for violations
More importantly, Tencent's security team has also disclosed relatively complete technical and strategic information on this project, allowing us to see more.
According to the official introduction, the anti - cheat strategy of Delta Force basically covers two stages: pre - interception and dynamic confrontation.
In the pre - stage, the security team's approach is to increase the cost of using cheats, such as attaching machine codes and applying multiple data encryption systems. Among them, blocking machine codes is a common measure. In essence, it raises the cost of banning cheaters from a single account to core hardware such as the computer motherboard.
In terms of data encryption, Tencent's security team has proposed a model that combines the fog system, personalized encryption, and dynamic encryption. Simply put, the fog system only allows the player's computer to read the data that the player "should know" in real - time; personalized encryption dynamically generates an independent algorithm for each player, increasing the cracking threshold for cheats to obtain data and requiring customized solutions; at the same time, dynamic encryption constantly changes the location of game data, increasing the cost for cheats to run through the process.
These thresholds do not necessarily need to completely contain the functions of cheats. They only need to slow down the reading speed and make the data lose its timeliness. Once the cheat cannot guarantee real - time performance, even with a delay of just a few dozen milliseconds, its functional value in actual combat will be greatly reduced.
In terms of dynamic confrontation, the security system has a key change in thinking: they no longer regard "finding cheat programs" as the only goal, but also take "identifying behavior patterns" into account.
No matter what technical means cheaters use, they will ultimately be manifested in operational behaviors. For example, the movement trajectory of the crosshair is too smooth each time, lacking the necessary fine - tuning in human operation; without definite information, the pre - aiming position accurately locks the head of the enemy behind the cover; continuously and quickly locating multiple targets, and the acceleration curve of the perspective switch does not conform to the laws of human operation, etc.
The official will input these behavior characteristic data into the AI model for continuous training and real - time comparison. Even if the cheat can avoid detection and crack the encryption, it may still be exposed in the final operation link - and even more thoroughly.
At the same time, the official will also update the defense plan at a high frequency, using different program contents to "screen" continuously to find cheating accounts. According to the security team, at the peak, the anti - cheat system of Delta Force updated the defense plan twice a day at the fastest. They said that the team will continuously follow the update dynamics of cheats 24 hours a day. Once a new cheating method is found, it will be immediately written into the detection rules and pushed to the client through hot updates.
For example, for the recently discussed AI adsorption - type cheats
Overall, the strategies demonstrated by Delta Force basically represent the standard and even the highest - intensity configuration of domestic mainstream manufacturers in the FPS field for anti - cheat measures, providing a lot of reference for many games.
03 The Ultimate Goal of Anti - Cheat Is Not Only within the Battlefield
Of course, combating the cheat black market is not an overnight task. It requires continuous verification and optimization from multiple dimensions by players and the official. For example, players should maintain a firm attitude of resisting cheats, and the official should provide more objective means for players to identify cheats. In Delta Force, the most - demanded feature in this regard is the global replay function. For example, Delta Force plans to launch a "player inspection team" to invite players to participate in the anti - cheat work.