How Pro's Use Undetectable Hardware Hacks To Cheat in Lan Tournaments!

Tournaments just need to hire people who actually know what they are looking for. Anything brought into a tournament needs to be checked in and looked over.

silnT.

For the hardware cheats (and cheating on tournaments in general), I think the Computers could be locked down much further. Something much more Kiosk like. For example a readonly RHEL system with only Xorg, Pulseaudio and CS:GO, that doesn't allow the execution of any other files, nor the loading of any custom kernel modules (e.g. drivers). Built-in recoil compensation in mouses will definitely still be achievable, but at least you'd probably be around the same level of hardening as e.g. a PlayStation

JmbFountain

Thank you for the insight of HH that also means that we as viewers have to watch closer at pro teams as well

NOGREATNAME

The movement script is called a movement recorder. You can import known movement jumps that makes the movement for you.

CrownieBrownie

Someone’s been a very bad bad boy 😂 let’s see who gets caught next!

LadySaya

I played cs go all year last year. The amount of cheaters and idiots makes it one of the most unplayable games. I love Counter-strike but damn do they need to do something about its current condition.

RSkrub

From Valve: Set Deny rules for the following (can be set for the everyone group or the Windows user players will be using): powershell.exe, cmd.exe, cscript.exe [the script payload used in the documentary is C# run in powershell]. So the reason it is this "easy" is because this LAN is not following guidelines to secure it. If guidelines were followed then this script would be detected and blocked because powershell was executed.

An attacker using badUSB hardware is already limited by the size of the script to get it done fast. This script used a one-liner which does a benign function that will not trigger any security. The script just shows a flickering square dot. I can do something very similar through the console without powershell. In other words, that segment is bait. No actual cheat was running on LAN.

However, the full documentary did reference other cheats that attack the BIOS that DO bypass league anti cheats, but mostly in an online setting. I won't bother citing them here nor will I answer further questions about them or about hardware cheats.

kaisersoju

this has been a thing for a while. when the steelseries sensei came out with the arm processor onboard i wrote custom norecoil firmware for it and it was never detected at lan events or on mm/esea/faceit, and that was like at least 8 years ago now. you dont even need to execute it on the computer itself since it runs self contained on the processor within the mouse, and doesnt need to access any memory since the recoil patterns were hard coded into the mouse (they only worked for AK and M4, which were swappable by hitting the DPI button). pretty much anything that has an onboard cpu can do this, and since most keyboards and mice are super duper fancy rgb gamer stuff now, almost all of them have something powerful enough to run this kind of script.

AlexZanderMuro

I mean, it's actually pretty simple. In live tournaments, everybody has to play with the same hardware, that is provided by the organizer. No personal hardware allowed and the problem is solved

tobiass

I’ve seen so many cheaters in just Casual cs lately… So many noobs who rage toggle

Salkinmusic

I remember the topic of hardware hacks being discussed in the CS:GO pro scene like 6 years ago. This just proves they've probably been doing it all along.

BionicBurke

Hardware hacks have been around for years, all the pros use macros so it wouldn't be hard to put scripts into them. Tournaments should either scrutinise the hardware by a third party or be provide everything, the computers, the keyboards, mouse, on private lans that cant be attacked like the Navi Vs Heroic match in EPL. Navi accounts were targeted by DDOS. Either have a body to search and throughly scrutinise the hard ware or just have the tournament say it's their equipment or don't compete.

thdwndr

I think the only way to counter hardware cheats is to use hardware anti cheat. Some sort of shim device that plugs into USB and your mouse/keyboard has to be plugged into it like a USB hub. The device inspects/records HID protocol activity(basically keyboard and mouse input) and passthrough the inputs so there's no input delay. Of course the client side anti-cheat needs to verify the device and operating system so you cannot unplug it or plug in another keyboard.

If the device detects illegal/suspicious activities(i.e. injecting cheat program that isn't keyboard/mouse input) the device silently reports the time illegal inputs were made to the anti-cheat software on the PC. This way the officials could reverse engineer the inputs if something sus was found or reported after match ended.

But it's basically a keylogger(privacy and security issue), so it's opening a can of worm for users other than pros playing on tournaments. Before you say "how about the crazy hacks like self driving mouse with wheels", that wouldn't be possible on LAN matches anyways. And yes anything man-made could be defeated so smarter people need to outsmart the smart cheaters.

hateWinVista

im glad time understood that it was more than a bhop script. it indeed was recorded movement. he just went to a marker *drawn by his esp* and holds a key and it would do the movement for him

suprosonic

While hardware may be inputting the cheat, it still is done via software (basically the keyboard is injecting code and running it on the PC, while the code came from the keyboard (usually via a script), it is still running on the PC as a script or executable, so it should still be detectible.) There should be some things that could be setup to stop this from working, disabling scripts, disabling access to command line/powershell, heck you might be able to make it so that only certain programs are able to run under the account (aka CSGO/Steam) and nothing else, treat the tournament computers like a corporate network computer, you can even force USB driver whitelisting to only allow certain brands/models of keyboards/mice.

only hardware cheats that use macros for no recoil, and rapid fire of a semi-auto would be able to really be done straight from hardware without any software needed. If its injecting code, its still software based even though it was done through a hardware attack vector.

jjjacer

just provide the mice/keyboards, don't let the players use their own gear. if they need specific gear they or the team can pay tournament organizers to provide one that is verified. players can still use the gear they are comfortable with and it eliminates all possibility of this type of cheat, you would have to install it to the pc otherwise.

brianpancotto

So, something like this won't be stopped. It will reach a point (if it hasn't already) whereby a few people on the inside (organizers) are paid discretely to provide pre-configured hardware to a certain player. And no, something like this won't be detected even while the game is watched by millions. Pro players are spot on with almost everything gameplay related - the software used in the ESL scene is privately coded in a way that nobody will be able to pinpoint who's running something. And yes, there are currently one or two people in the ESL scene that are using third party.
Even when you take a look at invite-only software, what you're able to do is so discrete that an average Faceit Lvl 7 player (or anyone with decent enough Xhair placement, movement, knowledge, util usage etc) will not be seen as suspect.
When someone is running a 5% chance for every 4th bullet to connect for a headshot provided your Xhair is within a custom pre configured hitbox - and their spray pattern is near perfect as well as their pre-aim, Xhair placement, movement etc - you will never be able to tell, never. Overall this would just seem like a good player who has 10k hours in the game.
It is what it is, and it will stay this way.

_BrettHamblin_

A potential solution would be to enact a requirement for the esport teams themselves to order the mice + keyboards for their own players to be delivered to the esports venue. The staff will open and set them up to the desired settings.

georgebaggy

so on the first over watch case there are move recording built into cheats that can replay their movement so he lined him self in the corner at the start of the round to bhop through vent

brenthom

From what I know most major tournaments will check hardware before letting pros use them, even if they brought their own peripherals.

mushovers