Question about how detection works (from a layman) and another ?...

[ckrit]

I see quite a few posts that reference X cheat going X months completely UD. I am not saying that isn't true, I am sure it is absolutely true. Now here is where my ignorance is coming into play. But who better to ask than the grus themselves?

Obviously BSG can/will and does purchase and utilize cheats (or maybe BE not BSG?) in order to get an understanding of what is being used, checking for any new exploits, etc. So what is stopping these companies from RE cheats and essentially rendering this entire marketplace void?
I know RE isn't some walk in the park..but ****, you guys seem to pull it off with each and every new iteration or new player in the anti cheat game. Is it that your code is that good or is that RE is really much harder than I am giving it credit for??

Also, obviously we are aware of the ****-block container ESP situation that came to be with the latest patch. I wonder if that was just accidental on BSGs part or they actually tried to specifically block cheats from seeing inside containers? In any case, are you guys aware of the reason it's currently not really possible and do you think it's just a matter of time?

Thanks for reading this random BS, btw.

[NexusShop]

I am not a professional in coding or engineering, so my explanation may not be very technical. When a cheat is detected through its signature, all users who have used it will get banned. However, the methods used by top-tier cheats are indeed very advanced. As a result, most bans nowadays are due to manual bans, or because you've used extremely powerful memory modification features, such as aimbot teleportation or speed hacking.

Container ESP blocking was intentionally done by BSG, and this feature may be difficult to reappear.

I hope these words can help clear up some of your doubts.

[Toxic.dll]

Container ESP its now serverside so not possible for make this feature again (unless you do some crazy exploit and would be risky)

With RE you mean Reverse ? If so, cheats are well encrypted so its not that easy, most of times impossible to read the code and fix what they are using to do the features, also need a hard code to fix it without open new failures

Quote:

Originally Posted by NexusShop

I am not a professional in coding or engineering, so my explanation may not be very technical. When a cheat is detected through its signature, all users who have used it will get banned. However, the methods used by top-tier cheats are indeed very advanced. As a result, most bans nowadays are due to manual bans, or because you've used extremely powerful memory modification features, such as aimbot teleportation or speed hacking.

Container ESP blocking was intentionally done by BSG, and this feature may be difficult to reappear.

I hope these words can help clear up some of your doubts.

Have a lot of detections not only SIG, they can detected Overlay or Hook, Injector, Bypass, Auth, Driver, GUI, R/W Memory Methods, and much more things

Good Cheats exploit legit things that make harder to BE detected without FP's

[ZSOFTWARE]

Most cheat developers aren't pulling anything off. The bad ones change the behavior of the cheat to look different, but still be detected. The good ones look at what data the anti cheat is collecting and plan accordingly

If you look back 5 years, there was a lot of direct detections for methods and specific cheats. Nowadays most anti cheats, including battleye is already 95 - 99% sure everyone using cheats are cheating when it comes to most cheats. The approach has changed from direct detections to mass data gathering for abnormalities on your system. In the past they would have signature checks that were scanning for bytes, nowadays they have "abnormality behavior signatures" (My own phrase I just created).

To give you a better feeling and understanding of the idea of what this "abnormality behavior signatures" is I think this example will give you a good understanding

Battleye collects all kinds of metrics and data on your system. This stuff may include Window titles, All Processes information (start time, time duration, parent process etc) and how the systems memory is setup. Usually all of this info is send to their servers, to handle it on their systems, so they can keep it a secret for the cheat developers. Individually these abnormalities are not always definitive proof that someone is cheating, so anti-cheats combine abnormalities to make this signature.

They are then using machine learning and are probably even using / implementing AI to analyze all the data they are gathering about you. Then when the system starts seeing a new signature of abnormalities, it wouldn't be unwise to guess that the anti cheat analysists get pinged / notified and then they manually review it. This is also why I always say go with a reputable public cheats, with good track history and many users. Because the private cheats haven't refined their cheats to the same point as the good standing public ones have

There is of course also the old school direct detections for providers, but they are way less common then you think. The last time I have seen this happen on EFT with my own eyes, is a popular cheat for eft currently that uses / used a boot mapper. Not gonna say their name, since I don't know if they have shared it publicly already

Even with what I explained, there is tons of small very important details missing and nuances, so if anybody here feels offended by some missing detail please fuck off

Also BSG deliberately did the container esp stuff to combat cheating