Guide
Hello everyone! Alexey aka Gorlyli is on the line, I am lead of the EXENS Team that is responsible for developing anti-cheat system. I've been with EXBO for over eight years now, and all this time my main concern has been fighting cheats. And back then, I couldn't imagine how far we would go! Something that started as a simple “bumping banhammer here and there” turned into an exciting technology race with incredibly high stakes.
Cheats are like a cancer to any popular online game. And depending on the genre of the game, its developers take cheats either for granted, or it becomes a matter of survival.
STALCRAFT: X — is a MMO shooter with the focus on PvP, so it's mission-critical to keep the cheaters issue under control.
The fight against illegal software is a shady game. The more these criminals know about our methods and tools, the more difficult it is to catch them. And this has a sad downside — the more details about our work are kept secret, the more room there is for all sorts of speculation and myths to spread, causing concern among honest players.
That is why, in this article, we will try to provide as many details as possible about our anti-cheat system. Actually, this is one of the most important articles on STALCRAFT: X development that every player should read! I have even hidden a promo code in this article to motivate you! Try to find a set of suspicious combinations of capital letters.
Table of Contents
How does EXENS anti cheat system work
Verification of all data on the server
Let's start by saying that SC: X is by default protected against most types of cheating by checking data on the server. All players' actions, shots, and physics are handled there. This means that all information transmitted by the game client* is fully controlled. Therefore, under no circumstances will the player be able to use cheats to accelerate movement: SpeedHack, flight, or manipulate objects.
* The Game Client — is a program that uses game files and connects to a server to display graphics (images), play sounds, and process player actions. When you launch STALCRAFT: X, you launch the game client, which performs all these tasks.
Fight with a Lag Switch
However, an effect similar to SpeedHack can be achieved using Lag Switch — a program that artificially increases the ping. Thanks to it, the cheaters start lagging on other players' screens while moving, making them much harder to hit.
In the past, we had already destroyed the first wave of these cheats, and now, after upgrading the network protocol, we will destroy the next wave.
Protecting the client and the game's files
In addition to server data validation, our team focuses on obfuscation, encryption* and other anti-cheat techniques that interact with the client and game files to greatly increase the threshold of entry into cheat development. We also don't forget to slightly change the internal structure of the game after each update in order to break existing cheats.
* Obfuscation makes the code more complex and harder to read, while encryption protects the data from unauthorized access.
Thus, we aim to encourage the cheat developers to spend as much time as possible updating their cheats and doing painstaking manual work that is hard to automate.
Moreover, changing certain game files can give a significant advantage in SC: X, so our anti-cheat is constantly checking them. For example, in the recent update, we took action to prevent the ability to replace or delete models of players, trees, and other important objects.
RAM Checking
But that is not where EXENS stops: when you launch STALCRAFT: X, it constantly checks the RAM usage of the game to look for traces of injections that shouldn't be present.
* Injection is the process of introducing additional code or modules into the memory of a running game. When speaking of cheats, this refers to modifying or enhancing the capabilities of a game's client.
It is crucially important to understand that injections are not something that one can easily get rid of.
Mainly because the injection is used by many legal programmes, the player needs. Antiviruses, Discord and Steam overlays, OBS and Bandicam video recording, Action — all these programs have one thing in common. They introduce their modules into the gaming process for their specific tasks, without assisting the player.
Most often, legal program modules can be easily distinguished from cheat modules, as they have digital signatures that we can verify. And a random module that came out of nowhere and has no signature is always suspicious.
The most problematic types of cheats
Unfortunately, neither checking the player's actions on the server, nor protecting the client and game files will not help against auto-aiming (AimBot) and X-ray vision (WallHack) cheats. They are a huge problem for ANY online shooters and there are no methods to eliminate them completely.
Fighting with WallHack and AimBot
The thing is, AimBot and WallHack use the data which the server sends to the game client anyway. In other words, these cheats only work within the capabilities initially available to the player.
Fighting WallHack at the server level is possible. This only method is not to pass information about opponents behind obstacles to the client 1C. However, this approach requires a stable internet connection: without it, enemies will suddenly appear out of nowhere, and the advantage in PvP will completely depend on ping. Therefore, such solutions are not applicable for dynamic first-person shooters like STALCRAFT: X.
AimBot doesn't do anything that the players themselves can't do. The fight against it on the server side comes down to analysing the statistics of each player's actions and detailed injection checks. That is what we have mostly successfully been doing for a long time.
At the moment, there is no more effective means against these cheats than rapid detection and blocking users who use them. We feed all new cheats to an automated system, which then detects their use and passes the lists of abusers to the person responsible for blocking them.
Unfortunately, we cannot reveal the details of our automated system, as it would be equal to opening the gates of the fortress to robbers.
However, we can say that on average, it takes 2 hours for a user of an already detected cheating software to get banned.
For AI cheats, this peripod has now been extended, but in the nearest future we are doing our best to speed up our response. And we are able to do that thanks to you!
The importance of the “Report” button
To speed up the cheaters blocking process and to find new banned software faster, we use the help of the players who submit complaints about suspects via the death screen. We are going to add this button to the profile, in-game chat and in-game mail.
Reports are instantly and automatically entering into the system, receiving different priority depending on the number of matches, to speed up the response to particularly brazen tricksters.
The server stores data on even the smallest actions of players. So, we have the ability to analyse their patterns of behaviour, combat, economy, and any other performances, and then compare them to averages and to what we think is physically possible 5B. Any critical deviations signal that the player may be suspicious and have illegal software on their computer.
That is the final stage — examining their game client and looking for traces of injection or AI cheats. After which, if anything forbidden is found, the player abruptly switches role from suspect to abuser, and deservedly receives a “banhammer” hit on the cubic head.
Why only suspicions is not enough?
We don't give any penalties until we find the traces of illegal software.
This is done due to the fact that cheating bans are carried out permanently, without the possibility of review, so we require 100% evidence of their use. In addition, a character with high-level gear is of great value to the player — after all, a lot of time and effort, and sometimes even money, have been invested in them. That is why blocking an account based on some suspicions is unresponsible.
Any DMs screenshots can't be reliably verified for authenticity. Even videos of highly suspicious movements of the accused, which seems to be AimBot, could turn out to be simple flick shots — a shooting technique where an incredibly skilled player sharply and precisely shifts the aim between targets with the mouse.
Demonstration of flick shots that are confused with AimBot 8D
Cheaters everywhere?
Thus, we come to the fact that in online shooters it can be difficult to distinguish between a cheater and a player with outstanding skills, and all this mess sometimes causes serious paranoia among honest players…
It is always frustrating to lose, so some players, being on emotions, subconsciously try to justify the unfair play of the opponent. It's a slippery slope, and we've seen many cases where people start seeing cheaters in almost every third opponent as a result.
This problem is especially relevant for the EU region, where the still young audience sometimes faces experienced CIS players.
On the European region, we regularly receive many complaints about players whose performance would be considered quite average by the standards of the same RU. Well, what to say about the player, who has been playing our game, who has been playing our game for almost a decade and has such a serious gap in game experience with the rest of players that it becomes an almost daily cause of discussions on English-speaking platforms.
Real state of affairs with cheaters
In fact, in comparison to Spring 2024, the situation with cheaters is more or less under control now. And last year's spike was related to a sharp increase in the development of neural network technologies, which forced us to learn how to detect programmes that do not interact with the client in any way. However, before Day X arrived last summer, we had time to adapt and learn how to deal with them effectively:
Percentage of deaths from cheaters on RU region
Percentage of deaths from cheaters on NA + EU + SEA regions
As a result, only one in a thousand deaths in STALCRAFT: X now occurs from the hands of a cheater.
It should be noted that another important detail helps to achieve such a result. Although our game is conditionally free-to-play, there are entry thresholds for competitive PvP activities.
While the southern locations are becoming less and less PvP required with each update, the northern locations demand a rather long main story to access. So if a cheater is banned, they will probably be too lazy to progress again and will either stop cheating or, more likely, try to buy someone else's account using Real Money Trading.
And just for such scenarios, we have some tricks reserved too!
Cheaters and RMT
But let's get to the point… RMTs are illegal sites where in-game items, currency, accounts, or even services are sold or bought for real money, which violates many rules and is punished with the highest severity in most online games.
The main harm of RMT is not that some money passes the developers by, but that it directly assists cheaters in their malicious activities. With these sites, abusers can quickly acquire new accounts and continue to interfere with fair gameplay at all stages of the game, while disguising themselves as casual players with normal stats and a variety of equipment.
Fighting RMT
Fighting such chameleon cheaters and RMT in general is managed by the game security department. They manually analyse suspicious account logins and review the entire chain of accounts involved in transferring or receiving in-game valuables, taking note even of those tricksters who try to look clean. Thus, by the way, the cheater unwittingly frames the RMT vendors as well, informing us of their illegal endgame content.
Of course, this doesn't affect regular players, who may not have been aware of their random teammate's or trading partner's superpowers.
Nevertheless, a sudden gift for pretty eyes — can be withdrawn.
As a result, due to quick detection of the cheater by the EXENS department and thorough analysis of the account by the security department, the abuser cannot repay the cost of the purchased account and subscription to their private cheat many times over by selling the dishonestly obtained game values with the RMT.
By the way, free cheats without a subscription are like free cheese in a mousetrap. Such programmes often steal their users' personal data and are usually already detected, resulting in immediate account ban.
The security department is currently designing new tools to prevent theft of in-game valuables and simplify manual analysis of player actions. This allows faster verification of complaints about suspicious accounts marked by the EXENS department, and more effective detection of helping cheaters with their scams to make money.
Plus, these tools can also come in handy in subdivision battles, where it seems itchy to restrict access to battles for players and subdivisions that abuse the licence agreement's clause against transferring your account to third parties.
List of prohibited applications
But let's get back to the topic of cheats. There are cases where initially legal software starts to be used to gain unfair advantages in the game. A recent example is the graphics debuggers Intel GPA and NSight. Typically, these programmes are used in game development to optimise frame mapping, but over time it has been discovered that some of their features allow you to literally enable legal WallHack.
We're not monsters to ban players for using an originally legal programme. So first we publish the news of its ban on our social platforms of the project and add it to the list of prohibited apps on our website. After that, we simply disconnect the player from the server when a prohibited programme is detected, notifying the player about it.
However, if a player tries to bypass the detection and trick the anti-cheat in order to use an application from the prohibited list — then they are guaranteed to be banned.
Fighting macros
Another example of previously legal software that gave an advantage in the game is macros. These are programmes that make it easier to perform repetitive actions on a computer. Specifically in online shooters, they are used to programme a sequence of clicks and mouse movements to shoot without any recoil at the press of a button, or to fire single shots incredibly fast, like Clint Eastwood!
Macros users had been a bone in our throat for a long time, and since there were no publicly known effective ways to deal with them, we had to invent our own. And while we were in development, all regions have developed a whole population of top players who are so used to this feature that they can hardly play without it…
Think about it, a macro has even been created for the KRISS Vector, a submachine gun with minimal recoil! So we've stocked up with popcorn and are looking forward to a forum show with “skilled pros”, suddenly lost their “honed by years” accuracy!
Announcements!
Bans for macros
After all, it's finally time to announce that starting today, 21 March 2025, we are experimentally starting to ban for using macros!
And here's how it's going to work:
- The first use of macros will result in a temporary ban for seven days. However, repeated offences will be punishable by a permanent ban.
- Bans for macros will be made in accordance with the new licence agreement clause 4.1.20.
- The new permanent banning policy will also apply to macro-related offences.
New permanent banning policy
In addition, also from 21 March 2025, we are launching a more transparent and effective banning policy for violations of clause 4.1.1. of the licence agreement.
From now on, permanent bans for using cheats will cover all accounts with all characters on all regions!
Well, I think I've covered it all, so I'd better finish up. EXBO company invests a huge amount of money, time, and effort in the fight against cheats, and there are many more challenges ahead 7X. One of them, no doubt, will be the next boom in neural network development, which will present many more unpleasant tricks… But with your support, we are ready for any challenge!
We'll try to keep you up to date with interesting updates to our “shadow department”!
On the guard of fair play,
EXENS anti-cheat development department
