How one CS:GO player took catching hackers into his own hands

Cheating in CS:GO is its own small sub-industry, a hard-to-kill parasite riding on the skin one of the PC’s most popular games. Some ne'er-do-wells get off avoiding the notice of the VAC system for as long as possible. Others leverage cheating as a profitable enterprise, offering premium programs and services. Some professionals have even used cheats during competition (with disastrous, career-ending consequences). For Valve, combating the risk of hacking is an endless war. Just last week, Valve’s elimination of a popular Team Fortress 2 cheat nabbed nearly 170 pro TF2 players. And last year, it dealt over 1 million bans to suspected accounts; with ownership counts likely exceeding 20 million, CS:GO likely represents a significant chunk of that figure.

Earlier this year, CS:GO player AndroidL was inspired to take matters into his own hands. In late January, AndroidL created and dispersed a pair of free hack programs on a popular cheat forum. Unbeknownst to their downloaders, the programs were time bombs. They’d function normally for a set period of time before permanently skewing the user’s view angle to an abnormal tilt and enabling a constant bunnyhop script—huge, obvious red flags that would immediately trigger a VAC ban. Although clever, the first few hack releases earned modest attention—roughly 1,000 downloads apiece, according to AndroidL’s Reddit post.

“CS:GO has a cheating problem,” AndroidL explained to me over multiple private messages. “I don’t think Valve is doing enough to prevent cheating; it doesn’t speak publicly about VAC (for obvious reasons) or cheating in general. For such a competitive game with such an active and thriving community, Valve fails to at least acknowledge cheating is an issue in CS:GO which is appalling. Due to their failure to communicate, we aren't sure if Valve are actually attempting to combat cheaters or not. It's impossible to play a game of CS:GO today without suspecting someone on the enemy team of cheating.”

AndroidL used this chart taken from vac-ban.com to illustrate the impact of each hack's release.

AndroidL used this chart taken from vac-ban.com to illustrate the impact of each hack's release.

AndroidL’s hack took a more direct approach. It dispensed with timers and prompted a ban the moment a user would load the hack and enter a match by continuously topping off health, ammo, and armor values. Yet despite the almost instant effect, it achieved greater success, accumulating over 3,500 downloads.

Contributing to the hack’s propagation was a simple testing method: “I set the launch options of CS:GO to ‘+sv_lan 1 -insecure’ which disables VAC (but consequently prevents me from joining any VAC enabled servers),” AndroidL wrote. “This means I can test the hacks without getting banned. I just played an offline game with bots where I was able to confirm the features such as editing my view angles along with health and ammo numbers.”

Once the hack’s usability was confirmed, AndroidL uploaded it onto the cheat forum through a VPN to stay anonymous. The forum account “was only days old with no reputation,” which would typically undermine the legitimacy of the hack. But to promote the hack, AndroidL went for a straightforward solution: “I had a few of my friends post messages such as ‘great, the hack worked!’ and so on until the comments overflowed onto a second page. Most hackers don’t check the second page of posts; they’ll only read the first few comments and then download the hack.” As publicly released programs tend to last only a few days before detection by VAC, dummy nods of approval was enough to push the scheme in front of as many eyes as possible while it lasted.

AndroidL’s favorite forum complaint. “It's strange how people think they're entitled to free hacks, as if someone else is to blame for the consequences of their cheating.”

AndroidL’s favorite forum complaint. “It's strange how people think they're entitled to free hacks, as if someone else is to blame for the consequences of their cheating.”

And it worked. The hack’s impact was magnified by its sheer efficiency; a cheater couldn’t react fast enough between launching CS:GO and meeting VAC’s awaiting hammer seconds later. As bans started snowballing, users flooded the host forum with warnings and grievances of their sudden downfall. AndroidL feigned innocence by “coming up with excuses as to why it wasn't my hack banning people to encourage others to download it.”

Members of the CS:GO community could already participate in culling the cheater population through Valve’s Overwatch initiative for a few years now, but AndroidL’s accomplishments demonstrate how one can more surgically hamper hackers with only modest extra effort. The victory could very well be temporary at best—devoted cheaters can simply create a fresh Steam account and spend the $15/£11 on another CS:GO copy—but from AndroidL’s perspective, the self-demise of those who sought an ostensibly easy access to a hack was worth it.

The skewed view that a hacker would eventually see with AndroidL's hack.

The skewed view that a hacker would eventually see with AndroidL's hack.

“I think Overwatch is a very good idea,” AndroidL wrote. “It's another filter cheaters have to go through, but the only reason Overwatch exists is because VAC lacks the capabilities to detect all cheaters. Although I believe VAC is a good safeguard against cheaters, I don’t believe it is a strong enough safeguard. There is little to no effort involved for a hack developer to bypass VAC—it is a decent system to keep away the masses of people using public cheats, but other than that VAC is essentially futile.

“I do have a plan with similar tactics and I probably will do this again sometime,” AndroidL continued. “It would be great if I could cooperate with Valve to get a larger number of cheaters banned. Taking cheating into our own hands seems to be the only solution right now, and I encourage others that have the skills to do this to create similar fake hacks. Furthermore, I want to put off those thinking about cheating. This wasn’t the first fake hack, and it definitely won’t be the last.” 

Omri Petitte

Omri Petitte is a former PC Gamer associate editor and long-time freelance writer covering news and reviews. If you spot his name, it probably means you're reading about some kind of first-person shooter. Why yes, he would like to talk to you about Battlefield. Do you have a few days?