In June last year, miHoYo had two serious leaks. Respectively involved the Fontaine version of "Genshin Impact" and the company's new projects;
The leaker was warned
Not long after, Tencent's "Dungeons and Warriors: Innovation Century" also exposed the situation of users taking bugs and scripts and brushing nearly 100 million yuan of game props, causing an uproar among players.
The official response to this matter has recently been positive
However, the above cases are only the tip of the iceberg of the problem of the black market in games.
According to the FairGuard Game Security Report, they collected a total of 9,976 plug-in samples last year, a year-on-year increase of 72%, and banned a total of 110 million studio accounts, a year-on-year increase of 156% - these numbers have been growing in the past few years.
The situation of cases out of the circle and data growth also has to make people wonder: this is all 2024, why have the black industries of cracking, plug-ins, and studios not been alleviated, but are multiplying?
In order to understand these problems, we found the FairGuard team that has been engaged in game anti-cheating, anti-cracking and other fields for 15 years, and talked to them about the current state of security in the industry and its countermeasures.
01 How important is game security?
Perhaps many people don't expect that the vast majority of popular games on the market have basically suffered from the black industry.
Open a trading platform, we can find that when miHoYo's "Jeopardy Zero" was tested for the first time, the game was unpackaged and sold, and after the launch of "Infinite Lost", it also encountered the situation of plug-in swiping event rewards...... More popular mobile games such as "Diablo Immortal", "Black Desert", and "Celebrating More Than Years" have also issued announcements during the open beta period to crack down on the black industry.
Left: "Jeopardy Zero" was cracked;
Right: "Infinite Lost" plug-in trading
The same is true for the stand-alone market. They face more of a cracked and pirated fate.
The publishing team of "Eight Wilderness of Ghost Valley" said that they had found more than a dozen pirated stores with monthly sales of tens of thousands on Taobao, and the official of "Meows Run" also said that two years after its launch, the game's piracy loss has exceeded 3 million yuan.
"The Legend of Sword and Fairy 7" has just been released,
Some users have found piracy on multiple platforms
Shooting, competitive and MMO games are even more of a gathering place for the black industry, and large manufacturers have done their best in this regard: high-intensity detection, confrontation, organizing player inspections, banning and even offline prosecution and arrest, but they are still repeatedly banned.
A shooting game "Flying Hanging"
The country's first AI plug-in criminal gang was arrested
You know,This is still the result of the manufacturer's active defense,If you lose this layer of defense,Then many games will most likely fall into a vicious circle of users opening and hanging、Script gold,You open and I open,You brush me and I brush...... While disrupting the normal player experience, it can also damage the gameplay, development, and resource system, affecting the life cycle of the game.
The "Sword Spirit" Taiwan costume has been reported to be flooded with plug-ins to the point that "everyone has a hanging, and the official does hanging".
And the ecology of the flood of black industry can easily make manufacturers lose the trust of players-
Am I considered a "genuine victim" if others brush resources and play private servers? Is it fair that others are not punished for cheating? Game safety makes people worry, is the money and energy I spend worth it......
When more and more games cannot stop the change in user mentality, then active, paid, long-term, and even industry development may become empty talk, and even trigger external regulation of the industry.
Genshin Impact Private Service promotional video
The industry has experienced similar twists and turns before. The FairGuard team said that 2013-2018 was the most serious period for the domestic game industry to be attacked and extorted by hackers. But then the crazy attack of hackers also threatened the national network security, after a round of rectification and arrest, hackers stopped a lot, and the development of the above categories was also much more low-key.
No way, limited by the wide coverage of the Internet, fast dissemination and high concealment, most game manufacturers have no way to directly fight with the black market.
For example, the current more effective "online attack + offline arrest" is difficult to obtain evidence, the operation threshold is high, and the cycle is long.
Game black and gray industry chain
02 How much effort does it take to make peace?
When it comes to defense, game manufacturers have more options to choose from, but they will also step on some pitfalls. Under the introduction of the FairGuard team, Grape Jun believes that there are three mainstream misunderstandings:
The first is to simplify the risk confrontation, believing that as long as the protection system is strong enough, it can "eat all over the world with one move" and block all the attacks of the black industry.
There are two questions: can this system completely plug the risk loopholes of the product?
Here is an example of plug-in detection, many vendors have the right idea: detect whether users have abnormal operations, whether the game is running in a high-privilege environment, etc.
In the face of detection, many plug-ins only simulate user behavior, is this considered an abnormal operation?
Through the Magisk tool, hide the plug-in process of the game to avoid detection
All in all, it's hard to keep up with the changes in game security.
What's more, with the upgrading of technology, there are more new technologies in the black industry. For example, on the computer side, the simulator is used to run the mobile game, and the plug-in is run on the computer in the form of an exe program, and the traditional detection method is countered in the form of "dimensionality reduction strike".
The exe simulator modifies the plug-in
Or the user uses an external device to physically simulate the operation, or uses AI algorithms to assist in calculations, these cases do not modify any game data and memory, and the manufacturer estimates that it will be a headache for a while.
"Lock" using AI to analyze character models
In this case, if the manufacturer still wants to build its own security system, it may fall into the second misunderstanding: the lack of clear understanding of the relevant costs, it is easy to complicate things and spend money in vain.
FairGuard has estimated that the business experience of the domestic game security business is concentrated in the head and the teams of large manufacturers are generally 10-20 years, and there is basically no training system in the market...... As a result, if a vendor wants to build a security team from scratch, it can take years, a team of a dozen people, and tens of millions of costs.
In addition to cost, cost-effectiveness is also an issue.
If a popular product is just a simple cheat detection or code protection, then the security effect is minimal, but it doesn't feel worth the effort to put in a protection system that is only used to serve one or two games.
This is also the reason why some large manufacturers have not set up anti-plug-in teams. They don't have a lot of popular products like Tencent and NetEase, which are in urgent demand, and they may only need to compare prices and combine solutions like looking for outsourcing, which is a better protection strategy.
FairGuard Service Providers (Partial)
The third misconception is about small and medium-sized teams: since large manufacturers and popular products have attracted a lot of firepower from the black industry, will stand-alone, niche, and light products be safer?
In my opinion, I am afraid that it may not be, although small and medium-sized manufacturers are rarely focused on by the black industry, it is difficult to withstand a wave of attention. Once the product is cracked or cheated on a large scale, the consequences may be quite serious.
For example, last year, many small and medium-sized manufacturers spoke out, saying that their games were attacked and blackmailed by hackers during the public beta, and the team had to face consequences such as launch delays, frequent maintenance, data loss, and even product crash and suspension.
At the same time, you can also find that many discounts, 1 yuan mobile games, cracked games and other platforms are flooded, and most of them are products of small and medium-sized manufacturers - manufacturers think that the black industry will not shoot at low-value games, and the black industry also thinks of taking "small profits but quick turnover" and changing the way to make money.
A cracked version of the game collection platform
In the final analysis, games and their black industry are all products of the Internet, and once any game is released online, it may face the invasion of the black industry. Instead of dwelling on how to avoid it, think about how to make protection more cost-effective.
In this regard, many vendors have actually thought of a third-party team, which may use less than one employee's labor cost per year to obtain more mature services. Take FairGuard as an example, they provide game hardening, anti-cheating, and anti-cracking services that can cover most game types, as well as Android, iOS, PC, H5 mini games and other platforms.
"I don't know much about others, but we have more than 300 detection dimensions for risk behaviors, which can cover the vast majority of plug-ins and variants. ”
Some of the features of the FairGuard product
Moreover, as an independent third party, FairGuard has no direct business competition with game manufacturers, which gives them advantages in terms of confidentiality, data security, and ease of cooperation. At present, it has cooperated with manufacturers such as FunPlus, Sanqi Mutual Entertainment, XD, Youzu, and Kaiying Network, and has accumulated access to more than 400 popular games.
"Many manufacturers come to us for cooperation during the R&D period, and we have twenty or thirty confidential cooperation agreements for the research projects we have in hand. ”
03 Pull up the protective line on the dark side of the industry
Back to the question at the beginning, the frequent occurrence of domestic game security problems and the rampant black market do exist, but it also reflects two positive signals:
First, the game market is prosperous enough to breed such a large-scale black industry, and second, the leading security technology will ensure the game experience of players in such an environment - to put it bluntly, domestic games are safe and only play high-end games.
In my opinion, the main reason is that the domestic game industry has taken a relatively lead in terms of security awareness, security technology, and security services.
Taking security awareness as an example, after piracy and anti-piracy in a barbaric environment, domestic practitioners have long had strategies and cognitions to fight against the black industry.
For example, consider encrypting game code, resources, and communication protocols, attaching accounts and weak connection functions to single-player games, and signing corresponding confidentiality agreements with players and employees...... Let's not talk about professionalism or not, at least I paid attention to the safety of the game early.
FairGuard's game resource encryption technology
These seemingly common protection strategies in China are rare in the world.
An example is the popular games on Steam, the security protection level is relatively low, and most of them use the more traditional "D encryption", cracking and piracy can even achieve the state of "simultaneous release, better experience" with the original - there have been crackers who put down their wild words before the release of "Hogwarts Legacy": crack it within 10 days.
Remarks about the cracker
A list of products for a modifier platform
The second is security technology. After all, the domestic market, especially the mobile game market, has a large market and a large black market, and correspondingly, there are more "experience packs" for security teams. For example, FairGuard said that the birth of many of the team's exclusive technologies is related to the current domestic security environment:
In the early days, iOS was jailbroken and cracked, so they built a complete set of protection solutions for the platform;
iOS Hardening Demo
At the specific technical level, some crackers need to grasp the "little tail" (SO import function) of the code to crack better, and they start from here to hide this tail; most crackers and plug-in users will run the game and plug-in/crack tools at the same time, so they will accordingly launch anti-memory modification, anti-debugging and other functions, and interrupt the user's sensitive behavior by immediately flashing back the game...... Judging from these cases, they can be said to be stepping on the black industry's brains and developing.
No import function SO packing
The third is security services. Taking mobile game protection as an example, while overseas teams are still trying to shift security tools from "the roughness of terminal games" to "the fineness of mobile games", domestic teams are already grinding "embroidery needles".
The "D encryption" technology, which is commonly used in overseas games, has been resisted by some players due to problems such as consuming performance and reducing the game experience.
The source of the picture is the Steam review page of "Monster Hunter: Rise", which roughly means "A good game was ruined by D encryption." ”
For example, the FairGuard team said that their tool can achieve extremely fast access and non-inductive operation while ensuring the accuracy and efficiency of plug-in identification.
In terms of access, they streamlined the registration, configuration, upload and other links of the tool, only need to run a command line, and in operation, they said that the performance consumption of this set of tools is less than 0.5% of the overall game, the package occupies less than 2M, and the startup loss is less than 0.05 seconds, which hardly affects the loading of the game, the operation of the developer and the experience of the player.
FairGuard-related test cases
At the same time, their solution has also achieved global markets such as Southeast Asia - there is a gap between the network environment and model configuration in these markets and those in China, and "no sense" is more necessary.
With the support of awareness, technology and service, the domestic game security team has already achieved business in the global market. For example, FairGuard has established cooperation with domestic manufacturers such as FunPlus, Youzu, Cheetah Mobile, TAP4FUN, and Sanqi Mutual Entertainment, which attach importance to overseas business.
However, even if the domestic game security technology is relatively leading, we can't take it lightly.
After all, security technology is only a means to confront the black market, and it is difficult to predict whether the black industry will successfully exploit loopholes after the next round of technology upgrades, and it is also difficult to avoid risks outside of technology, such as design vulnerabilities, employee leaks, team disbandment, and product outages...... If you want to further improve the safety of your products, both technology and awareness are equally important.
Thankfully, there are a lot of vendors and players who are starting to take security seriously. For example, after being blackmailed by hackers, manufacturers have spoken out, formed anti-piracy alliances, and cooperated with local law enforcement agencies to crack down on the illegal market......
Nearly 100 solo game manufacturers have participated in the joint statement against Taobao piracy
This trend may be the force needed for the healthy development of the industry.