Interview: Undercover in the cheating scene - Earnings in the 5-digit region25.11.2014, 16:00

Former cheat-coder says it all

In the last couple of days there were VAC-bans given to some professional players which exposed a never seen scandal. We had the chance to talk with a former cheat-coder who wants to stay anonym though. Nevertheless he came up with some details how the structure of the cheating-scene looks like and how much money a cheat-coder earns for his coding. The result is an exciting interview with answers you would have never imagined.

How can we envision the cheating scene? Do the world’s best cheat-coders know each other, or is everyone doing his own thing, trying to develop the best hack? How many guys out there are offering private hacks?

All the people in this scene are connected to each other. Two of the best cheat-coders, ko1n and supex0, are from Germany. There's supposed to be a really good coder in Russia, but I didn't see any source code from him yet, so I can’t say much about him. But there is also a damn good one in Denmark called Tobys who can be compared to ko1n. Organner on the other hand is not a good hack, there is a big difference between our private hacks and x22, Organner, or Yunosolution.

When you talk about ‘us’, we can assume that you are a part of this scene as well. Are you doing that against the game for fun, or because you can earn a lot of money from it?

Nowadays I am not a member of this scene anymore. I worked in this scene for a long time and I am talking to some people from time to time, but I am not coding myself at the moment (in the field of the Source-Engine), since I am working full time by now. Back in the days I simply helped some people out as a hobby, therefore I wasn't earning anything from it. Meanwhile I finally turned my hobby into a profession. The fun factor with cheating was really high of course as a teenager, but these days it's unbearable, when you want to play a few matchmakings for fun and know that many people out there are cheating.

Are the cheat-coders trying to leak information about a cheat from another coder or are they working together?

They are not doing this by analyzing demos. They are more interested in leaking information about another cheat, how it works and how its source code looks like. That's what ko1n was doing to supex0 back then, after supex0's hack remained undetected for four years. For that he unpacks the UPX-file, decompiles the autoit, and dumps the DLL files, so he can easily read the source code and leak it. There's even a project called 'Headzots' which multiple people are working on. In the meantime there are even mobile apps who can change your settings on offline-events within seconds.

How can we imagine the organization in cheater circles? Can I just register on a site and get unlocked by an admin, or do I have to pay something to even get the opportunity to talk to a cheat coder directly? Are there possibly any helpers behind the coder who would talk to me first?

I will take supex0 as an example to answer this question. He used to introduce the features of his hack to interested persons and offered them a temporary test version afterwards. If someone wants to keep the hack, he has to pay the required sum to use it in the future. There are people who work for coders and try to spread the cheat. The best friend of ko1n for example contacts people and distributes the cheats to them, but only a smaller version of it instead of the original hack. The funny part about that: He is so sneaky that he is writing timetables against the people using the cheats.

Is it the same procedure for professional players? Do they actively approach particular players?

I can't say much about that, since I don't know how exactly that runs down myself. Of course I could sort out the DLL-file and tell which player is using what hack, but I can hardly guess where they got it. If a professional turned to supex0, he'd be asked for his personal information first, since any user can just sign up with the name of a professional player. After that the player has to transfer the money to the specified account and he has to trust supex0 for using the cheat.

Is the coder setting up the cheat however I ask him to, or do I have to do that on my own? Is the cheat on my hard disk then?

Every cheat coder does that differently, depending on how the cheat works. supex0's cheat runs through Steam Cloud and he set it up to download into a DLL-file automatically as soon as you login to your account. Another possibility is to simply integrate the cheat into a workshop map you want to warm up on. You have to tell him in advance what exactly you expect from the cheat, so he can regulate the settings for you. You have to be an administrator yourself in order to modify the cheat on your own, so that's usually done by the coder himself. Then again there are also people like ko1n who simply developed an app that lets you control everything. That's an exception though, since ko1n is a student and knows everything about application administration - but he is just doing it as a hobby, and is only giving the cheats to close friends. He could earn loads of money, if he wanted to, because that app is the best thing out there at the moment.

So what sums of money are we talking about for such a private hack by supex0 or ko1n?

I don't know about ko1n, as I said he's really just giving this cheat to friends. Regarding supex0 we can also just guess, but I expect the price to be over 1,000 EUR for a lifetime hack. There are also hacks which only cost around 300-800 EUR, but there is no 100% guarantee for those to stay undetected, which requires constant development and updating.

Are there any possibilities at all to detect private cheats like that, unless you're standing directly behind a player? Are there differences between online and offline events?

That can only happen, when the cheater has made the wrong settings - you can't see anything in a demo with the right settings. In the end you'd have to host all qualifiers for a tournament like DreamHack offline to be able to do anything at all. Besides the offline factor, teams have to play with brand new steam accounts and pcs provided by the organizer, without internet access. Furthermore external hard drives and USB sticks have to be forbidden. That would exclude all potential factors.

After the bans for KQLY and Sf some threads about other accused players or controversial scenes have been created in forums at the weekend. Especially the accusations against flusha is very strong. Can you with your knowledge and know-how about cheat codes make a clear statement about him?

I certainly cannot say that 100% because I just see what everybody else sees. At this speed of the shots it's just not feasible to make a definitive statement. Looking at demos doesn't help that much, since many shots are shifted by spec bug and co. Therefore only the live image is really useful, but you cannot see that with the naked eye. You can only get a 100% secure answer through the DLL files and read them. There are people who make these shots every day and wit's normal, but others need a little help to make the same shots. Therefore it is quite impossible to ban someone solely based on a demo. ScreaM for example is the best aimer in the world for me. He has a very strong crosshair placement and is simply hitting the shots. About him I would never say that he's got something running, even though I'd love to check his DLL files sometimes to see if I'm right.

Is it possible to install certain tools on a system later on, to readout what has been used and loaded?

Folders of cheats
That would definitely be possible, but a tool like that would read everything that happens on your PC. So if a player signed up to facebook at the computer during a tournament, you would instantly know the password. It'd be even worse, if he logs in into his online baking or important data like that. Therefore, no one will allow or agree on something like this. It would also include the Steam passwords. It would indeed show everything that can be used for hacks or you could read the complete source code, but as I said, noone will do that.

So if it is easy to implement in workshop maps? So that it reads the DLL files and uses an own collection that can be certified by VALVe?

I haven't thought this far yet, but that's a very good idea. With own collections, which are not on the PCs, but must be obtained from the workshop, you could indeed get the source code of each individual player. This would in fact avoid that you have to install a tool that reads out everything happening on your PC. This way it would purely access the DLLs from the game. But when a player is found guilty, you'd have to wait and not directly bust him, then you'd have a chance for a really big busting wave. However this only works for that timeframe, because only a few days later there will be a fix and the hack is undetected again.

Let's talk again about the conspicuity of a cheater. Could I use such a private hack as an inexperienced cheater or would I be noticed easier because I have no experience of how to hack correctly?

First you actually have to get access to the private hacks, the good cheat coders are not distributing them to just about everyone. But let’s assume you’ve got it. If you are using the hack, your shots are basically directed. You just have to be close to the model and the rest is done by the hack. But this is only the case if you have default settings or no reasonable ones. If you have decent settings, then you cannot be busted through a demo, no way. But for this you need very good know-how and aiming. In theory you can make your own individual settings for each weapon and for each shot, what should happen or by what percentage the hack should help. For example you can set up the spray control in a way that all shots hit, even at long distance. At this level it is almost impossible to detect that and prove it's a hack. The only option in this case is to read the DLL files. Smn for instance had poor settings, so it was noticeable, but even in his case no one could say 100% that he has running something in those matches.

How many cheats built this way are currently existing around the world?

At least 7 undetected ones, which doesn't mean that they're the best. There are so many wannabee 1337 coders who simply use copy & paste and advertise the result as their own. But those are out of the market quickly. Crownt's hack was also copied, which is why ko1N leaked him.

The biggest cheat supplier worldwide is certainly Organner from Poland or the cheat coder from x22. How much is an “organization” like that earning with the sale of hacks and which number of users can be expected?

Organner has a few hundred people using the cheat. The prices vary a lot of course. They also offer private hacks, but they make the most money by the cheap hacks you can buy for 30-50 EUR per month. VALVe can detect those cheats very easily, but they don't put in the time it takes to bust them. All the private hacks by supex0 for example are very difficult to detect though.

The x22-Hack is a public hack. However, the french coder and his cheat are not very good, because it gets often detected by VAC and the user therefore often need to create new accounts on his side which are relatively cheap.

A short calculation: In total 9.641 users in CS: GO are hacking with x22. There are differently monthly scales existing: 14.95 EUR per month, for 3 Months 24.95 EUR, 6 months 34.95 EUR and so on. So per month we get a total of 144.000 EUR. We have to subtract the users who have a lifetime account and buy other packages each month. Per month you can realistically expect 40.000-50.000 EUR. They do everything to cover each scene and can provide support for example in Russian, German and so on to address as much people as possible.

The profile of ko1n
Then can VALVe not just buy the cheat, read through the source and then bust the hackers?

VALVe could bust this cheats immediately within one day. For VALVe itself it would be even more profitable because the players then would have to create new accounts. Each user can easily use Organner or x22, it's just an .exe that must be executed, and to execute the file you have to disable DEP, so the hack cannot be read by VAC. That makes it great for matchmaking, but not for Wire, ESEA and Co. So VALVe could easily just ban all people who have disabled DEP.

Can you explain in one sentence what DEP is and what it controls?

DEP means translated Data Execution Prevention. This is a feature which you disable because you don't want to load the code of the cheat in the system memory range. Because of that VAC can't detect the cheat because it doesn't get the files of it. You could make a rule which says that you have to activate DEP - otherwise you will get banned instantly. With this solution you could easily ban all public-hacks and start a big bustwave.

You have referred earlier to poor settings in the hack. Can you see something like this easier and therefore have your thoughts, about what could be in used in the game?

This is a lot easier in any case, as I have a long experience. I've looked at the scene of flusha on dust2, as he pulled and shot once through 2 boxes. There he had for example an error in his settings which is called 'Autowall', which certainly looks completely like a trigger. Of course, there are always several factors coming together that he has heard something or a call from his mates came, but he would never shoot in this way that he is directly on the model through the box and then shoots, which is more or less completely impossible. However, there is also the possibility that it was super lucky and it's just the way it happened.

How about Jumpshots? Can you easily adjust them?

You can for example press Mouse 5 and then hit the shot once you are on the enemy. You can calculate the whole Hitbox. So when you are on your enemy while jumping your shots go elsewhere but when using the hack you hit every single shot. It is hard to tell with those scenes. It can just be random or luck or a good private hack who adjusts your shots.

Smn is the player who got this debate going and is under huge pressure, also in the cheating-scene, he is portrayed as a “betrayer”. It is rumored that in cheating forums they have even asked for his address, is this true?

Yes, this is true and the address has already been mentioned. But I doubt that supex0 will really take steps against it. He will sit down and write his code in another way so it is undetected again. The only thing possible is that players involved would do something against smn but this is highly unlikely.

His programm 'Skillfabrik'
At DreamHack there will most likely be an internet connection only for the players. Nevertheless VALVe announced that there will be safety arrangements. Do you think that cheaters will still be able to cheat even though the problem regarding DLL-files is now known?

If VALVe published an update in order to detect the cheat only a few hours before DreamHack starts then there would be high chances of a cheat-free event. But if VALVe releases the update 24-48 hours prior to the event then there is enough time for the Coders to modify their hacks. The hacks are being disabled whenever there is a new update so that the coders can take a look at the update and modify their hack. This process takes about two days, the hack then is undetected again.

So this means that there could have been a new update already which would enable the players to keep on cheating on DreamHack without being afraid to get caught?

Yes, one can assume that. The prize money is so high nowadays that players can live of it and therefore use cheats. If the prize money was still as low as it used to be several years ago, the Cheat-coder scene wouldn’t be nearly as big as it is now.

How far-reaching is the relationship between Cheat-coder and player? Are there onetime payments or a permanent flow of cash?

It has been rumored that supex0 received shares of the price money so that player XY was able to continue using the hack.

Do supex0 has to have the steam-login of every player for releasing the cheat?

No he doesn't have to. He probably made a tutorial for people using the cheat for the first time. He can give them access via a client which is not accessable for normal users.

How much of an impact does supex0 have as a cheat-coder? Can he freely decide when he activates and deactivates a cheat?

He has got the power over everyone using his cheat. He can decide when he activates and deactivates the cheat. He could also just say that he deactivated the hack and activate it during DreamHack and all the players would get VAC-banned. He already earned a lot of money. But the question is why would he pull off such a move, it would backfire him and scare his customers away.

If I understood it correctly, he has all the power over what he does with it? If in the finals two teams would face each other who use his hack he could activate the cheats the way he wants the game to go? Does this mean one team would have to play without and the other team with hacks?

Yes, correct. He can deactivate and activate each player as he pleases. He could theoretically blackmail the players, saying he wants a certain percentage of the price money.

With your experience, when did it all start in the professional scene?

Since the switch from Aequitas to Wire. After that, many people searched for solutions to cheat even with Wire activated and this leads them to the DLL. One year ago the first information was published that there could be something wrong with the .ddl-file of some players. But before that, the players could have cheated for five years.

Do you think that we will now see a cheat-free DreamHack?

No. Everyone that has been cheating will continue doing so. supex0 has probably updated his hacks. But the hacks from the Danish coder, VALVe doesn’t even have a source code of it so it remains undetected. The only ones that have been busted were those who used supex0’s hacks. What we could do is to keep the DLL files and once the Anti-Cheat tools reached a certain point we could prove the hack. You can compare it with doping, the blood samples are stored a certain time until they are able to prove the doping with new tests. It goes the same way with undetected cheats from which you don’t know their source code.

If you had to tell us a number, how many players are cheating on a professional level?

Well, it is hard to tell unless you can check the DLL-files. If you want to hear a number from me, I’d say at least 5 in Germany and international about 30.

Couldn’t you just hire the best Anti-Cheat-Coder in the world who then exposes the big organizations and their cheats?

If you would combine the knowledge of the world’s best cheat coders we could for sure detect all the current hacks. But it would only last like 2 to 3 months until the Coders would find other ways to inject their hacks into the game. You just have to look at how long it took to find out that private hacks have been ran as a DLL-file. In the past there have only been the .exe-files which you just executed if you wanted to cheat. When the coders then managed to develop something new it will take another 4 to 5 years until we know how certain cheats are working. You need a person who is involved in the scene and knows all the people and cheats.

In my opinion, ko1n is the best Cheat-coder out there. If VALVe would offer ko1n 100.000 EUR and, without anyone knowing it, helping VALVe to improve their Anti-Cheat then there would be pretty high chances. Ko1n is the one who has access to every cheat, to supex0, the Danish Cheat-Coder and the others, he could bust them all. Then all the players would be banned without a doubt. His hack is only used by a very few amount of people, only very good friends of him have access to his hack, he is doing it just for fun without selling his hacks.

Verfolgt ihr DreamHack Winter 2014?

Geschrieben von MooZE

« Vorherige Seite
(Ehemaliger Cheat-Coder packt aus)



dPr3ss schrieb am 25.11.2014, 15:59 CET:
first :P
Habba schrieb am 25.11.2014, 16:00 CET:
MegaRed schrieb am 25.11.2014, 16:01 CET:
Das f5 drücken hat sich gelohnt ( vielleicht) noch nicht zum lesen gekommen XD Erst mal kommentieren ^^
roxxon schrieb am 25.11.2014, 16:01 CET:

editiert von roxxon am 25.11.2014, 16:18 CET
nanahara schrieb am 25.11.2014, 16:02 CET:
TR0LLWALD schrieb am 25.11.2014, 16:02 CET:
dann fang ich mal an zu lesen
cole916 schrieb am 25.11.2014, 16:02 CET:
forsakeN_ schrieb am 25.11.2014, 16:04 CET:
nach weniger als 10 zeilen war klar das es ein highminded kiddy ist und kein ehemaliger/erfolgreicher coder der hier interviewt wurde,daher lesen aufgehört
Siggii schrieb am 25.11.2014, 16:04 CET:
Schönen Dank Knochen.
Wirklich informatv.
Nun warte ich nurnoch auf die folgenden VAC Bans >:)
Sorgenkind schrieb am 25.11.2014, 16:06 CET:
Der beste Freund von ko1N zum Beispiel bringt die Cheats an den Mann, allerdings nicht den originalen Cheat von ko1N sondern etwas abgespecktere Versionen. Das Lustige daran ist, dass genau dieser so hinterhältig ist und die Timetables gegen die Leute schreibt, welche die Cheats benutzen.
Falls ihr damit auf jOpe und ko1n ansprechen wollt, lache ich mich gerade mal weg.
jope verkauft einen cheat, der weder vac bypassed ist, noch liga tauglich ist, den hack von dem ihr dort sprecht, ist ein 3 min coding von ko1n, welches jope nur benutzt und es ist nix anderes als ein "drawothermodels" bypass, nix anderes.
Und jope ist nix anderes als ein gesindel, welches nicht mal tolleriert noch respektiert wird von skillfabrik / headzots.
Genau so wie supex0 und ko1n in einem satz zu erwähnen, ich erinner mich gut an supex0 wie er geheult hat und meinte ko1n hätte sein buis zerstört und er könne sich nie wieder was aufbauen.
Frage mich echt wie man so ein müll als news posten kann.

Bitte jungs, lasst euch nicht so an der nase rumführen.
Stimme forsaken zu, pure trauer sowas hier als news zu posten von einem drittklassigen ko1n fanboy.
I bet jOpe its you?

editiert von Sorgenkind am 25.11.2014, 16:16 CET
hans123 schrieb am 25.11.2014, 16:06 CET:
muran schrieb am 25.11.2014, 16:06 CET:
Nett danke.
Hätte mich über eine Frage/Antwort zu Hacks mit Google Glass gefreut.
Werde wohl doch auf moba umsteigen müssen.

editiert von muran am 25.11.2014, 16:59 CET
sleinzel schrieb am 25.11.2014, 16:09 CET:
Wer sich bisschen mit Cheat coding auskennt hätte euch ein vergleichbares Interview liefern können.
rrrrrR schrieb am 25.11.2014, 16:11 CET:
da habt ihr aber großen wind um nix gemacht tbh.
ShutUpAndRock schrieb am 25.11.2014, 16:12 CET:
Der Spaß-Faktor mit den Cheats im jungen Alter war natürlich sehr groß, mittlerweile ist es aber unerträglich, wenn du aus Spaß ein paar Matchmakings spielen willst und weißt, dass sowieso eine Vielzahl an Leuten cheatet.

Wenn ich das schon lese..

editiert von ShutUpAndRock am 25.11.2014, 16:30 CET
bab0LLum schrieb am 25.11.2014, 16:13 CET:
rrrrrR schrieb:
da habt ihr aber großen wind um nix gemacht tbh.

stvn1911 schrieb am 25.11.2014, 16:14 CET:
Ein Satz mit X - Das war wohl nix. Die Stimmungsmache die zuvor für diesen Artikel gemacht wurde ist absolut nicht gerechtfertigt. Meiner Meinung absolut nicht abgeliefert 99dmg.
R0Xas schrieb am 25.11.2014, 16:15 CET:
valve hat doch genug asche.... einfach so einen typ der in der Szene sich auskennt kaufen unter vertrag nehmen und ein anti-tool entwickeln

Der Artikel ist sehr intressant danke dafür
mT schrieb am 25.11.2014, 16:16 CET:
Name des hier genannten ist btw. angeblich "intera".
x1337boi schrieb am 25.11.2014, 16:16 CET:
lächerlichste Artikel überhaubt :D jeder der eine minute "Hacks CS:GO" gegoogled hat hätte die gleichen informationen :D
Sorgenkind schrieb am 25.11.2014, 16:16 CET:
R0Xas schrieb:
valve hat doch genug asche.... einfach so einen typ der in der Szene sich auskennt kaufen unter vertrag nehmen und ein anti-tool entwickeln

Valve zahlt aber nicht gut für jemanden der ihnen eine cheatfreie zone liefert und somit keine gewinnspanne mehr da ist durch neue accounts.
KamiKatz3 schrieb am 25.11.2014, 16:17 CET:
... krass, allein die Geldsummen
raxacoricofallapatorius schrieb am 25.11.2014, 16:18 CET:
leider unspektakuläre Infos
Tandil schrieb am 25.11.2014, 16:18 CET:
hättet das nicht so hypen dürfen. sicher informativ, dem hype aber nicht ansatzweise entsprechend.
R0NALDO schrieb am 25.11.2014, 16:18 CET:
w0w, euer informant heißt nicht zufällig finale?

Du bist nicht eingeloggt! Um einen Kommentar abzugeben, kannst Du dich hier anmelden.
Freaks 4U Gaming © 2012-2016 by - All rights reserved. - Staff - Impressum