Valorant has an anti-cheat system that is a serious risk to the safety of users
The new fashion game is Valorant, a game developed by Riot Games, which is practically a guarantee of success. The reception of this 'galactic shooter' has been very good and since it is Free-to-Play, many have quickly gone on to try it. But he has a problem and it's Valorant's cheat system is causing some problems.
Surely this topic already sounds familiar to you about the anti-cheat system and Ring 0. They are two elements that have been named a lot, but no one has finished explaining what it is. It is for this reason that we have decided to make a small post to explain what these two elements consist of.
No products found.
Table of Contents
Background
Modern paid games usually implement a system against copying, which is often vulnerable. Multiplayer games also include a system to prevent the use of different cheats within the game. This system seeks to prevent cheaters from accessing and ruining the game for players.
This system prevents the execution of other programs that give advantages to some users over others, such as tools that allow automatic targeting of the enemy's head.
Like everything, video games are more sophisticated every day, but so are cheats, those programs for cheaters, and in light of these new programs they are increasingly advanced. To combat it, Riot Games has created a new system to avoid in-game traps.
What is RING 0
This is where the problem begins. For this Riot Games anti-cheat software to work properly, a service file called VGK.SYS is required which needs to be run with kernel permissions.
There is a lot of talk about the execution at Ring 0 these days and this very image is being used. The problem is that many are not explaining what it is or are incorrectly explaining what Ring 0 is.
Any software or operating system based on the x86 architecture relies on rings of security. Ring 0 is the innermost ring and is the one with the most privileges. Before we have Ring 1 which is called 'kernel mode'. Above we have Ring 2 and Ring 3 which are known as 'user mode'
Anti-cheat systems are widely used, such as Valve's VAC system for Counter Strike. All of these security systems are applications that at most run on Ring 3, also known as the application layer.
Some applications, such as antivirus, run inside Ring 0 taking complete control of the Kernel. This can be seen when we run the antivirus built into Windows 10, which takes control of the system to look for any malware.
Windows restarts and the scan runs before it is fully loaded.
What is the problem with Valorant's anti-cheat system?
The VGK.SYS service is the anti-cheat system developed by Riot Games for Valoran. Its problem is that it runs when the operating system starts, accessing Kernel Mode.
As a result we have a dangerous security hole. But it also affects performance, since its execution will be carried out even if we do not play Valorant. We will always have it active in the background consuming resources unnecessarily.
Why is the Valorant anti-cheat system dangerous?
All software developed for Windows is likely to have bugs and exploits. Although the developers work so that this does not exist, many times it is difficult to know its existence. They are dangerous, but as these applications are limited to the user layer, the level of risk is lower.
The problem here is that the Riot system is running on Ring 0. If a bug or exploit appears, our system will be completely exposed and any malicious attacker will be able to take control of the system.
If the bug or exploit is not detected or if Riot does not communicate, we would be exposed. The company could for a time not report and patch the vulnerability and take control and all the information of the users' system.
Riot Games has said they have no intention of using user data, but why should we take their word for it? Clearly that a company can be easily done with the control of the system of millions of players, IT IS NOT GOOD nor is it something exactly RECOMMENDED.
Opinion
Currently, we live in a highly connected world. Any of us accesses the bank from a computer, smartphone or tablet. Our life is in our devices and the safety of users must always be ensured. Simple solutions must be found and, above all, safe for users.
Running software that accesses Ring 0, like Valorant's anti-cheat system, is a major security hole. Basically, we open the doors of our operating system without the slightest restriction. And the problem is that Riot Games has full control of this and, therefore, it is not recommended to install said game.
There are many groups of cybercriminals looking for exploits and all kinds of security holes to access all kinds of systems. If any of these find a way, through Valorant, to take control of our system, it could be catastrophic. They could steal all our credentials, know everything we do and much more.
Logically, we understand that Riot Games is looking for a solution to the problem of cheating in games. The problem is that its solution is a huge risk to the security of users who install Valorant. And it is that the anti-cheat system is running constantly without need.
A serious security problem developed by Riot, and that is why we do not recommend installing this game.
A peeled shit ...
An anti-cheat system that many users do not even allow us to start the game, Riot has taken the truth out of it.
The system sucks if you have to access that site.
It's like saying that cutting your leg takes away the pain in your feet.
In my experience for almost a decade as a user of the anti-cheat sXe-Injected for HL1 / CS1.6… I can only say that the amount of insults towards the software was only surpassed by the hdp that used chetos. Of course, only in its golden age when it was updated every so often, because otherwise, when someone came in every so often while the server was protected, the insults only went to the software and its creator replaced it. madr ..
The above was more about compatibility problems, programming difficulties in ring0 and how as long as it stays updated it can end public cheats.
The injected sXe was programmed by a single person, I want to believe that in this new AC with Riot behind it, it will be able to reduce compactness problems and errors to a minimum and improve with each update.
As a free2play game, the worst enemy is public cheats, without an AC that limits the technical difficulty to cheat the game will be overrun with cheaters. For private cheats we can only rely on reporting systems and human intervention like all life ...
_________________________________
About the controversy ... just shit of people wanting to invent all kinds of conspiracy theories and blah blah blah, surely most of them are still using some faux antivirus and have the windows startup full of program services that they do not use or uninstall .
One thing does not mean the other, if you like to have back doors open while waiting for the attack of a delicious ransomware and that strangers take full control of your PC is already your problem, the simple fact of having a rootkit on your PC is already frightening per se.
I wouldn't be surprised if you were the ones with cracked and un-updated versions of Windows. xdddddddddddd
Thanks for the article… I was curious to try the game. Maybe a solution is to install it on a virtual machine, since the game requirements are minimal, I don't think it affects the gameplay too much.
Once installed I had problems with the monitoring programs and slowdowns when starting up and when shutting down the computer, for security reasons, uninstall Valorant. Pity.