(1) MEMORY SEARCHING
(2) REPACKING
(3) HACKING TOOL
(4) ROOTING, VIRTUAL MACHINE
For known hacking tools or ‘custom hack tool’ developed by hackers, it is essential to attach to the game app memory in order to falsify the specific address of the game app in the virtual memory system currently used by mobile devices.
In order for hacking tools to access the game app memory, they will often use the API provided by the system OS or directly access the memory file of the game app process.
1. To protect against memory searching and modulation, the ability to detect and block hacking tools from accessing the app’s memory through the API or game app process’s memory file access is required.
- See LIAPP Memory Protection
2. The effects of these functions also enable us to protect against to understand the flow of important information and dumping to be able to take important memory information within the app.
Repacking is divided into two types.
Source code tampering
Resource tampering
1. Integrity detection
Integrity detection is a function that determines whether an app file is a file distributed by the developer or tamper by another person.
Integrity detection helps prevent unauthorized Source code tampering and Resource tampering in game apps.
- You can prevent hacking of resource tampering by checking whether the currently running app has been tampered by a hacker or if the files released by the developer are correct.
- Sometimes, if an ad in the game is removed and replaced by a hacker, the developer must protect it through integrity detection, as all advertising revenue could be stolen.
2. Protects the Source code
- JAVA CODE PROTECTION , UNITY CODE PROTECTION
The protection of the UNITY CODE for apps developed by JAVA CODE and UNITY that form the basis of Android APP is essential.
Because it identifies and is able to attack the game through tampering, it must be protected through encryption and obfuscation to be unable to analyze the source code easily.
- Unreal Engine, cocos
In the case of Unreal Engine and cocos, the important source code of game apps has a .so file in the lib-folder in the package file.
Protection must be made so that the structure of the file cannot be determined as well as even if you make modifications, you must protect them to be normally used in game apps.
Integrity detection and protection of source code play a key role in protecting game apps.
The above functions make it essential to build secure gaming services.
- See LIAPP Anti-Tamper
- See LIAPP Native Library Protection
Hacking by hacking tools is the most common and the most common method of hacking among the total number of hacking attacks.
In order to effectively defend the hacking tool, effective defense is only possible when both of the following cases are considered;
Detects known hacking toolsIn addition, prevention of the typical functions provided by hacking tools is necessary in order to effectively protect the hacking tool.
Blocks access from unknown hacking tools
Memory Modulation
Speed Hack
bypass in-app purchase
Statistics show that hacking tools are mostly used for memory modulation and speed hack purposes.
1. For memory modulation and speed nuclear, it is possible to defend against known and unknown hacking tools by blocking access to the game app process mentioned in the ‘Memory Searching’ method.
2. Also, for known hacking tools, it is important to check if the hacking tool is currently running, to detect and block it.
- See LIAPP Hacktools Detection
Sometimes, you don't know if the apps you've received are the tools used for hacking. For these users, if the hacking tool installed prevents the game from being blocked, it can lead to complains, which can be caused by the user's departure.
If the hacking tool is detected, the user can minimize inconvenience by checking whether the hacking tool is executed during the process without checking the installation status of the hacking tool.
3. For bypass in-app purchase, the game app sends the in-app payment receipt issued at the time of payment to the Game Server to check the validity of the receipt.
[ Rooting ]
Rooting means obtain administrator privileges by changing your mobile device. Administrator rights have full access to the mobile device system so you can use it to falsify game apps or access memory and processes.
To detect the rooting, you must combine detection of files that can be converted to administrator rights and detection of custom rom, it mean efficient detection.
However, game apps often allow routing in consideration of user inflows, and unconditional blocking of routing can prevent users from entering game services.
From a secure perspective, the blocking policy of the rooted device is efficient, or game apps can provide protection against sensitive hacking with functions such as memory signing, integrity detection and hacking tool detection.
[ Virtual Machine ]
Virtual machines are programs that support your PC's mobile environment to help you enjoy mobile games on your PC.
The reason why virtual machines are important for hacking is that most virtual machines support rooting and the same powerful hacking tools used in PCs can be used in mobile.
But like rooting, many game apps don't recommend users using virtual machines at the beginning of game app launch because they also want to enter valuable users.
However, if there are many users of game apps unlike rooting, virtual machine detection is also an important factor to consider.
- See LIAPP Rooting Detection
- See LIAPP Virtual Machine Detection
The essential functions and the optional functions to prevent hacking into game apps are followings:
[ Essential points ]
Protects the source code (Class Protection)
Prevent App Modulation (Anti-Tamper)
Memory Protection
Block Debugging (Anti-Debugging)
unity code protection (Unity Protection)
Prevent Repacking (Anti-Repackaging)
Unreal, cocos Engine Protection (Native Library Protection)
[ Expansion ]
Hacktools Detection
Virtual Machine Detection
Rooting Detection
Explain the causes and types of hacking that occur in mobile games.
Read More