Cheating in Counter-Strike

From Wikipedia, the free encyclopedia

You have new messages (last change).
This article does not cite its references or sources.
Please help improve this article by introducing appropriate citations. (help, get involved!) This article has been tagged since December 2006.

Contents
This article has been nominated to be checked for its neutrality.
Discussion of this nomination can be found on the talk page.

Cheating in Counter-Strike has long been a topic of controversy and discussion in the online Counter-Strike community.

Counter-Strike has become the prime example in the subject of online cheating since its retail release publicity and rise to fame. It is often used as a warning of what cheats can do to an online computer game, and the attempts at combating cheating by game-server administrators and Valve Software are also cited as examples of what does and does not work. These attempts to keep the situation under control and the reactions to these attempts by cheat developers also presents a unique example for those in the fields of applied computer science and software engineering.

[edit] Background information

[edit] What is Counter-Strike?

Main article: Counter-Strike

Counter-Strike (CS) is a popular team-based mod of Valve Software’s first-person shooter Half-Life. The game pits a team of players playing as counter-terrorists against another team of players playing the role of terrorists in rounds of competition won by completing an objective or eliminating the opposing team.

The game was originally available as a free download but due to its success the game was bought by Valve who released it as a retail product and continued the development of the title. This has also led to a remaking of the game on Valve's new Source engine which was developed for Half-Life 2, known as incarnation of the game, Counter Strike: Source. Counter-Strike is currently the most popular online first-person shooter in the world and Counter-Strike: Source is also extremely popular.

[edit] What constitutes cheating in Counter-Strike?

In online gaming, there are many offenses which may fall under the term cheating. Some offenses are only considered cheating in competitive leagues whereas more serious offenses such as using modified executables or data files are almost always considered unacceptable by legitimate players. Even in organized leagues, a punishment such as forfeiting a match may be seen as appropriate for breaking most league rules but being caught using a type of cheat will often result in a ban from the league and can ruin a player's reputation in the community for good. Using modified executables, data files or using any other external influence to alter the game are the practices most generally accepted as cheating. There are, however, also a number of gray areas in what is accepted as cheating. Usually these grey areas involve taking advantage of bugs in the game, but sometimes these exploits are widely considered to be cheating. These exploits usually take the form of bugs in the map or bugs in the game engine which can be used to a players advantage through altering commands in the console or configuration file.

[edit] History of cheating in Counter-Strike

The History of Cheating in Counter-Strike is as long as the history of Counter-Strike itself.

Up to late 2000, cheats were believed to be more isolated, if not just a phenomenon, and only started to become such a problem for the community as late as 2001, where the problem became so apparent and noticeable that Counter-Strike became the synonym with cheating that it is today. By late 2004, the battle against cheaters seemed utterly lost, with the numbers of cheaters continuously increasing and anti-cheat utilities slowly giving up their uphill battle.

[edit] 1999–2000

Protohacks

When Counter-Strike hit the scene, it was an almost immediate success. Both Team Fortress Classic and Action Half-Life were popular mods at the time, and primitive protohacks were ported from these mods.

Wrapper DLLs of a particular Half-Life program file, client.dll, allowed so-called headshot scripts (sometimes known as aimbots) and gave players norecoil (a basic type of aiming help intended to reduce or negate the recoil that made aiming with most guns in Counter-Strike so tricky). Because similar hacks had been appearing for Team Fortress Classic and Action Half-Life, Valve updated server software so Half-Life servers verified the client.dll file of the players, hindering such hacks. Included with other updates, functionality of many variables that allowed an unfair advantage like lambert (which could be used to reduce the effect of a flashbang), were removed or toned down.

At this time, cheats were not deemed too big of a problem, as they either lacked the necessary power to make them useful (compare a headshot script attempt, to contemporary multihacks with zero recoil and fully automatic headshots), or were easily detected. Stealth was not considered at this time: a wallhacker would just stand behind a closed door and gun down everything he or she could see. Cheating at this point was not a way to damage competitive gameplay, but more of a new way disruptive players could harm the gaming experience of others. However, cheating subtly in online competitions occurred very soon, and occasionally even LAN parties, as simple cheats like 'spiked models' or 'lambert' weren't as stigmatized and detested by the mainstream community as they were after OGC ravaged the public servers.

XQZ2

XQZ2 was one of the first cheats for Counter-Strike to include an effective aimbot and a relatively simple to use interface. It also featured a wallhack (which later became known as an XQZ-style wallhack due to its difference to the Flautz-style wallhack which was popular at the time). Initially XQZ2 was a private hack, but eventually it was released to the public. It relied on wrapping (and in later versions, hooking) the OpenGL DLL file for Microsoft Windows systems (opengl32.dll) instead of replacing the client.dll.

XQZ2 was considered to be more effective than other cheats around at the time, such as Flautz and ViperG. It could be configured to not give any indication of the presence of a hack on the screen, and the aimbot could be turned on and off through subtle keyboard commands. It could be used at a LAN party without raising as much suspicion as other, more visible, cheats.

[edit] 2001–2002

OGC

In 2001, a new public cheat appeared in the scene: OGC for Counter-Strike. OGC, short for "Online Game Cheats", became synonymous with easily-installed, powerful, multifunctional hacks that supplied the cheater with everything, from a strong aimbot to a built-in MP3 player.

Before the arrival of OGC, most cheaters were easily identified due to clumsy wallhack tactics, or more rarely, claiming to be professional players where, due to their mundane tactics and simplistic play, it was obvious that they were amateurs. Thus Counter-Strike remained relatively cheat-free until early 2001. When OGC arrived, everyone had the opportunity to completely annihilate an entire team of experienced players swiftly and violently or they could subtly just use an aimbot with a low-key configuration or a wallhack without any blatant exploiting to enhance their score.

The first anti-cheat tools

When gameplay became more and more unbearable on public servers, the outcry was loud enough to create a long succession of anti-cheat tools.

As early as 2000, Punkbuster tried to rid the scene of cheats, as it used variable checking and process validation while authorizing with the server. Soon it was followed by the short-lived, server-based 'TSC' which was the first anti-cheat tool able to detect OGC. It however was quickly rendered useless as an anti-cheat mechanism by OGC’s very fast development cycle. CSGuard by OLO, another server based plugin, could utilize a script to check on variables and filenames. CSGuard was the first anti-cheat mechanism which could stop early versions of OGC consistently, along with hundreds of cheats and violations, as it was script based, and its scripts could be updated as soon as a new cheat was discovered. With its successor HLGuard, it is the only anti-cheat mechanism still in use in Counter-Strike, while Punkbuster stopped supporting CS and moved on to other FPS like Americas Army or Quake 3 Arena.

Cheating-Death

Cheating-Death is still used today and is thought by many as one of the best anti-cheat mechanism available. Its strategy is not to detect a cheat but to prevent its working in the first place. Anti-cheats like CSGuard merely checked for the presence of an already-known cheat, which required constant updating. This made such tools completely ineffective against private hacks. Cheating-Death (C-D), on the other hand, made it harder to develop working cheats, although in time C-D produced its own Code Race similar to HLGuard and Punkbuster, with cheat coders constantly finding new ways to disable and circumvent C-D. As of Monday, 20 March 2006, C-D was announced officially by United Admins as dead:

"Dear community,

As you may be aware, Cheating-Death has not been actively developed for over a year now. As a result, we can't provide the security players and admins should have against current cheats on the internet so we have now discontinued The CD Project.

We hope CD will be a platform to start other anti-cheat projects and make them even better as CD was. "

- Banana

Valve Anti-Cheat

In 2002, Valve Software released Counter-Strike update 1.4, which included VAC. VAC was Valve’s answer to many players' prayers, as VAC (a client-side implementation integrated into the Half-Life engine) could be enforced by the server and didn't require any special work from the players. Forcing the players to install a separate program and keep it up to date was what kept many server admins from implementing other, less integrated client-based anti-cheat tools like the failing PunkBuster or the more successful Cheating-Death.

VAC however, had another advantage. Valve was able to ban an offender from accessing any VAC server ever again with the WON ID with which they were caught. While some cheaters may have been able to acquire new WON IDs, a large percentage of the regular, disruptive cheaters were eventually removed from VAC-secured servers and had to resort to servers which did not utilize VAC. Thus cheating in the game became much less of a nuisance to regular players on VAC servers.

[edit] 2003–2004

Counter-Strike 1.6

Valve Software released Counter-Strike 1.6 in 2003. While it was delivered on Steam exclusively, there were not many changes to the engine and many hacks for Counter-Strike 1.5 continued to work, though sometimes only partially. Valve turned off WON in mid 2004, forcing the vast majority of the players to upgrade to 1.6. Some players however exploited the opportunity to continue use 1.5 on an alternative WON network, not operated by Valve. Today, 1.6 is the CS variant with the biggest population, although a small pocket of players are sticking with 1.5 even today.

The introduction of Steam also seems to have led to problems with the development of Cheating-Death as many of the smaller and more regular Steam updates are causing C-D to have issues.

Counter-Strike: Source

In late 2004, Counter-Strike: Source was released. The Source engine (the engine Counter-Strike: Source uses) is a lot different from the original Half-Life engine, so it has yet to be tested against the ploys of cheaters, hackers, and mischievous players to the extent that the original engine was.

VAC 1's failure

Cheating at a time required acquiring a private hack, since both VAC and Cheating-Death used to detect public cheats within a few hours. Non-publicly released cheats remained the bane of the competitions due to anti-cheat developers being unable to analyze them. The effect of such nonpublic cheats however was at least reduced to a smaller user base than publicly available cheats. Underground trading of hacks became a side-business for many cheating clans and coders.

The state of affairs degenerated to a complete disaster for Valve Software, as VAC stopped receiving updates after March/April 2004. This had the effect of making cheating rife on public servers.

Nosteam

The problem is further exacerbated by the No(n)-Steam/SiX-Steam exploit, which enables people to create Steam accounts at will with full access to all of Valve’s titles through Valve Software’s Steam software distribution platform. Because of Valve’s policy regarding VAC, where cheats are not instantly banned, even when VAC2 does eventually catch up with cheats and bans their Steam account, it appears that cheaters will still be able to generate a new Steam account and resume cheating.

In January of 2005, however, Valve Software upgraded their "ticket system". Now people using a Steam exploit such as No(n)-Steam or SiX-Steam must have a legal, purchased copy of Half-Life or any of its mods on their Steam account in order to play any game. For example, a normal user could only play Counter-Strike: Source if they had it purchased and on their account. Before January 2005, anyone using a Steam exploit could play it. Now, you must have Half-Life or Half-Life 2 registered on your account in order to play it. This has reduced the number of exploiters, as most of them do not wish to risk getting their pricey account permanently revoked.

[edit] Today

VAC2

In August 2005 Valve released a new version of their VAC program, dubbed VAC2. With the introduction of VAC2 many Counter-Strike: Source servers have seen a decreased amount of cheaters. One explanation for this may be that it is easier to protect CS:S because it is Direct3D only whereas CS 1.6 uses both Direct3D and OpenGL.

The biggest change of VAC over other anti-cheats however is the delayed banning system, that gives any detected user a high, but not 100% probability to have his Steam privileges removed by the end of a several-weeks cycle, depriving the mainstream cheaters of accurate information on which cheats are currently detected and how.

The main advantage of this approach is that a large number of cheaters are rampaging public servers, unaware that they will be banned at a later date, and thus can catch more people using the specific hack before the player's are aware it is detected.

However, with the delayed ban approach, cheating player's can exploit the time given to them with further destructive behavior. Incidents often occur where cheaters get 2 or 3 legitimate accounts banned, only to cheat happily with a new one, most often times using hacks circumventing the Steam system as a whole, making VAC2 useless.

[edit] Counter-Strike cheats

This section describes the different types of cheats available for Counter-Strike, how they operate and how to tell when they are being used. While many single hacks may differ, they are always relatively simple, these simple hacks are however often combined into so called "multihacks" which usually include an aimbot, a wallhack and other features packaged in one handy executable.

Some of these cheats are freely downloadable from a website, sometimes even advertised by the cheat in-game with or without the cheater noticing it. Other cheats are private, although often enhanced versions of public cheats, maintained to stay undetected by anti-cheats. Due to their nature, private cheats are not normally available to anti-cheat coders which makes it very hard for them to know how to detect them. Some public hacks are released but receive so little attention that they slip by the radar of anti-cheat authors and these public hacks become just as useful to cheaters as private cheats.

While many cheats are released by the authors simply to get attention or a desire to share what they've created, a common reason why public hacks are released is to have the hack gather passwords and other potentially sensitive data for the author, see also: e-mail phishing.

[edit] Examples of executable cheats

[edit] Wallhacks and ESP

Main article: Wallhack
  • Wallhacks — Makes walls and sometimes entities translucent to allow the user to see through walls.
  • ESP — Extrasensory Perception, or Expanded Perception, draws player’s hit-boxes and information such as status, class, names, health and current weapon on the screen or makes them more audible, allowing the cheater to see through walls and pre-aim or pre-fire, which essentially means to "aim" or "shoot" before the enemy is seen on-screen.
  • Spiked models — Long 'spikes', attached to models to make them visible through walls, allowing the presence of enemy player's on the computer of a cheater.

These are the simplest to implement since a few changes, or sometimes even bugs in the graphics cards drivers, can lead to the ability of a player to see other players through walls. XQZ offered an alternative to this: a ball floating above all players that was visible through walls, even if the players themselves were hidden. But this so called ball-hack gave the players less information, especially about the armament or the heading of enemies, and thus was not very popular. Wallhacks can even be so simple that the addition of two lines of code in an OpenGL wrapper is enough to facilitate a wallhack.

Usually, wallhack users can eventually give themselves away by acting illogically when viewed naturally, but very straightforward when observed with a wallhack. Additionally, certain effects of being able to see through walls, such as pre-aim that seems almost indistinguishable from an aimbot, can be detected server-side. Wallhacks and other similar cheats which use visual cues are impossible to hide when playing over a LAN where other players can see the cheater’s monitor.

[edit] Aimbots

Main article: Aimbot

Aimbots use the computer’s accurate knowledge of the enemy’s figure and aligns, and shoots automatically. Aimbots usually aim at the head, but some hacks have adjustable vectors to aim at different parts of the enemy body. Some have randomizing algorithms intended to make the identification of an aimbot user harder by spectators observing the player. In their most basic form, aimbots facilitate hitting the enemy player more accurately. However, that is where the similarities stop.

The term that was coined for switching an automatic aimbot on and off became known to many online players as toggling in reference to the cheating player "toggling" the aimbot from "on" to "off", usually in an attempt to diffuse suspicion from on-lookers.

XQZ’s early, relatively primitive aimbot would be bound to a button on the keyboard or a mouse, and as long as the button was pressed, the aimbot would take care of properly aligning the crosshair on the head (or if necessary, a different body part). This button could be the same button as the fire button and thus could enable the aimbot to only aim while firing. But this gave away its presence to an alert observer by its tendency to "slave" (the all-too-proper, inhuman following of the motion of an enemy player, also called "tracking").

Early OGC’s aimbot portion was already much more advanced, and could be configured in a variety of ways. Auto-aiming allowed automated proper aiming and slaving. Auto-shot was another feature, where the bot would automatically cause the player avatar to fire their weapon once the aimbot locked up. It could be configured freely with an aimbot FOV (field of view). XQZ style aiming could also be employed. Better scripting support in later OGC’s allowed for punctual aiming, where one hit of a button (commonly the fire button) would merely result in one single adjustment of aim, without any form of "slaving".

Modern, so called "LAN-Proof" cheats implement what is called charged aiming which is yet another improvement over punctual aiming. Punctual aiming mode is only active (charged) when a specific button is pressed shortly before the aiming is needed, and firing in turn empties this charge. While this may be inconvenient, it allows anyone at a tournament to briefly check the suspected cheater’s game for any inconsistencies, only to find nothing. It also makes the aimbot less detectable in online games, as the cheater can freely mix "natural" aiming with assisted shots when he sees fit or to prevent drawing too much attention to himself.

[edit] LAN-proof aimbots

The first well known aimbot, XQZ2, was specifically designed to work at LAN parties where other players could look over the shoulders of the cheater. A modern cheat is a highly sophisticated tool with the potential to be employed relatively undetected at a LAN party, making what most casual cheaters and anti-cheaters know as cheats (especially the infamous OGC) look like children’s toys.

Many modern stealthy aimbots employ 'charging', where only a subtle key combination (e.g. shift + the key to buy ammo, or strafe left and right at the same time) would load the aimbot for a brief time and only for a few bullets. Even if a tournament administrator were to replace the cheater in order to look for anything suspicious, they would find nothing, for they would not know the subtle key combination to charge the aimbot. A series of occurrences of people apparently using their "timeleft" key to charge their bot has eventually made observers dub this type of aimbot Timeleft cheat. Weapon switches are an increasingly popular choice for doubling as aimbot primers.

It has to be understood however that the primary function of chargeable aimbots is not so much a protection in LAN, but more generally, allowing a more random spread of "natural" and "aimbotted" shots through the game. An aimbot that is turned on constantly is much more noticeable than an aimbot that is only active every other gunfight, and then also only the first bullet.

Furthermore, a stealthy aimbot is configured to use only a small FOV (field of view), forcing the cheater to actually move their mouse to aim the crosshair sufficiently close to the position of the enemy. By relying on the cheaters normal reactions for the initial part of aiming the cheat becomes more natural looking and harder to detect but still allows the cheater dead-on accuracy once activated. Alternatively an aimbot can be configured to be charged for auto-aim and auto-fire only when a player is in dire situations. Furthermore, well made stealthy aimbots don't slave - they are aimed and fired the instant the mouse button is pressed, and do not move again until the mouse is pressed a second time. Even an experienced observer trying to verify if mouse and screen movements correlate would have a tough time seeing anything out of the ordinary, with the cheating being almost indistinguishable from a skilled player with good aim and reflexes. This type of aimbot is also sometimes called "pixel aimbot" because the distance between the primed aimbot locking up and the target's head can be a few pixels top.

In general, well policed LAN Parties that provide their own, secured machines to play on to the players can be assumed to be cheat free however, for example the CPL.

[edit] No-recoil and no-spread

Essentially the same thing, no-recoil and no-spread attempt to reduce the spread of the bullets firing from a weapon. No recoil describes the automated compensation of recoil on the vertical axis and horizontal axis, while no spread tries to compensate for a server generated random bullet spread, which is both vertical and horizontal. As the recoil and spread of gunfire in Counter-Strike is pseudo-random, it can be reverse-engineered and predicted, allowing a cheat to compensate for inaccuracy.

The different names for no-recoil and no-spread are mostly historical. No-recoil is much older and could be performed by protohacks - all that was necessary was to move the aiming reticle downwards in a distinctive way to accommodate for the vertical recoil of the weapons. No spread is, by comparison, a relatively recent invention that can accurately predict the deviation and compensate for any inaccuracy, making all bullets hit exactly the same spot.

While both variants can be used independently, some older slaving aimbots make the use of, at least, a no-recoil cheat a necessity, thus effectively making them part of the aimbot itself. Even with modern, punctual/charged aimbots it is very common to utilize no-spread if stealth isn't as important as performance. More stealthy, chargeable aimbots usually link the spread-suppressing factor to the charge and state of the aimbot. This prevents any stray, unaimed shots at a wall from giving away the presence of a no-spread cheat. They may also only remove the spread from the first 3-5 shots, or even only the first two bullets fired from a gun. However, they can eventually be detected by observers from subtle, rapid movements of the crosshair and are thus often disabled completely when stealth is paramount, like at LAN parties.

VAC2 secured CS:Source includes a nospread-disabling mechanism since november 2005, that properly randomizes spread, rendering this type of cheat ineffective. The nospread disabling mechanism has the disadvantage of giving all players the characteristic "screen shaking" of a no-spread hack, however.

[edit] Speedhacks

Speedhacks change the computer’s perception of time and lets the cheater act extraordinarily fast. Most of the time they are found in combination with other cheats. Speedhacks can offer high time rates to clean out maps within seconds, or very slightly increased time rates to subtly improve the performance of an aimbot. Any client with a speed hack installed will find that their in-game movement and weapon rate-of-fire are far faster than other players. Like no-recoil, a timehack (or speedhack) is most often used in combination with an aimbot. Depending on the rate of time acceleration, a timehack can be used to rush to the enemy team’s spawn point and kill all enemy players within the first seconds of a round, or it can be used with a very low time acceleration (e.g. a rate of 1.1 or 1.2) to improve total damage over time of weapons. A timehack with a low time acceleration can also be used to reduce the time required to reload weapons.

While timehacks are often disabled when stealth is paramount, in laggy Internet play, very small accelerations are near impossible to detect without dedicated timing or software.

[edit] Ghosting

Ghosting is a different form of cheating which does not use an executable file to give a player an advantage. Instead, ghosting relies on the use of friends to help give away the position of enemies. Normally, dead players can only communicate with other dead players, but popular communication programs such as Ventrilo allow dead teammates to 'squeal' and help their fellow teammate to make the best decisions for survival. Sometimes a server may have "sv_alltalk" option on, allowing dead players to communicate with living ones. Although this may not be the most reliable way to cheat, it can give a player an advantage, as they know where their opponents are hiding. Ghosting is sometimes confused with using wall-hacks, as they have similar functions in giving away an enemy's position. Ghosting is also commonly referred to as "lanning", due to the high incidence of people at cyber-cafes playing in the same server and communicating back and forth as to enemy positions.

[edit] SpinHack

Also known as: Spinbot, spinning

The cheating player spins constantly in a 360 degree circle or other unusual turning pattern while their controls and view remain identical to those of people playing normally.

The supposed purpose of this kind of hack is to constantly "change" the direction of the player which in turn, will constantly change the hit-box of the player by minute amounts. Hence, making the player a harder target to hit, as well as incredibly hard to spectate, unless you wish to suffer motion sickness.

As well as the spinning player being able to play normally, many other cheats that the player may be using will also function normally, including regular aimbots.

[edit] Examples of exploiting the configuration files

  • ex_interp — Changing the "ex_interp" variable changes the interpolation time. Half-Life’s network code interpolates the movement of the last N seconds (N being the value of the ex_interp variable, defaulted to 0.1 or 100ms), thus the actual movement of an enemy player is seen N seconds later than when it actually arrives at the server. The result was that immobile players often got the impression of being shot before they even saw the shooter running around the corner. Since version 1.6 this command has become an acceptable configuration change due to changes in how the games network code handles this variable.
  • gl_monolights — was a quick way to make all the walls uniformly bright, taking away all shadows. This resulted in a visibility advantage for the player using this exploit. In recent versions of Counter-Strike, this command has been completely disabled.

[edit] Examples of map exploitation

  • One well known map exploit is on the map "de dust" at the Counter-Terrorist spawn point. By having two players on top of certain boxes, then crouch-jumping on top of each other, it is possible to break the "ceiling" of the map and walk on "air" (since the top boundary of that map represents the sky). This is commonly known as "skywalking". Some Counter-Strike:Source maps have been updated to include "skyblocks" which prevent players from going in places they are not supposed to be. Skyblocks act as invisible walls or ceilings and thus are meant to stop skywalking. Although there are skyblocks in all official Counter-Strike:Source maps it is still possible, but not easy to skywalk.
  • Another known exploit is in the map "as_oilrig". Players on the Counter-Terrorist team can actually jump through the ceiling if they move into the room overlooking the pool area right next to their spawn point, "stack" in the corner, and jump. This allows Counter-Terrorists to get to a hallway that they should not be in at such an early point in a game round.
  • An additional exploit is in the map "de dust2". Players on the Terrorist team can jump on an invisible ledge near their base. It is on a corner above where players can shoot wandering Counter-Terrorists passing through doors. The spot is accessible by running on the diagonal slope on the corner which looks impossible to reach. Soon after, players can stand on 'nothing' as they can kill opponents with relative safety.
  • On "cs_assault", the Terrorists who just started the round can climb up on the rails inside the building and boost another player on top of the roof allowing them to pick off the completely unsuspecting Counter-Terrorists.
  • Also on "cs_assault", Counter-Terrorists can exploit a fence near the top of the level to cross over to the top of buildings that aren't supposed to be accessable.

[edit] Examples of data file cheats

  • Replacing player skins with brighter colored ones which are easier to spot at a distance or in darker areas of the maps. This method is also used for colour aimbots.
  • Replacing sounds of silenced weapons by their normal counterparts, making them more audible.
  • Glass Hacking is a cheat available to every single Valve Game. It is sometimes called the glass-cheat. Essentially, textures in the game are modified to be made semi-translucent. The cheater can then see through every wall, and boxes can be made entirely invisible.

[edit] Methods of creating cheats

Replacing client.dll and datafiles

One of the first type of cheats that appeared for Counter-Strike were the so called headshot scripts. They utilized an altered client.dll that offered additional functions to scripts, therefore a script written in extended CS script replaced the more common mouse/keyboard bindings for attacks. Similarly, data file cheats exchanged data like sound files, but mostly models for variations that imposed some sort of drawback for the enemies of the cheater, like, louder silenced weapons or player models that were visible through walls and doors due to spikes, or in the dark due to luminous / brightly colored textures.

Neither of the two types of cheats are considered effective at this time. Regular aimbots prove to be far more powerful than headshot scripts, and client.dll, like player models / sound file changes are restricted as servers are provided checksums by clients and can choose to disconnect them if they differ from the checksum values on the server. Although theoretically a new generation of hacks could fake checksums or filesystem calls.

Hooks

Client Hooks make use of the fact that any system that employs Dynamically Linked Libraries allows the relatively easy replacement and/or redirection of function calls within those libraries. These systems include Linux, FreeBSD, Mac OSX, Windows, and just about every other modern operating system. The reason why Counter-Strike is considered to be vulnerable to this attack is, because the mod is itself a separate entity from the Half-Life engine, and the two parties communicate to each other with easily-intercepted DLL calls. Most people consider this a special weakness of the Counter-Strike architecture that is not directly applicable to all games. However, few contemporary games are one monolithic executable, and almost all of them are utilizing DLL calls for various purposes - if not just driver calls.

The source of the loaddll library, written by the author of the original OGC, was eventually released into open source, and led to a multitude of OGC-like cheats that utilized the same facility to wedge itself between the game’s engine and the mod’s game logic. The same thing may also have led to the relative hook-proofness of current anti-cheats. VAC appears, and C-D even claims to be able to detect client hooks reliably, although there has been a history of hooks which managed to work without being detected by either one or both. Amongst the first aimbots were color based aimbots. They colored either team in its distinctive color (e.g. bright green or bright red) and would automatically fire on any pixel with this color. Since they could sometimes been foiled by using multi-colored logos, they did not have much success. A key would be pressed to switch from auto-aiming at one team to the other.

Driver manipulation

Beginning with XQZ, Counter-Strike has had a long tradition of being susceptible to altered drivers. As any modern computer game, Counter-Strike makes heavy use of Win32 infrastructure - Windows API, DirectX for input, networking and sound, and the ability to use either Direct3D or OpenGL for the graphics. Theoretically, each one of these components could be manipulated to gain an unfair advantage. Although almost all drivers could be used, in practice, almost exclusively OpenGL and DirectX infrastructure, and more rarely, mouse drivers are manipulated.

Cheating-Death, unless disabled properly by specialized support hacks, generally detects replaced OpenGL drivers, VAC at one time banned users with a certain ASUS graphics card because the drivers replaced the normal DLL supplied with Windows during installation. Coincidentally, certain ASUS drivers at some point also allowed for wallhacks without requiring any additional drivers. Such False positives have seriously harmed the efforts of the ban-them-all proponents. VAC currently does not detect these cheats, which are the easiest to create. Driver manipulations are especially nasty to detect, as basically every file on the computer could be part of a legitimate driver or a cheat. Therefore it is essentially impossible for both a Lan-Party admin or an anti-cheat tool to detect such a cheat, even when being freely available to search the suspected cheater’s computer.

Proxies

A "proxy cheat" is a hack at the network level. The cheat analyzes the network traffic, and adjusts parameters, such as aim, invisible to the client. There are no known public cheats that utilize proxies, and thus are never detected. But some people suspect that proxy-like cheats exist, which could allow a cheater to remain safe from all visual detection on a lan-party, and known client- and server-side anti cheat mechanisms except for heuristic gameplay analysis. The most compelling argument for proxy aimbots in Half-Life is that the first known aimbot for Quake 1 was, in fact, a proxy - and there is only little difference between the Half-Life 1 engine and the Quake 1 engine.

Proxies are exclusively aimbots and are giving themselves away by not having the crosshair correlate to the position of the actual impact. With small FOVs however, these cheats can be both extremely stealthy and effective even in lan play, as hits can easily be attributed to Counter-Strike’s relatively inaccurate, "lucky" weapons.

[edit] Color aimbots

Color aimbots are an old and easy method to hacking - they can work in any game that supports colored models. As color aimbots don't hook the game or modify any file, most anti-cheats don't detect them. Despite being lower in performance than hooking aimbots, color aimbots are fast enough to be used as cheats. They however have disadvantages - because the detection is purely color coded, the aimbot may aim at textures that contain the color, at dead bodies, or at team mates after switching teams.

Color aimbots work by scanning the entire or parts of the players screen for the selected RGB value. Once a pixel of the color is detected the aimbot will move the players mouse cursor to that pixel. As such, color aimbots require more system resources than a standard aimbot.

[edit] Counter-Strike anti-cheats

Anti-cheats are programs designed to detect cheats and deal with cheaters. Anti-cheats come in two main forms, anti-cheat clients and server-side only anti-cheats. Anti-cheat clients usually have a server-side component which they authenticate with to enforce purity of the client. One downside to anti-cheat clients is that they have to be kept up to date by the player, which is tedious and can lead to players avoiding the servers which use the anti-cheat rather than dealing with the inconvenience of downloading it. A server-side only anti-cheat does not require any additional programs or actions from the players to play on the server, as only the server admin has to take care of the anti-cheat mechanism. However, server-side only anti-cheats are usually less effective (producing more false negatives than client side anti-cheats). Client-side anti-cheats, as well as server side variable/file checks, can be disabled or circumvented with appropriate tools, allowing a cheater to use those hacks that would otherwise be detected or prevented.

[edit] Client side cheat detection

Client side cheat detection mechanisms have an authentication module on the server, and run an integrity check on the client, scanning the memory for known cheat signatures similar to a virus scanner. They are the most common form of anti-cheat in Counter-Strike, despite their low effectivity - customized and private hacks are near undetectable, and methods to disable the detection while not disabling authentication are available.

Punkbuster (HL1 engine only, no longer functional)

Punkbuster was the first attempt at a client-side cheat prevention. It appeared in mid-2000 and was able to detect some protohacks of the time, but found little use as most players did not want to put up with running yet another program in the background while playing online, and was eventually rendered useless by OGC’s fast development cycle. Representatives from Punkbuster then asked for financial and development support from Valve to improve and/or integrate Punkbuster, as it is the way in Quake 3 and other games, but Valve turned the offer down. Thus the involvement of Punkbuster with Counter-Strike was over.

It authenticated to the server’s Punkbuster plugin. OGC particularly impressed by its circumvention of Punkbuster’s screenshot function: when the server admin requested a screenshot of the Punkbuster client, an alarm sound would ring, and for the instant the screenshot was taken, all traces of the cheat’s presence were removed. This function of Punkbuster however had some limited success against cheaters who used bugs (Or features, depending on the point of view) in their drivers to utilize as an effective wallhack.

Valve Anti-Cheat (HL1 and HL2 engine)

Essentially a client side anti-cheat mechanism that is integrated in the Half-Life engine and automatically kept up to date, it combines the ease of use of server-side anti-cheats with the detection rate of a client-side anti-cheat. A few months after introduction of VAC, Valve began banning detected cheaters from all servers that are secured with VAC. This is arguably the most effective way to keep public servers safe - While a cheat may not be detected immediately, a cheater is likely going to use a different cheat now and then, at last with a new version of Counter-Strike—a positive hit of VAC will remove the cheater’s ability to play on secure servers for a long time.

The number of valid CD keys, which are required to play on both WON and Steam, is limited. Because of the availability of huge lists of valid CD keys, there have been rumors about hacking incidents where CD keys were extracted from WON, but it is much more likely that the majority of those lists of CD keys originate from cheat software which transmits the CD key to the author. Valve also invalidate CD keys which they find through the various channels on the internet, so new lists of CD keys are no longer being made available publicly. It can be safely assumed that at least some cheat authors have a near unlimited supply of valid CD keys.

While VAC is still mostly based around detection of known cheats, and thus mostly ineffective against private hacks, VAC has managed to allow a mostly cheat-free game on most secured public servers, unlike C-D servers - where the detection / prevention rate of cheats may be much higher, but all cheaters are forced to play on after they were banned from VAC-secured servers, and they can simply try again if one cheat is detected/prevented.

Cheating-Death (HL1 engine only)

Cheating-Death is praised for its ability to prevent whole classes of cheats, rather than detect single instances of such a class. It tries not to punish a cheater but instead either prevents his connection to a C-D secured server for as long as a detected cheat is active, or tries to render cheats useless. It attempts to render cheats useless by wedging itself between the mod and the engine, and giving the mod (where presumably a cheat hooks) false information about positions to confuse aimbots. In case of wallhacks, it draws players behind walls in the wrong position (usually several hundred meters above their actual position).

While trying to disable whole classes of cheats rather than detecting single instances, there were repeatedly cheats C-D proof despite using exactly a mechanism C-D was supposed to prevent. Cheat authors seem to be able to create single instances which appear to be able to circumvent C-D with relative ease, thus the true efficacy of C-D is highly disputed. There are presumably hundreds of different, private cheats which all are able to circumvent C-D. And if someone is caught, there is no punishment - one can go and simply find a new, C-D proof cheat. Still, it remains the premier option of anti-cheat means for server admins which prefer not use VAC to secure their server for one reason or another, for example NOWON servers. But because of the listed problems, and because cheaters detected by VAC are forced to play on C-D or insecure servers, the "cheater rate" of many public C-D servers is estimated to be rather high.

[edit] Server-side file and variable checking

CSGuard/HLGuard (HL1 engine only)

CSGuard was later renamed to HLGuard, to reflect the change to protect other Half-Life mods, not just Counter-Strike. It was favoured by many server admins, because it would not require any special programs running on the client’s computer, a requirement that usually reduced the number of players on a server. An interpreter for its own script language that utilized a facility of the Half-Life protocol: the ability of the server to execute console commands on the client. It would simply check for existence of certain variable names and files, that were exactly defined in the plugin’s config file. Because of the extendable script, cheats with known filenames and variables could quickly be added without requiring the server to restart.

This approach has been turned completely ineffective against modern multihacks however, which no longer store informations in (predictable) cvars, nor do they need to have their files within the Half-Life directory structure. CS/HLGuard always has, and always will be, completely ineffective against private hacks. Still it is in widespread use on many Half-Life 1 based servers today, as it has few drawbacks and can detect many older cheats.

CVarBlock (Various different tools, HL1 and HL2 engine)

CVarBlock is a tool used by various online leagues to ensure that client's CVar's (client and engine settings) are to conform with league rules. It is a similar mechanism to HLGuard, but also available for CS:Source, and its purpose is to prevent non-cheaters from using various in-game engine exploits to their advantage. Real hacks can however circumvent this blocking / detection mechanism.

[edit] Server-side heuristic cheating detection

Heuristic cheat detection refers to algorithmically analyzing the actual gameplay of the players, and compute a score (or probability) with which they cheat - it means detection of the actual cheating, rather than the detection of the hacks. While in theory, the most promising approach, as it cannot be circumvented other than by not cheating at all, good implementations so far are rare.

Theoretically in Counter-Strike, hacking approaches being undetectable, but any experienced player himself can manually detect the cheating in effect to a high probability. Cheating detection thus means the automated search and identification for the effects of cheating. The first working effect detection was present in CSGuard, which allowed the server to continuously track the movements of the player’s crosshair and tried to detect suspicious, repeated sudden lock-on headshots. CSGuard’s aimbot detection was miserable, as the alarm rate was almost the same with a well trained player and a player using an aimbot set up for stealth. It was hardly ever used, and the function has supposedly been removed from HLGuard, CSGuard’s successor.

HackCam (HL2 engine only, not publicly available)

There is a lot of hope being placed in a program called HackCam which does not use standard methods of cheat detection, but uses advanced heuristics to detect the actions of cheating players and score them accordingly. Thus far the methodology appears sound, but the program is yet to be widely released, and there is a fair bit of concern about CPU/Server overhead when running the Hack Cam software as a server side add-on. Additionally, the algorithm can not only produce false negatives but also false positives.

HackCam uses a wide range of elaborate detection methods to discover both ESP and aimbots, and awards points for suspicious actions. One disadvantage of such elaborate cheating detection is the greatly increased resource consumption on the server, as the software continuously analyzes all behaviors that a player exhibits for suspicious actions.

The other problem is the realistic possibility of false positives and false negatives, and the relative arbitrariness of what may be considered a cheat-indicating behavior or just luck. The creators of HackCam claim that all CAL-I players remained below a 70 points mark, where as more than 65 points would mean 'suspicious' and more than 85 points would indicate a "very high probability" of cheating. However it is questionable if that is means the method is not producing false positives, or if it produces false negatives on the CAL-I player's.

Unfortunately, lawyers have gotten involved with HackCam’s development and the one and only main developer has been shipped overseas as well. This turn of events appears to have caused the release of HackCam to be completely stalled, with no ETA as to when, if ever, it will be released.

Autoban (HL2 engine only)

Autoban is a small plugin by "The Z Project". Originally its goal was to automatically detect and ban cheaters (according to the Author, indeed inspired by HackCam), but since it has moved to prevent many hacks and only detect those which by their nature cannot be detected by the server. It currently features an effective wallhack and flashhack block, and speedhack, as well as aimbot detection, although the latter two still suffer from unreliability given the program's beta stage. (At time of writing, June 2006)

Autoban reliably renders wallhacks and flashhacks unusable by simply not sending the clients the position of an enemy that is not actually visible. Drawbacks include minor "popping" of player models, especially in high-latency situations, and increased CPU usage on the server.

The actual heuristic part of detecting aimbotters is not properly implemented yet. The latest version (at time of writing, June 2006) sends game data to a centralized server, where the creators of Autoban analyze the data to improve their heuristic algorithm.

[edit] Screen shots

Punkbuster and a large number of other, client based anti-cheat programs offered a "screen shot" function that would allow an admin to request a screenshot of a suspected cheater, which would then, in turn, possibly give away an ESP system such as a wallhack or radarhack, as well as colored models. Within one week after punkbuster's introduction of this system, OGC would violently announce to the cheater that he was being "screen shotted", with an alarm siren and shuts off all visual cues of any cheat being present so the punkbuster "screen shot" function cannot capture and send a clean screenshot. This form of cheat detection has been largely abandoned. However, "cheap" cheats such as using spiked models, or buggy graphic card drivers, are easily given away, as such a screen shot based system does have some merit.

Most online leagues request a screenshot of the final scoreboard. Instances where a hack could be seen on this screenshot, where the offending player got busted afterwards, are known.

ScreenShotClient

ScreenShotClient (SSC) uses a different approach to most other anti-cheat programs. By taking periodic screenshots of a client's game screen, other players may be able to detect cheats by observing suspicious material. When you connect a server, the server tries to SSC authenticate you (by taking a screenshot). If you pass, the client begins taking screenshots and uploading them to a webserver at specific intervals (usually 5 minutes).

The client submits the screenshots to a server, where they are publicly available to anyone interested (depending on connection and the size of the image) within 5 seconds to 1 minute. SSC proof hacks exist, but are mainly private. As the interval of screenshots can be varied, a SSC-proof hack would either need to warn a cheating player when a screenshot is about to be taken, or be server-specific. SSC does have bugs. For example, the server might kick you for not being SSC authenticated, even though you have SSC enabled. SSC is effective at detecting wallhacks and ESPs, but is relatively ineffective at detecting hacks that cannot be seen in screenshots, like aimbots and speedhacks. SSC is usually not compatible with other anti-cheat programs such as Valve Anti-Cheat. SSC is mostly used in Finnish servers using Admins.fi, the UnitedAdmins's Finnish part, as they have an IRC channel where you can report proof (CS recorded demos and SSC shots) of cheating, and they will be added to an universal banlist, where they will be banned on all servers attached to Admins.fi. The reason for that is, because anyone can give a shot up (not only admins) every shot including a cheater will be reported in some time, so all cheaters using hacks on Admins.fi SSC-using servers will be banned. SSC is also used a lot in clan matches and other banlist-based things that need proof.

[edit] Blacklists

Blacklists have been available for as long as there has been the ability to ban cheaters from servers. The idea is for admins to cooperate and exchange their banned steam IDs - Therefore a cheater banned from one server would be prevented from cheating on another server using the same list.

Steambans

A large anti-cheat community which is a new service based on an old concept. Global ban lists have been active for years on the old WONID system from Valve. With the change to STEAMID, it was natural that a similar banlist be made for STEAM. SteamBans is one of the largest global banlists that has ever existed and is implemented across many servers worldwide. Using the SteamBans plugin allows players to report other players suspected of cheating, for a ban across all participating servers.

[edit] Anti-ghosting measures

Many servers now implement features designed to prevent dead players from communicating game information to live ones. On some servers, dead players cannot freely spectate the game, but are limited to viewing from the perspective of players on the same team. Therefore the dead player cannot tell a live player anything that the live player couldn't find out from his surviving teammates. This probably still allows room for the dead player to confer an advantage, since communication between teammates is often poor (either because they are strangers or because playing the game whilst communicating is difficult/distracting).

Some servers examine the IP addresses of players, and if a dead player has the same IP address as any live player, cause their clients to render a black screen instead of a spectator view of the game until all players with that IP are dead. The reasoning is that players sharing an IP are likely to be in close physical proximity (e.g. playing on a LAN behind a NAT router) and may therefore be able to see each other's screens.

[edit] Why Counter-Strike is a popular target for cheats

This section discusses why Counter-Strike may be more susceptible to cheating than other, similar online first-person shooters.

Game engine design

Counter-Strike was designed as a mod for Half-Life - essentially the game consists of a single DLL and a series of media files (models, sounds). Half-Life, attempting to be mod-able with ease is itself designed to have many elements changed and replaced on the client’s computer, leading to the adage "CS is a hack itself". This also leads to the comfortable facility of the client-hook vulnerability that is used by so many cheats.

Half-Life itself was already a heavily hacked game before Counter-Strike came into existence. Many cheat authors could have gathered experience with Half-Life deathmatch or Team Fortress Classic. A cheat for Counter-Strike could easily be adjusted to work for the various other Half-Life mods. Finally, Half-Life and Counter-Strike both have been around for a very long time now, only recently with serious changes to the engine. The longer a game is being played by more people, the higher the probability someone writes a hack for it. So partially the mere popularity of both games, both Half-Life and Counter-Strike may have increased its cheat volume. Compared to the formerly popular Quakeworld, where cheating is rampant, not just since its source code was released, Counter-Strike does not appear to be an anomaly.

Game physics

Counter-Strike equipment is dominated by very accurate, high-powered hitscan type weapons, an ideal setup for aimbots. If e.g. bullets travelled at a realistic, limited speed, the effects and lethality of aimbots would be much less dramatic. Similarly, turning speed is unlimited. A cheat is thus basically only limited to the frame/s rate and the weapon performance in terms of killing speed.

The tactical gameplay, which favors stealthiness and using everything as cover make wallhacks very powerful. Additionally, they allow a great reduction in reaction time needed to shoot a player coming around a corner dead in his tracks.

Playing Counter-Strike, especially dying can make players very anxious. Death comes swiftly and often surprisingly, and is penalized by not being able to do anything for the time of the round. The players are kept from immediately venting the anger of the moment "of death" and are forced to watch. This unfavourability of death, while arguably existing in all first-person shooters, or all computer games even, is very extreme in Counter-Strike, and thus the primal desire to "survive" in the virtual world may become strong enough to overrule any moral objections to cheating.

Theoretical limits to purity

Two essential hacks are in the way of being able to making a server pure: Aimbots and Wallhacks. The client software cannot be trusted, and the only way to be absolutely sure no excessive information reaches the client (and thus, a potential hack) is to render both picture and sound on the server and sending it to the client, who merely displays the pre-rendered picture and plays the pre-mixed sound. This is of course not possible with contemporary server hardware, but it means that it is theoretically possible to defeat a wallhack or any type of ESP for that matter. Partially this approach is already being used by Half-Life, as csguard, Cheating-Death, VAC and even recent servers themselves do no longer give the player the accurate position of an enemy player - they are shifted vertically. This is because not giving the client the information of players around the corner would result in missing sounds. Counter-Strike lacks a sound-info part in its protocol where an approximate 3d information of sound without any reference to its source is being transmitted. Future games will hopefully be aware of such fundamental design flaws that jeopardize purity.

An aimbot on the other hand can be considered a piece of AI, and it is theoretically always possible to create an AI that can play the game in place of the player (or even just partially in place, in the case of the Aimbot). However, aimbots in Counter-Strike do not require optical recognition like the human player does, nor do they require to shove a possibly inaccurate mouse around. The cheats in Counter-Strike receive the exact XYZ coordinates of the enemy player, and can calculate a trajectory and fire the weapon within the end of a frame. Theoretically it could be possible to create a model-free game engine where the client’s computer would have no conception on what is what, unless it did actually start using virtual optical recognition. This goes into the same direction as the ESP preventing approach - the client’s computer is given too much information by telling it (the client) to draw an enemy there rather than something. In Counter-Strike, the enemy players are always from a set of predictable models, and when a model is drawn, the client and the cheat both know not just where it is, but also what it is and can therefore shoot at it.

Finally, for lan-party administrators there is an easy way to secure a tournament: forcing them to play on secured machines that are offered by the lan-party. As long as the provided computers are sufficiently able to be both secure and playable, there’s nothing that can enable potential cheaters to gain an uncompetitive advantage over another.

Immature players

Counter-Strike is often perceived to have a large number of immature players. For example players of MMORPG games often use the term Counter-Strike player disparagingly to refer to player killers and other players who choose a more violent form of play. Also, many players of faster paced, less realistic first person shooters such as Quake series and the Unreal Tournament series are known to joke about the immaturity Counter-Strike players. It is often assumed by those players that the semi-realism and the paramilitary image of Counter-Strike is likely to attract a different, more immature brand of players whereas players of less realistic games are more likely to be attracted purely by how the game plays. Even in games that are similar in theme such as Battlefield 2, people who display immaturity (for example Team Kill Punishing, or Team Killing for Vehicles" are often called "CS Noobs".

Whether or not the stereotype of the immature Counter-Strike player is true, it is widely believed, even by some Counter-Strike players. There are many theories as to why Counter-Strike may have attracted a more immature following. Another common explanation is that the large amount of coverage the game received in the gaming press when it went retail in 2000 attracted many newer, younger players who had little experience with online FPS games.

Motives for cheat authors

Originally, cheat authors such as XQZ and bunny771, one of the developers of the OGC series, proclaimed to do it for status reasons: They could show off their hacking skills and gain a reputation, and in general a lot of attention from the community. Another, Vasily, offered Valve his help but was turned down. But when anti-cheat measures became more and more restrictive, especially when VAC began to ban detected cheaters for year-long durations, a second reason for releasing cheats arose - to steal and collect CD-keys on the machines on which the plugin was run. Huge lists of WON and steam IDs have since been found on the web, most of which have been invalidated by Valve. Finally, the motive for writing a cheat and not releasing it publicly, is either to remain stealthy (and enjoy the inability of all known anti cheat tools to detect the particular cheat) or to make money. Coders such as Mosquito have announced that they would sell their cheats to whoever is willing to pay his fee. Even before Mosquito going public with his offer, non-public cheats were dealt at various fees amongst gamers.

[edit] Why Counter-Strike players cheat

There is a lot of speculation over what would incline a player, or a clan, to start cheating in a computer game that is presumably fun to play. One of the most oft-heard assumptions is that cheaters do it as a type of compensation for low self esteem, called the "Small penis excuse". Most cheaters cheat covertly; they never admit to using cheats, not even when caught.

The largest group of cheaters does not admit to cheating, and cheat because they wouldn't have the type of success in the game without cheats. This type of player will hide his actual cheat usage.

Some cheaters tend to be of low to average skill level, commonly use publicly available hacks, and usually restrict themselves to public servers. They are not always experienced cheaters and will often give themselves away by moving in a way that shows their inexperience, despite their fantastic aiming or apparent omniscience. Other inexperienced cheaters may give themselves away by using the cheat in a blatant fashion.

It is believed by some that when the flood of new players started playing Counter-Strike at the time of the game's retail launch, they became frustrated by their limited skills in the face of veteran players, and thus began cheating.

Some cheaters are ambitious however, can be of above-average skill level; they simply need to be at the top of the scoreboard at any cost. The advantages of having, say, just a wallhack enables a skilled player to make better-informed tactical decisions, and can also shave fractions of a second from their reaction time as enemies appear around a corner, since they already know when they will be coming.

Most cheaters that have some actual capabilities keep their hacks generally turned off, only activating them when they face an opponent that they otherwise cannot defeat - And subsequently, assume he is cheating, so they cheat in retaliation.

Counter-Strike is played in competitive leagues and tournaments, and over the last few years has become a very popular electronic sport. However, like all sport there is an element of cheating, and when it is difficult to verify and/or prevent cheating, it becomes common.

Many pro gamers cheat in competitions, and do it to increase their chances of winning - often, against other cheaters, cheating oneself is the only way to have an actual chance at winning. Those competitive players naturally try to avoid being caught, leading to a less conspicuous style of cheating. Private cheats are therefore incredibly attractive to these cheaters for whom getting caught would be the end (or at least an extreme inconvenience).

Although many online leagues are widely believed to be full of cheaters, most competitive gamers still claim it would be impossible or unlikely that any significant amount of cheating is going on in Leagues.

For Lan-Parties, which are used by some people as "gauges" of what a team's actual skill is like (acknowledging competitive online gaming is rife with all sorts of abuses) there are many known hacks that allow covert cheating, as long as the players are not forced to play on policed, dedicated computers. Despite this, many competitive gamers proclaim it would be impossible to cheat in a LAN without giving a reason.

Blatant Cheating (Disruption)

Disruptive cheaters are normally blatant in their approach, and will usually use their cheats in an obvious manner, or readily admit that they are cheating with the sole aim of making other players' gaming experience miserable. These unruly cheaters sometimes band together in order to make their disruption more effective. One example of such a group is myg0t, who are hated by clean players as people who play only to ruin people's fun.

Only a small number of players cheat blatantly - as such, they are easily dispatched by an administrator, or anti-cheat-mechanisms may eventually catch them, since they have little interest in remaining covert.

This style of cheating is known as raging or rampaging, most likely in reference to player's using cheat's that an "average" cheater would not use, spinbot/speedhacking or essentially cheating "more" than a standard cheater/hacker would do.

I.e. a standard hacker would not wish to be caught, whereas a rampager would seemingly not care as they intend to cause as much mayhem as possible in the time-span they have, before leaving or being banned.

The hacker's challenge

Not to be confused with cheating in mainstream competition, there is known to be a small community of cheaters who compete against other cheaters, the matches decided by the quality of the cheats. Participants are usually cheat creators themselves who use the games to test out their own private hacks.

[edit] See also

[edit] External links

Anti-Cheat resources
  • Counter Hack – A website dedicated to spreading awareness about cheating in online gaming, particularly Counter-Strike.
  • United Admins – A large anti-cheat community
  • PunkBuster - A popular anti-cheat software which was once used for Counter-Strike.
  • The Z Project – A project involving making different types of anti-cheat programs.
  • Admin Spectator ESP, an AMX Mod X plugin for Counter-Strike. (helps admins to see the enemies of a player they are spectating)
  • SteamBans – A large anti-cheat community which is a brand new service based on an old concept. It is one of the largest global banlist at the moment.
  • RADAR - A joint effort by some of the largest public servers in Norway, now trying to expand to other scandinavian countries.
Cheat resources
  • Cheat-Network.net - One of the first multiplayer cheat sites. Well known for their Counter-Strike support and CheatDB (Cheat Database).
  • MPC A site containing a large database of cheats and their status.
  • Unknowncheats - A large cheating forum with cheats for Counter-Strike and other games.
  • Game Deception - A resource for creating game cheats.
  • Valve Aimbot- Universal Colour Aimbot.
  • Hackproviders.com contains a forum with cheats and information about current anti-cheats.
  • VacDisabled.net Releases a lot of VAC/VAC2 disabling tools, as well as HL2/CS:S cheats.
  • Counter Strike handy game cheats for Counter Strike.
  • Fkn0wned Well known and most handy game cheats for Counter Strike.

[edit] References

    Retrieved from "http://en.wikipedia.org../../../c/h/e/Cheating_in_Counter-Strike_d6ff.html"