Code/cheat injection on remote machine


#1

Hello guys, i am dealing with some fucking annoying problem.
Let me explain a bit and say that this is NO troll post.

Im not sure where i should start.
So i do have or had connections to some cheat coders in csgo. And even though i never used any cheat and never would do so on my own, i have to accept the fact that these guys are running cheats on my end. Will explain this further down below.
I can not say how they are doing it really i am out of ideas and thats the main reason why ive created this topic.
Could have tried to ask people on some cyber security board aswell.

Anyway, I do have blocked all ports that i dont need wich actually is everything except neccesary ports.
I tried a couple of different anti virus/firewall solutions to prevent code injection and my windows system is running with least possible processes.
Ive also tried to reinstall my machine a couple of times and did not use any old data like stored on cds or extern hdd’s.
Oh and i am not using a static IP or any other programms that woudl leak my ip anyway.

So the guys who told me that they actually are able to inject cheats on my end did this pretty openly.
Just telling me when or what they are activating etc. Its definitely not some ragehack but its quiet obious that you can rage with this aswell.

And its not something you would see while spectating at all. It just looks like natural mouse movement but the thing is that this cheat is pritty similar to an aim lock but just does not require a key to toggle.

//Have you ever played a console FPS game and had auto aim enabled? Or youve played older version of this game using the auto aim option? Well this is just what it feels like. But it will lock on trought massive walls aswell. It wont lock on for several seconds just a short time to make sure you get the info. And it really is noticable a lot just only when you are actually playing yourself.
Another feature it has seems to be some light silent aimbot wich seems to toggle as soon as you shoot more than 1 bullet on target. id say the 2nd bullet is a headshot in 95% of the situations.

Its hard to explain and since i cant provide more details i am just hoping to get some tips how to stop this code injection to happen.

First i thought that the csgo vulunerability wich was discovered a few months ago was the way they did this but i was proven wrong.
In case you wonder that volunerability was exactly what ive been assuming.
It made it possible to get the victims ip pretty easiely and allowed the attacker to inject code easiely.

Ive tried many different anti cheat tools like ESEA,Faceit,EAC etc to make them detect it but it just did not trigger. But what i can tell you pretty safely is that as soon as some programm tries to access the specific file it causes a blue screen causing giving out some ram issues as cause.
The volunerability itself might be inside the steam client itself i really cant tell you but thats the last that comes to my mind because steam and csgo is the only programm thats on my anti virus programms whitelist even though the communication of these programms is limited to specific ports.

So its pretty much a wall of text but maybe somebody who reads this has some experience in network security.
Oh and before i forget it is something that is affecting my machine on different accounts.
If i play the game at my friends home i simply play like shit and cant notice any of the mentioned above. But when i log in with my account in a cyber cafe and play a couple of hours it starts to happen.


#2

No replies. wow


#3

Hey @Davinci-ngu,

I read through your post, as did our Anti-Cheat team and, honestly, I can’t really make heads or tails of the issue. The team have said that they don’t believe any cheats are being run on your computer, however, you’re welcome to drop them a line here: anticheat@faceit.com