top game modding techniques and how to prevent them with Appdome

Top Game Modding Techniques and How to Prevent Them

This article is part of a multi-post blog series about mobile game cheating. You can find the other posts from this series listed in the final paragraph below. Mobile game cheating ia huge issue that plagues every mobile game developer and publisher by undermining monetization models as well as game integrity and trust. In this series, I cover some of the most common ways players cheat in mobile games. I’ll start off by describing the most common cheating tools and how they work. Then, I will describe some advanced methods used by experienced programmers to modify mobile games to cheat (eg: dynamic memory injection, function/method hooking), as well as to create mods and tweaks for other gamers to cheat. And finally, I’ll explain how developers and publishers can prevent cheating using several different methods – all without making changes to the app’s source code 

What is Game Cheating?

In mobile games, cheating happens in many different ways, but in all situations, the cheater gives themselves an unfair advantage that they uniquely enjoy at the expense of other players or at the expense of the game’s intended design.  In all instances, cheating, by definition, goes against the mobile developer or publisher’s intended use of the app. 

There are as many ways to cheat in mobile games as there are mobile games. For example, sometimes players cheat by making their own character better, faster, stronger relative to the game or to other players (for example using speed hacking or memory editing). Sometimes they cheat by acquiring game skills, assets, ammunition, gold coins, without paying for them (bypassing in-app purchases). Sometimes they cheat using automated tools that give the player ‘superhuman’ advantages (for example, auto-clickers, click bots, or auto macros).  There are also techniques that allow the game cheater to advance in the game without putting in the required time and effort (for example, by modifying the game’s internal concept of time). Other times, the cheater’s intent is to simply disable a ‘license-checker’ so that they can play the ‘premium’ version of the game for free.  Or maybe they just want to disable mobile game advertising (who wants to sit through those pesky ads anyway, right?).  You get the point. 

Whatever the game players’ nefarious motive, one of the most popular ways to achieve their cheating goals is by using or creating ‘mods or tweaks’ of a game.

What are Mods and Tweaks?

A mod (short for “modification”) is an alteration by players of a video game that changes one or more aspects of the game, such as how it functions or behaves, or in which they change the values of the game to their own advantage. As I said, mods are one of the many different methods of cheating. And within that cheating category, there are many different forms of modding. game mods range in scope from small additions of functionality all the way up to complete overhauls of a game. Sometimes mods expose hidden UIs that unlock features or allow players to ‘buy’ game objects/value without spending money (ie: bypassing in-app purchases).  

Tweaks are the rough equivalent of mods, in the iOS world. Game tweaks are pre-packaged iOS modifications which can be downloaded and installed from alternative app stores that allow cheaters to ‘customize’ the iPhone experience by circumventing apple’s restrictions. Cydia is the most popular repository or alternative app store to obtain game tweaks for iOS. In order to access or install Cydia, you need to Jailbreak the device.  

Some of the key things game cheaters can use or obtain tweaks for are: removing all mobile ads from a game, changing game values, bypassing in-app purchases, customizing design elements or icons, or creating full-blown pirated copies of popular mobile games that cheaters attempt to distribute fraudulently on alternative app stores to generate revenue for themselves. Using the Cydia Repository, cheaters can download thousands of different tweaks for iOS which are not available on Apple’s Appstore. In the context of gaming, you can find tweaks that allow you for example to increase monetary/cash in a mobile game, activate special powers or capabilities for your character, speed up your play, jump to different levels, increase the speed of your clicking or accuracy of shooting, disable time or life limits, and much more. To borrow from the old Apple saying, if a game capability exists, ‘there’s a tweak for that’.  

Some game tweaks require jailbreaking, others can be done without jailbreaking. If jailbreak is required, it’s not too much effort for the cheater to use one of the many freely available jailbreak programs, such as Checkra1n or Unc0ver.  Because Checkra1n exploits a hardware/firmware bug in order to achieve Jailbreaking Apple cannot issue a software patch to stop the Jailbreak exploit. And Checkra1n works on most iOS devices, making it a ‘go to’ tool for experienced game cheaters.  

Checkra1n

How Game Mods Are Created and Used in Mobile Game Cheating

There are a few ways cheaters get their hands on game mods. One way is to download a pre-built ‘mod’ (modified game) from an alternative app store (like Cydia or Up2Down), and then run the mod on a jailbroken or rooted device. In the case of Android, they could also use an Emulator (such as Nox emulator) to run the mod. This technique allows the cheater to run the mod without rooting their own Android device (because they could achieve root access using the emulator’s built-in ‘root mode’ feature). This technique requires virtually no programming skills. 

In essence, cheating tools are usually the end result of previous reverse engineering, static and dynamic analysis that fraudster performed on the mobile game, long before the first ‘mod’ or ‘tweak’ popped up on CydiaThis blog focuses on mods, tweaks, bots, and cheating apps. 

Top 7 Game Modding techniques:

There are 7 main game modding techniques. I will go into detail in a few of them in this blog, and I will cover other techniques in other blogs. Needless to say, game cheaters and fraudsters have lots of options when it comes to game cheating:

  1. Live Memory Editing (using cheating apps like GameGuardian, Lucky Patcher, Cheat Engines)
  2. Dynamic Code/ Memory Injection (using tools like Frida, Hopper, IDA-Pro)
  3. Click-bots, Auto-macros and Speed Clickers
  4. Save Game State/File Editing
  5. Configuration or Resource File editing
  6. Network Interception (MitM)
  7. Binary Code Patching

Understanding these techniques and methods fraudsters use to cheat in mobile games is super important for game developers who want to effectively combat cheating. To effectively combat cheating, you’ll need to address the problem at the source – that is you need to protect your code so that it’s not easy to reverse engineer the game in the first place. Going after the apps in the ‘alternative’ app stores with ‘take down’ requests alone, you’re fighting a losing battle (think ‘whack-a-mole’). The second you pull one down, 5 more pop up in its place.  

For the remainder of this post, I’ll dive into the top 2 modding methods listed above (Live Memory Editing and Dynamic Code injection). First, let’s discuss Live Memory Editing with tools like GameGuardian 

Live Memory Editing With GameGuardian and Other Cheating Apps

Let’s talk about live memory editing, which for Android games can be done using productized cheat engine apps, such as GameGuardian, Lucky Patcher, and Cheat Engines (note, the term cheat engines is used both to describe a specific tool called Cheat Engines, as well as an overall category of cheating apps….I know, it can be confusing, but hey I didn’t create the names, I’m just writing about them).  

The “mother of all modders” is a cheating tool called GameGuardian GameGuardian is a powerful game cheating/ alteration tool for Android that is used to cheat in a large number of mobile games. GameGuardian comes in the form of an Android app that can be used to cheat and modify a large library of Android games, using a method called “Live Memory Editing”. This is a modding technique in which the player locates the specific game values that are stored inside the app, so that they can edit those values to gain an advantage (aka: cheat) in the game. Using GameGuardian, players can do things like alter in-game money/coins, change the app/game’s internal clock to gain an advantage in the game, or acquire various game resources without paying for them (eg: by bypassing in-app purchases, bypass licensing checks, or altering the memory space that stores the game values outright). GameGuardian works best on rooted devices but will partially function inside a virtual space (with apps like Parallel Spaces). GameGuardian can also run scripts written by other developers to cheat in many games. 

Besides the ability to run scripts, GameGuardian comes with a set of built-in features including: 

  • Game acceleration/ deceleration (speed hacking) 
  • Search and modify memory content (unknown value scanning) 
  • Resource/Stat manipulation (Altering in-game money/coins/gold) 
  • Disabling mobile ads 
  • Level skipping 
  • Bypass In-app purchases 
  • Memory dumping  
  • Disable random functions and replace their output (aka: hooking, swizzling) 
  • Root hiding,  root cloaking, root bypass features which are used to evade detection 

GameGuardian also allows cheaters to tap into a huge library of games that can be modifiedGameGuardian is fully productized, comes with documentation. They even have a slick website and distribute marketing brochures about they ‘liberate’ gamers from the big bad evil game developers and publishers who have the audacity to make a living by monetizing that amazing mobile game that cost $10 million to produce. How dare they! It should all be free gosh darn it! Seriously, that’s how they market themselves. And don’t take my word for it, google it and check out their website.   

GameGuardian product description from alternative app store UpToDown
GameGuardian product description from alternative app store UpToDown

For example, when you run a game, you can open GameGuardian and select the specific process of the app you want to modify. For instance, if you only have a certain number of lives in a game, you can use GameGuardian’s built-in hex editor to search for this number and replace it with any value the cheater wishes. 

Dynamic Code Injection/ Memory Editing

Advanced game cheaters use tools like Frida, Hopper or IDA-Pro, fraudsters attach to running processes and use techniques like function and method hooking to dynamically inject code or change the game’s active memory or state while running the app (or playing the game). Sometimes cheaters package up their changes as new game mods or tweaks and then sell those tools or ill-gotten games to less experienced gamers on the black market. These experienced programmers use advanced techniques like memory mapping, fuzzing, hex editing, function and method hooking, dynamic memory injection, ROM-hacking, etc in order to modify mobile game memory or values and then create game mods based on the new attributes. We will describe these advanced power cheaters and their use cases in one of the next blogs in this series. Check out this blog on Dynamic Code Injection to understand the dynamic runtime methods and tools for modding games, along with some examples and use cases for Unity, iOS and Android game mods. 

Recommendations for Mobile Game Developers and Studios

As a game developerpublisher or studiolearn how to stop mobile game cheating pre-emptively by preventing the methods and tools fraudsters use to alter mobile gamesinject code, create mods, and weaponize apps by tricking mobile users:  

Using Appdome Mobile Fraud Prevention, mobile developers can build the following pre-emptive protections into mobile games:

  • Block click bots, auto-clickers, auto-macros, and speed hacking  
  • Block cheating apps like GameGuardian, Lucky Patcher and Cheat Engines to prevent modding   
  • Prevent cheaters from using dynamic instrumentation tools like Frida or ADB for method hooking, dynamic script injection, code injection, memory injection to modify app functionality 
  • Detect and block apps that use highly privileged app permissions and block Accessibility abuse, which are often enabled unknowingly by mobile users who through trickery 

The best defense against mobile game cheating is to prevent it from occurring in the first place. Appdome’s No Code Mobile Fraud Prevention offers developers, publishers, and studios an easy way to stop mobile fraud at the source – instantly. Using Appdome’s no-code technology, developers can build pre-emptive and defensive protections into any mobile game in minutes, which equips the app with the intelligence it needs to prevent game cheating, cheating tools, and cheating methods.  

Video: How to Block GameGuardian Mobile Game Cheat Tool

Check out this short 1-minute video to see how you can use Appdome to block GameGuardian.

Related Blog Posts and KB Articles on Preventing Mobile Game Cheating

 

If you’d like to see Appdome in action, feel free to Request a Demo by clicking below.

Request a Demo

 

Have a Security Project?

We Can Help!

KarenMaking your security project a success!
By filling out this form, you opt-in to recieve emails from us.

Quick Links for This Blog

Want to learn more?

Build What You Love Automate What You Don’t

Drop us a line and keep in touch

Skip to content