開発者じゃなくてもたった10秒で保安の心配無用! 

デモのお申し込み

MOBILE GAME SECURITY – Hacking types

MOBILE GAME SECURITY - Hacking types

 

MOBILE GAME SECURITY – Hacking types

 

Hi, we are LIAPP TEAM.
The post will cover 'Mobile Game Hacking', one of the most damaging parts.
Today, hacking attacks on mobile games are becoming more intelligent at this point, and the frequency is growing exponentially.
So why do people want to hack into mobile games while using so many various methods?

The biggest reason is that hacking into game apps is easy.

Commonly, the life circle of mobile game app is shorter than PC game.
So, it takes a lot of time for development and, in the end, the security technology to protect it has become a target of hackers.
Of course, hackers also hack into other parts of the game, such as game servers, in addition to game apps. However, not only do they need to be prepared for a long time, but they also have strong complementary measures for game companies and cloud service providers that have been under similar attacks.

One more reason is that the purpose is clear.
 
What do game players want? 
Most of them have a common desire to grow your own character and enjoy it faster and more easily.  
Of course, they want to play everything for free. So it's a lot of people using it, but in the end, it's clear that the purpose of hacking is to meet this reason.
Attacking these relatively effective and efficient apps is natural for hackers, and there are a number of tools available for hacking.
 

So let's look at some of the typical types of hacking that threaten game services.

Tamper finding major data like item or score in game, 
'Memory Searching'
 
Memory Searching is the method malicious user hacks into game memory and revises game score or capacity of item.
It's a hacker who knows how the data in an app is used, and he changes it to the value he wants, or he fixes it. So, it is one of the most influential attack methods that threatens game service such as fixing the leaf count, increasing the number of items used, and using items not purchased.
Memory searching attacks are divided into using hacking tool or using virtual machine.
Hacking tools help facilitate memory hacking, enabling memory falsification with only a few touch.
For virtual machines, it is software that allows you to build a mobile device environment on your PC to run mobile apps. The original purpose of the development was not hacking, but it's using the same methods as it was on a PC in the past, which many hackers use. Because there are more attacks than mobile, which usually provides a poor debugging environment, there are advantages to attack more easily. 

Fabrication by desired form normal app, 'Repacking'
 
This is how to extract game apps (APKs) from your mobile phone, repackage your code, and then repackage it.  
Repacked APK files are released randomly over the Internet, and users who receive these apps can access the service without any effort, making them the most disruptive type of service.
It is also the type that can cause direct financial damage by deleting ads from one of the largest sources of income for free games or replacing them with advertisements owned by hackers.

Bypassing In-App Payments
 
Many of the latest mobile games are supposed to be paid on the game to sell smooth items, which are increasingly being attacked by many hackers to make unfair profits.
Hacking methods that bypass in-app payment are divided into hacking methods that use hacking tools, change the payment process, or bypass authentication.
As I mentioned before, hacking tools provide the ability to easily acquire items without charge by changing payment and card information in games through a few touch-ups.
Changing the payment process or bypassing authentication is also a popular method. In general, when game apps pay for in-app, items are paid when charged on a market server such as Google Play or Apple's App Store. Without such a process, the system is implemented by obtaining packets that have been illegally charged or illegally receiving items using crafted packets.
The reason why prevention of hacking is important is that the damage goes back to many non-hacking users. In addition, developers are forced to focus on solving problems when hacking attempts are discovered, which in the end makes it difficult to proceed with normal updates or to get the opinions of gamers.


In the next post, we will post a strategy for what functionality is needed to prevent game hacking.