Kernel level anti-cheats
❗This article is a stub. You can help by expanding it.
#appeals channel in either Zulip or Discord to request removal.An article may be flagged as a stub when it is missing major elements needed to make it useful to a reader. You can help by adding missing sections, verifiable sources, relevant company policies and communications, etc. to make the article more complete.
Kernel Level Anti-Cheats is anti-cheat software that runs at the kernel level instead of the typical user level. These methods of anti-cheat have recently become more popular among big online service games. They are controversial because of privacy and security concerns.
How it works
Kernel level anti-cheats run at the kernel level, the deepest and most authoritative level of the computer. This software has access to everything the computer is doing. This is in contrast to traditional, user level anti-cheats, which only had access to user-level permissions and therefore could not detect certain cheat engines which were cleverly hidden.
Why it is a problem
Privacy Concerns
As kernel level anti-cheats have access to everything that's going on in a computer, any party that hijacks said anti-cheat can snoop on the private daily lives of users.
Security Concerns
Since Kernel Level anti-cheats operate at the kernel level, when they are eventually hijacked and exploited they create a massive security issue directly at the kernel level. This has happened with Genshin Impact, where hackers hijacked the anti-cheat used, to deliver ransomware to users' systems.[1]
Examples
- EA has recently moved to Kernel Level Anti-Cheats.
- GTA V has recently moved to Kernel Level Anti-Cheats.
- Genshin Impact has moved to Kernel Level Anti-Cheats.
References
- ↑ Soliven, Ryan; Kimura, Hitomi (2022-08-24). "Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus".