Today, I've decided to take some time out of my day to explain how the VAC system works, why it's fairly useless and why we need a new anti cheat! Before I go into this, I am an experienced cheater (Yes yes, I know. Save your hate). I am here to spread some knowledge of why there are so many cheaters in your games, why they are almost never caught and how these cheat providers manage this.

Here is a list of the cheats I have used and the time I used each one for

1. Free Public Cheats (2 months)
   
2. 5DollarCheats (1.5 months)
   
3. Platinum Cheats (1 month)
   
4. Zues (1 month)
   
5. AimTux (3 months)
   
6. interwebz (1 month)
   
7. iCheat (1 month)
   
8. Mutiny (2 weeks)
   
9. Skeet (2 hours at a friends house)
   
10. Chods-Cheats (2 months)
    
11. Private Cheat (3 months)
    
12. Modified ayyware (free) source (2 weeks)
    
13. Completely custom (ish) cheat (4 months)

In my time of cheating, I have gone through about 11 accounts. Before you yell "WHY WOULD YOU WASTE 15 DOLLARS 11 TIMES!!!" I would buy accounts from ♥♥♥ from the Asian market for roughly $5.00, activate them with a VPN then refund the payment so in total I probably spent $30 on CS:GO from the times I bought it before I knew of this method. I was also gifted some accounts from friends and users who would trade me accounts for my AimTux setup as I hevily modified mine and how it acts. Of my bans, 1 was a VAC ban (from using a free public cheat) and the rest were Overwatch bans.

VAC currently works by checking the program signatures of running processes. This works best for detecting external (.exe cheats that run the whole time you wish to be cheating) as they are easier to find. VAC then checks the program signatures (a unique identifier given to programs during their compiling that is based on their source code) and if they match the signatures of a currently known (detected) cheat, VAC will start a delayed VAC ban. If the signatures for the cheat are unknown, it will (99.99% of the time) be ignored completely.

A cheater can add junk or "spaghetti" code that will change the signatures of a program and make it undetected. This can also be achieved be editing the direct hexidecimal structure of a cheat with programs such as HxD. They take some of the code that is direct English and edit it to read something different. This will also change the signatures of the program, but can cause it to no longer inject correctly. Some P2C (pay to cheat OR peer to client) providers will also use Polymorphic encoding meaning that every time they compile the cheat, it will have a brand new signature. They will then re-compile their cheat (normally) every 30 minutes and push the new cheat to all of their users.

It is very well known to the cheating community that VAC has many bypasses. These range from simply using a USB to store your cheats, to making them inject into the kernel driver of Windows. VAC is currently coded to ONLY scan the C:\ drive of your computer. You can technically change the drive letter of your main HDD in the built in partition manager of Windows meaning you can avoid VAC all together. Because VAC only scans the C drive of your PC, putting the cheats on a USB or even external hard drive would avoid the .exe/.dll file from being found and detected. Although this keeps the cheat files from being found, the running process can be detected still.

Another way that cheaters can avoid VAC is by coding the cheat to inject into the kernel of the system. This makes it so that VAC can't even tell that the program is running as VAC does not have the proper permissions to scan the kernel of Windows. This is less common as making a cheat use the kernel is quite difficult.

Even though I am an avid cheater, I DO NOT ever cheat in MM without someone else starting it. I do not run "legit configs" (setting up the cheats to avoid being caught) and I do not ever rage first. If I know that someone is 100% cheating then I will toggle my cheats on. If they are just fishy, I let it be and take the loss. Recently there has been rumors about Valve releasing a new VAC system in the summer that would work off of machine learning, if this is true, cheats would be much easier to detect because it could check the behaviours of the game and send the suspected user to the Overwatch queue, if they are clean ignore the user, if they are convicted apply a VAC ban to the users account. I really do hope that these are true as CS:GO is a decent game and I would hate to see it die from the current cheater epedemic.