Here’s how hackers broke Pokemon Go’s anti-cheat system in four days

Pokemon Go developer Niantic rolled out an update last week with the motive of not letting the players to cheat in the game. Prior to that, the game had been plagued by various third party apps. The latest update focused on not letting such unofficial apps to access the game’s server.

Niantic even issued a statement via a blog post discussing the details of the same:

We were very excited to finally be able to take this step. We were delayed in doing that due to aggressive efforts by third parties to access our servers outside of the Pokémon GO game client and our terms of service.

We blocked some more of those attempts yesterday. Since there has been some public discussion about this, we wanted to shed some more light on why we did this and why these seemingly innocuous sites and apps actually hurt our ability to deliver the game to new and existing players.”

Image: conowego.pl

Image: conowego.pl

However, it took the hackers only four days to crack Niantic’s anti-cheat technology. After examining the update, the hackers focused on a particular piece of hidden data called Unknown6 (or U6) in the code. The new update doesn’t let in the API requests, which sends invalid U6 data to get a response.

The U6 data is an encryption of a mixture of data collected from the present state of the original client of the game, which changes along with every tick of the game’s heartbeat timer. This means that only the clients who have the information and knows how to generate the U6 will be able to access the servers of the game.

source: vg247.com

source: vg247.com

This followed a collective effort from various person to decrypt the algorithm of U6 generation using live chats, PokemonGoDev subreddit, Wiki, Github repository, etc. They searched for bits which were responsible for creating the U6 hash by tracing through numerous lines of compile-optimized assembly code.

upgrade-phone-pokemon-go-644x373

It took them four days to manage to break and replicate the U6 encryption function. On Sunday, they wree able to create a new unofficial API which generates valid U6 hashes and lets the users receive game data from the servers of Niantic. Now, this new API is reintegrated into various bots, third party-apps, hacks etc.

The team behind this is confident that they will crack any anti-cheat method employed by Niantic in the future.

Jake, a member of the team said, “We have been in the botting industry for a while now, and we have thwarted anti-cheat for years.”

He also compared Niantic’s anti-cheat method with other games such as Runescape and Clash of Clans.

“Niantic’s anti-cheat is very sad compared to some others. Everything they have been adding in, has been easy to thwart (with the help of the community).”

Image: wtfgamersonly.com

Image: wtfgamersonly.com

“It probably took [Niantic] hours, if not days, to write the encryption for Unknown6,” Jake added. “It took us three days to crack. This is just a never-ending game.”

It will be interesting to see how Niantic responds, as they will have to try pretty hard next time to employ an anti-cheat method. The company has been facing a lot of heat after several exploits were found in the game.

People are using cheats to gain an upper hand, and hacks such as getting unlimited Pokecoins for free along with moving anywhere in the in-game map without going anywhere are rampant. We hope it can solve these issues soon but it looks like it’ll continue being a cat and mouse game for a long time.