全国首例DMA外挂案告破 《穿越火线》外挂贩售团伙落网
近日,湖北省武汉市公安局黄陂区分局在市公安局网安支队的指导下,成功破获一起提供侵入、非法控制计算机信息系统程序、工具案,抓获贩售DMA外挂的4名犯罪嫌疑人。据悉,这也是国内首例被破获的DMA外挂案件。
据办案民警介绍,黄陂分局滠口派出所于今年5月6日接到群众报案称有人制作并售卖腾讯公司旗下游戏《穿越火线》DMA外挂,对该游戏计算机信息系统的完整性造成破坏,同时导致该玩家游戏账号被腾讯公司封停。
接到报案后,武汉市公安局黄陂区分局网安大队立即展开调查,对受害者提供的相关线索进行梳理和摸排,成功掌握该DMA外挂制作、贩卖链条。随后办案民警辗转江苏无锡、溧阳和广东东莞等地,成功抓获4名犯罪嫌疑人,并一举捣毁由上中下游人员组成的三级外挂售卖网络,涉案金额超过200万元。
调查发现,犯罪嫌疑人龚某、杨某、蔡某、罗某本为《穿越火线》游戏玩家,在游戏过程中得知DMA外挂功能强大且不易被拦截的特点,出于对利益的追求铤而走险,通过网络贩卖该外挂从中牟利。目前,4名犯罪嫌疑人涉嫌提供侵入、非法控制计算机信息系统程序、工具罪被依法采取刑事强制措施,并且该案还在进一步深挖侦查中。
经鉴定,该DMA游戏外挂程序主要通过使用特殊的硬软件工具来读取和修改游戏内存数据,进而实现透视、自动瞄准等功能。DMA全称“Direct Memory Access”(直接访问内存),原本是一种读写数据的计算机技术,但近年来被少数不法分子用于制作游戏外挂作弊设备并从中牟利。相比于传统的软件外挂技术,DMA外挂可允许硬件设备直接访问系统内存,绕过CPU数据传输来读取和修改游戏内存数据,难以通过常规的反外挂技术手段予以甄别,因此隐蔽性更强、危害性更大。
外挂犯罪“花样”层出不穷,近年来,随着相关技术成本的下降,隐蔽性强的DMA外挂呈现技术标准化程度低、可定制性强、应用场景广泛的发展趋势,已成为外挂黑产犯罪团伙的新“帮凶”。
本案的成功告破,意味着国内司法机关在处理DMA外挂相关案件时,能够拥有更多的参考经验。特别是在案件证据追踪过程中,办案民警通过对线索的深度梳理,逐渐摸索了解外挂制作、分发、销售的黑产链条,有助于司法机关加速完善常态化治理机制,及时发现可能被犯罪团伙利用的漏洞,不给不法分子可乘之机。
据了解,为应对外挂黑产的威胁,避免不法分子对游戏行业的破坏,国内外游戏厂商近年来相继推出各种具有针对性的反外挂措施,其中部分厂商还主动积极配合有关部门打击外挂团伙,以法律手段维护自身与玩家权益,助力行业健康发展。以本案涉及的腾讯公司为例,其不仅在技术上不断加强反外挂机制,还积极与警方合作,共同维护游戏公平环境,为广大玩家提供更加纯净的游戏体验。
英语如下:
News Title: “Wuhan Breaks National First Case of DMA Cheating Software: CrossFire Cheating Ring Captured”
Keywords: First DMA Cheating Case Broken, Wuhan Police
News Content:
Wuhan Police Break National First DMA Cheating Case, Capturing CrossFire Cheating Ring
Recently, the Huangpi District Public Security Bureau of the Wuhan Municipal Public Security Bureau, with the guidance of the Municipal Public Security Bureau’s Network Security Brigade, successfully cracked a case of providing programs and tools to illegally intrude and control computer information systems, arresting four suspects for selling DMA cheating software. This is also the first DMA cheating case to be broken in the country.
According to the officers in charge of the case, the Xukou Police Station of the Huangpi District Public Security Bureau received a report from the public on May 6, 2023, alleging that someone had been manufacturing and selling the DMA cheating software for Tencent’s CrossFire game, which had damaged the integrity of the game’s computer information system and led to the suspension of the players’ game accounts by Tencent.
Upon receiving the report, the network security team of the Huangpi District Public Security Bureau immediately launched an investigation, sorting through and investigating the relevant clues provided by the victims, successfully gaining control of the DMA cheating software’s production and sales chain. Subsequently, the officers on the case traveled to cities such as Wuxi and Liyang in Jiangsu and Dongguan in Guangdong, successfully arresting four suspects and dismantling a three-level cheating software sales network composed of upstream, midstream, and downstream personnel, with a total amount involved exceeding 2 million yuan.
Investigation found that the suspects, Gong, Sang, Cai, and Luo, were originally players of the CrossFire game. During their gaming process, they learned about the powerful and difficult-to-intercept features of the DMA cheating software, and out of their pursuit of profit, they took risks by selling the software for profit. Currently, the four suspects are suspected of providing programs and tools to illegally intrude and control computer information systems, and they have been legally detained. The case is still being thoroughly investigated.
The DMA cheating software program, which was identified, mainly uses special hardware and software tools to read and modify game memory data, thus achieving functions such as透视 (perception) and automatic aiming. DMA stands for “Direct Memory Access,” which is originally a computer technology for reading and writing data. However, it has been used by a few illegal elements in recent years to create game cheating devices and make profits from them. Compared with traditional software cheating technology, DMA cheating software allows hardware devices to directly access system memory, bypassing the CPU to read and modify game memory data, making it difficult to identify through conventional anti-cheating technology, thus having stronger concealment and greater harm.
Cheating crimes come in various forms, and with the recent decline in related technical costs, DMA cheating software has shown a trend of low standardization of technology, strong customization, and a wide range of application scenarios, becoming a new “ally” for cheating black market crime rings.
The successful break of this case means that domestic judicial authorities have more reference experience in dealing with DMA cheating cases. In particular, during the tracking of case evidence, officers on the case have gradually explored the black market chain of cheating software production, distribution, and sales through deep analysis of clues, which is conducive to judicial authorities accelerating the improvement of a regular governance mechanism and timely discovery of potential vulnerabilities that may be exploited by criminal rings, preventing illegal elements from taking advantage of them.
It is reported that in response to the threat of cheating black markets, to avoid the destruction of illegal elements on the game industry, game manufacturers both at home and abroad have introduced various targeted anti-cheating measures in recent years. Some manufacturers have also actively cooperated with relevant departments to crack down on cheating rings, using legal means to protect their own and players’ rights and interests, and contributing to the healthy development of the industry. For example, Tencent, which is involved in this case, not only continuously strengthens its anti-cheating mechanism but also actively cooperates with the police to maintain a fair gaming environment, providing players with a cleaner gaming experience.
【来源】http://www.chinanews.com/sh/2024/08-19/10270975.shtml
Views: 3