To combat pirated and Hacked games, the system verifies the authenticity and integrity of files within the game package during installation. By performing signature verification on the game package, it ensures game security.
The signature mechanism introduced here functions like embedding a fingerprint within the game package. Once the fingerprint is recorded, any modification to the package body will invalidate it. Consequently, during the signature verification process upon installation, pirated or Hacked versions of the game are excluded.
To ensure security and uniqueness, the signature consists of two parts: a digest and a private key signature. During verification, the same hash algorithm is used to compute the digest. The signature information is then decrypted using the private key. The decrypted data is compared with the digest. If the two match, it indicates that the game has not been tampered with.
Game Signing and Signature Verification Process
When producing pirated or hacked games, the Game Black/Gray Industry typically employs signature verification bypass tools, such as the widely available SRPatch.
SRPatch is an APK signature bypass tool specifically designed for the Android platform. It enables one-click bypass of original signature verification restrictions and supports multiple bypass solutions, facilitating secondary modification, debugging and testing, as well as efficient repackaging of APKs.
SRPatch Signature Bypass Feature
Taking the PMS Hook feature as an example, SRPatch deletes or empties the signature core files within the META-INF directory of the APK, directly compromising the data source for the system's static signature verification. It then hooks the PMS process to modify its execution logic, thereby causing the system to bypass the APK signature validity check.
Hook Process Diagram
After bypassing signature verification, the Game Black/Gray Industry can reverse engineer and debug the game's memory and logic, modify it, and implant Cheats. They then re-sign and repackage the game to produce pirated or Hacked versions.
For a game, the circulation of Hack versions undermines fairness, leading to significant loss of legitimate players. Moreover, there is a risk that in-game code and art assets may be stolen or spoiled.
To address risks such as signature bypassing and Hack in games, JikGuard has developed specialized countermeasures. This solution has been integrated into multiple popular games and has demonstrated outstanding protection capabilities.
Anti-Hack Features
JikGuard's industry-exclusive “API Signature Verification-Free Technology” employs deep encryption on game engines and code, coupled with multi-layered verification of game package signatures and file integrity. This significantly reduces bypass risks, preventing malicious module injection, ad removal, and other hack activities.
Proactive Malicious Module Detection Mechanism
Unlike other security products on the market that require obtaining samples before combating Cheats, JikGuard's exclusive “Proactive Malicious Module Detection Mechanism” actively identifies suspicious modules within games. Combined with its online countermeasure capabilities, it enables proactive defense, significantly reducing the time required to investigate and eliminate Cheats.
Anti-Debugging Feature
Prevents Cheats developers from debugging the game and blocks static or dynamic analysis. Upon detection, the game will immediately crash.
