Cyrex eagerly embraced the opportunity to dive into the immersive world of Vampire: The Masquerade – Bloodhunt and apply our extensive expertise through our Grey Box penetration testing service. Teaming up with Sharkmob, a Tencent company, our accomplished security engineers were entrusted with the vital task of conducting comprehensive penetration testing on both the game’s backend and gameplay services. Our primary focus was to fortify the experience by safeguarding against cheating and hacking attempts, encompassing both the live services (API) and Gameplay (UE4 networking).
During the testing phase, we meticulously examined a multitude of core features, ensuring their resilience to potential threats. These encompassed:
- Account registration & Authentication: We thoroughly scrutinized the mechanisms responsible for user account creation and authentication, fortifying them against any potential vulnerabilities.
- The shop (in-game transactions): We rigorously evaluated the in-game transaction system to guarantee the integrity and security of all purchases made within the game.
- Physics (moving, jumping, shooting, reloading, aiming, etc.): Our team scrutinized the intricate dynamics of gameplay mechanics, ensuring that player actions such as movement, jumping, shooting, reloading, and aiming were responsive, accurate, and devoid of any exploitable loopholes.
- Matchmaking system: We scrutinized the matchmaking system, focusing on its efficiency, fairness, and security, to deliver a seamless experience for all players.
- Clan system: Our thorough testing encompassed the clan system, verifying its stability and ensuring that it provided a secure environment for players to engage in group activities.
- Archetype system (classes/races): We conducted extensive testing of the archetype system, meticulously examining the classes and races within the game to identify and address any potential vulnerabilities or imbalances.
Cyrex brought significant value to the table, helping the development teams at Sharkmob to patch security-related vulnerabilities within the game, preventing malicious actors from abusing in-game mechanics and ensuring data confidentiality, integrity, and availability. Once concluded, the team at Sharkmob were ecstatic about our services.
“We worked with Cyrex to secure our game and backend, and they were both very professional and very easy to work with! There was very little preparation needed from our side, and the report they presented was useful, in-depth, and easy to use as a blueprint to guide implementation of security hardening.”