Because multiplayer are usually server authoritative, meaning the server takes the most important decisions (who shot who, when, how), this leaves a very small attack surface for cheaters.
The first thing is reading the data fetched from server either from network traffic or game client memory, if the server told you where the enemies are, well you could know about them despite not actually seeing them (eg: wallhacks). As a server you can not really detect that so devs used to detect godlike abilities instead (did just noscope that dude on the other side of the map, which you're not supposed to see through walls ?). Then a new response from the industry was to make you install a spyware grade lowest level software called anti-cheat to monitor your game binary and their realtime access to memory to check if you've tampered with or if it's exposed.
On the other hand, you don't want to just access data but modify it. Because it relies on a authoritative remote server, this involves careful analysis of the traffic in order to try making some sense out of it and decrypt the language your client speaks with the server. Eventually the cheater will send specifically crafted data packets to the server about a specific parameter the client is trusted with (if the server trust the clients to give him their position, they could lie and tell him they're everywhere). The server can not compute everything, so it would be 100% secure, because it would be too much for him, so there has to be tradeoffs.
Though, it's easier said than done, traffic is usually compressed and probably encrypted too and eventually obfuscated, so pretty much unreadable. On top of that some games will only leave insignificant parameters to be computed and fed by the clients (and other games like GTA online will let them annihilate reality). It all boils down to how the client/server architecture was designed and implemented, whats important enough for only the server should have authority on, but adding to that the anti-cheat mentioned previously, best of luck.
aoikeiichi t1_j9yd6zm wrote
Reply to ELI5: How does using hack in online game different from offline game. by kai_long01
Because multiplayer are usually server authoritative, meaning the server takes the most important decisions (who shot who, when, how), this leaves a very small attack surface for cheaters.
The first thing is reading the data fetched from server either from network traffic or game client memory, if the server told you where the enemies are, well you could know about them despite not actually seeing them (eg: wallhacks). As a server you can not really detect that so devs used to detect godlike abilities instead (did just noscope that dude on the other side of the map, which you're not supposed to see through walls ?). Then a new response from the industry was to make you install a spyware grade lowest level software called anti-cheat to monitor your game binary and their realtime access to memory to check if you've tampered with or if it's exposed.
On the other hand, you don't want to just access data but modify it. Because it relies on a authoritative remote server, this involves careful analysis of the traffic in order to try making some sense out of it and decrypt the language your client speaks with the server. Eventually the cheater will send specifically crafted data packets to the server about a specific parameter the client is trusted with (if the server trust the clients to give him their position, they could lie and tell him they're everywhere). The server can not compute everything, so it would be 100% secure, because it would be too much for him, so there has to be tradeoffs.
Though, it's easier said than done, traffic is usually compressed and probably encrypted too and eventually obfuscated, so pretty much unreadable. On top of that some games will only leave insignificant parameters to be computed and fed by the clients (and other games like GTA online will let them annihilate reality). It all boils down to how the client/server architecture was designed and implemented, whats important enough for only the server should have authority on, but adding to that the anti-cheat mentioned previously, best of luck.