i think this is the best method trace users
Lab Activity
We will be utilizing network information collected from the Labs and activity pertaining to Challenges, specifically whether or not a Challenge has ever been started or downloaded to verify legitimacy of each own. The information we collect is basic (source user ID, target machine/challenge ID and timestamps of observed interactions), but can give us a good understanding of how users interact with Machines and Challenges. While we will not be preventing users from owning Machines without any interaction, this is something we will be keeping a very close eye on, and will potentially implement further mitigations to prevent this kind of behaviour in the future.
******> @nyckelharpa said:
Hack The Box just released some info about these changes: HTB News | Integrity of Hack The Box
They also have some good suggestions for your problems on there!