Hacker claims he's 'exploited flaws in anti-cheat tools to get thousands of Call of Duty players banned'



Activision's popular FPS 'Call of Duty' series uses a kernel-level anti-cheat system called '

RICOCHET Anti-Cheat ' as an approach to combat cheating. However, a hacker who goes by the name of 'Vizor' has testified that he has exploited a flaw in this 'RICOCHET Anti-Cheat' to ban thousands of ordinary users from the game.

Hacker says they banned 'thousands' of Call of Duty gamers by abusing anti-cheat flaw | TechCrunch
https://techcrunch.com/2024/11/07/hacker-says-they-banned-thousands-of-call-of-duty-gamers-by-abusing-anti-cheat-flaw/



For years, hackers have targeted online video games, trying to find flaws they can install and use to give players an unfair advantage. Some cheat developers have even

made millions of dollars selling their programs as a service.

In response, game developers are hiring cybersecurity experts to develop and tune anti-cheat systems, such as Activision's RICOCHET Anti-Cheat, which works at the kernel level to make it harder for cheat developers to circumvent the system.

'Call of Duty' developer announces kernel-level cheat countermeasure 'Ricochet anti-cheat' - GIGAZINE



However, Vizor found his own way to exploit RICOCHET Anti-Cheat to kick ordinary players out of the game. According to Vizor, RICOCHET Anti-Cheat uses specific hard-coded strings as 'signatures' to detect cheating. One example is a cheat called 'Trigger Bot,' which automatically fires bullets when you aim at a target.

Vizor used the in-game feature 'Whisper' to send private messages to other players, sending hard-coded text such as 'Trigger Bot.' As a result, the user who received the message was kicked out of the game.

Vizor said, 'We realized that RICOCHET Anti-Cheat was likely scanning strings on players' devices to determine who was cheating and who wasn't. If you were to scan this much memory space with just ASCII strings and try to kick players out of the game, you'd be very prone to false positives.'



Vizor also developed an automatically executed script that would join a game, send a message, leave the game, and join a new game. Vizor's hacking using the script lasted for several months, and Activision continued to add new signatures to RICOCHET Anti-Cheat during that time.

'We've been doing these hacks for years now, and exploiting corporate exploits has been a lot of fun,' Vizor said.

'It's unbelievable and stupid that Activision would ban users just for finding the 'Trigger Bot' string,' said a person who worked on security and anti-cheat tools at Activision. 'And they should have protected the signature so that RICOCHET Anti-Cheat couldn't be abused.'

Zebleer, who is an expert on hacking the Call of Duty series, explains the flaws used in this hack.




In addition, the official Call of Duty account reported that they had implemented a fix for the issue, stating, 'We have identified and disabled a workaround for our RICOCHET Anti-Cheat detection system. A small number of legitimate player accounts were affected by this workaround, however, all affected accounts have been restored.'


Related Posts:

in Game,   Security, Posted by log1r_ut