Hacker says they banned ‘thousands’ of Call of Duty gamers by abusing anti-cheat flaw
Reading Time: 3 minutesIn October, video game giant Activision said it had fixed a bug in its anti-cheat system that affected ‘a small number of legitimate player accounts,’ who were getting banned because of the bug.
‘I could have done this for years and as long as I target random players and no one famous it would have gone without notice,’ said Vizor, who added that it was ‘funny to abuse the exploit.’
For years, hackers have targeted online video games to try to find flaws capable of installing and using cheats that give players an unfair advantage. Some cheat developers, such as Zebleer, sell their programs as a service, sometimes making millions of dollars. In response, video game companies have been hiring cybersecurity specialists to develop and fine-tune their anti-cheat systems to catch and ban game cheaters. In 2021, Activision released its Ricochet anti-cheat system, which runs at the kernel level in an attempt to make it even harder for cheat developers to get around it.
Vizor said they were able to find a unique way to exploit Ricochet, and use it against the players it was supposed to protect. The hacker realized Ricochet was using a list of specific hardcoded strings of text as ‘signatures’ to detect hackers. For example, Vizor said, one of the strings was the words ‘Trigger Bot,’ which refers to a type of cheat that automatically triggers a cheater’s weapon when their crosshair is over a target.
Vizor said they could simply send a private message — known as a ‘whisper‘ in the game — that included one of these hardcoded strings, such as ‘Trigger Bot,’ and get the player they were messaging banned from the game.
‘I realized that Ricochet anti-cheat was likely scanning players’ devices for strings to determine who was a cheater or not. This is fairly normal to do but scanning this much memory space with just an ASCII string and banning off of that is extremely prone to false positives,’ said Vizor, referring to how the game was effectively scanning for banned keywords, regardless of context.
‘The same day I found this, I got myself banned by sending a whisper message on Call of Duty to myself with one of the strings in the message contents,’ said Vizor.
Vizor said that at one point they developed a script — ‘join a game, post a message, leave the game, join a new game, repeat repeat repeat,’ as Vizor put it — that would run automatically and ban random players, which allowed them to go on vacation and still ban players. Vizor said that over the months that they were doing this, Activision would add new signatures to its anti-cheat system, which they would find soon after and use to ban players.
‘I was most active with the trolling when [the] Ricochet anti-cheat team would add new string signatures. So if I check the [memory] region and see a new string, I will go crazy with it so they think they are detecting real cheaters,’ said Vizor.
Activision did not respond to a request for comment.
‘If you know what signature the anti-cheat is looking for, I find a mechanism to get those bytes in your game process and you get banned,’ said the person, who asked to remain anonymous. ‘I can’t believe [Activision] are banning people on a memory scan of ‘trigger bot.’ That is so incredibly stupid. And they should have been protecting the signatures. That’s amateur hour.’
Apart from random players, Vizor said they targeted some well-known players, too. In the period of time Vizor was using the exploit, some video game streamers posted on X that they had been banned, and then unbanned, once Activision fixed the bug.
The company was alerted of the existence of the bug when Zebleer published details of the exploit on X.
‘It was nice to see it get fixed and see unbans,’ said Vizor. ‘I had my fun.’
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG