Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
Activision tried to hush up the problem, but the truth still surfaced.
In October, Activision announced that it had fixed a bug in its anti-cheat system, due to which allegedly a small number of players were mistakenly banned. However, according to a hacker under the pseudonym Vizor, in fact, the problem turned out to be much more serious - due to the vulnerability, he was able to personally block thousands of Call of Duty Modern Warfare 3 players, presenting them as cheaters.
Vizor told TechCrunch that he managed to manipulate the anti-cheat system in such a way that even ordinary players were automatically considered violators. The hacker admitted that he had "fun abusing the vulnerability" and noted that such a scheme could have gone unnoticed for years if he had targeted unknown players.
The story of Vizor was helped by a cheat developer named Zebleer, who is well acquainted with the Call of Duty hacker community. He admitted that he had been aware of this vulnerability for several months and personally observed the actions of Vizor.
The problem has escalated amid a long-standing struggle between game developers and hackers. For years, they have been looking for ways to bypass anti-cheat systems in order to create cheats and sell them, making good money on it. In 2021, Activision introduced a new Ricochet system that works at the kernel level of the operating system to make it harder for hackers to bypass protection.
However, Vizor managed to find a way to use Ricochet against the players themselves. He found that the system used hardcoded text strings as "signatures" to detect cheaters. For example, one of these lines was the word "Trigger Bot", which denotes a type of cheat that automatically shoots at a target.
The hacker exploited a loophole in the system: he sent private messages to Call of Duty to players with one of these signatures, which led to an automatic ban of the recipient. Vizor noted that Ricochet scans players' devices for these strings, and if they are found, the system automatically issues a ban without taking into account the context.
The situation with the Ricochet vulnerability is reminiscent of previous cases when hackers found loopholes in Call of Duty and used them for their own purposes. So, in July 2023, it became known about the possibility of infecting the computers of Call of Duty Modern Warfare 2 (2009) players through hacked game lobbies. Attackers exploited a network code vulnerability to spread a worm that infiltrated players' devices without their knowledge. The problem turned out to be so serious that Activision had to temporarily shut down the servers to investigate.
In March 2024, a new wave of attacks took place: hackers aimed to steal player credentials using specialized malware. Using vulnerabilities and third-party cheats, attackers stole passwords not only from gaming accounts, but also from cryptocurrency wallets. Despite Activision's claims about the security of its servers, the incident once again demonstrated the vulnerability of gaming systems.
All these cases confirm that protection in popular online games requires constant improvement in order to stay one step ahead of hackers and provide a decent level of security to ordinary gamers.
Source
In October, Activision announced that it had fixed a bug in its anti-cheat system, due to which allegedly a small number of players were mistakenly banned. However, according to a hacker under the pseudonym Vizor, in fact, the problem turned out to be much more serious - due to the vulnerability, he was able to personally block thousands of Call of Duty Modern Warfare 3 players, presenting them as cheaters.
Vizor told TechCrunch that he managed to manipulate the anti-cheat system in such a way that even ordinary players were automatically considered violators. The hacker admitted that he had "fun abusing the vulnerability" and noted that such a scheme could have gone unnoticed for years if he had targeted unknown players.
The story of Vizor was helped by a cheat developer named Zebleer, who is well acquainted with the Call of Duty hacker community. He admitted that he had been aware of this vulnerability for several months and personally observed the actions of Vizor.
The problem has escalated amid a long-standing struggle between game developers and hackers. For years, they have been looking for ways to bypass anti-cheat systems in order to create cheats and sell them, making good money on it. In 2021, Activision introduced a new Ricochet system that works at the kernel level of the operating system to make it harder for hackers to bypass protection.
However, Vizor managed to find a way to use Ricochet against the players themselves. He found that the system used hardcoded text strings as "signatures" to detect cheaters. For example, one of these lines was the word "Trigger Bot", which denotes a type of cheat that automatically shoots at a target.
The hacker exploited a loophole in the system: he sent private messages to Call of Duty to players with one of these signatures, which led to an automatic ban of the recipient. Vizor noted that Ricochet scans players' devices for these strings, and if they are found, the system automatically issues a ban without taking into account the context.
The situation with the Ricochet vulnerability is reminiscent of previous cases when hackers found loopholes in Call of Duty and used them for their own purposes. So, in July 2023, it became known about the possibility of infecting the computers of Call of Duty Modern Warfare 2 (2009) players through hacked game lobbies. Attackers exploited a network code vulnerability to spread a worm that infiltrated players' devices without their knowledge. The problem turned out to be so serious that Activision had to temporarily shut down the servers to investigate.
In March 2024, a new wave of attacks took place: hackers aimed to steal player credentials using specialized malware. Using vulnerabilities and third-party cheats, attackers stole passwords not only from gaming accounts, but also from cryptocurrency wallets. Despite Activision's claims about the security of its servers, the incident once again demonstrated the vulnerability of gaming systems.
All these cases confirm that protection in popular online games requires constant improvement in order to stay one step ahead of hackers and provide a decent level of security to ordinary gamers.
Source
