Topics
Latest
AI
Amazon
Image Credits:Activision
Apps
Biotech & Health
Climate
Image Credits:Activision
Cloud Computing
Commerce
Crypto
endeavour
EVs
Fintech
Fundraising
Gadgets
Gaming
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
exile
Venture
More from TechCrunch
issue
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
In October , video game giant Activisionsaid it had fixed a bug in its anti - cheat systemthat affected “ a small telephone number of legitimate player accounting , ” who were getting banned because of the microbe .
In reality , according to the hacker who found the bug and was exploiting it , they were able to ban “ thousands upon thousands ” of Call of Duty histrion , who they fundamentally draw up as cheaters . The hacker , who goes by Vizor , spoke to TechCrunch about the feat , and secernate their side of the story .
“ I could have done this for days and as long as I target random actor and no one famous it would have gone without notice , ” said Vizor , who added that it was “ funny to abuse the exploit . ”
TechCrunch was introduced to Vizor by a cheat developer called Zebleer , who is familiar with the Call of Duty hacking scene . Zebleer enjoin he had been in touch with Vizor for calendar month , and as such had knowledge of the exploit , which he articulate he saw Vizor using .
For long time , hackers have place online video gamesto assay to find flaws adequate to of instal and using cheats that give musician an unfair reward . Some cheat developer , such as Zebleer , betray their programs as a service , sometimes make millions of dollars . In response , video game companies have been hiring cybersecurity specialists to develop and fine - tune their anti - cheat systems to catch and ban plot beguiler . In 2021 , Activisionreleased its Ricochet anti - cheat system , which runs at thekernel levelin an endeavour to make it even harder for cheat developers to get around it .
Vizor say they were able to find a unique way to work Ricochet , and use it against the players it was theorize to protect . The hacker realized Ricochet was using a list of specific hardcoded strings of textbook as “ signatures ” to detect hackers . For example , Vizor tell , one of the strings was the words “ Trigger Bot , ” which refers to a type of cheat that automatically triggers a cheater ’s arm when their crosshair is over a target .
Vizor said they could plainly station a private message — known as a “ whispering ” in the biz — that included one of these hardcoded train , such as “ Trigger Bot , ” and get the player they were messaging banned from the game .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
“ I realized that Ricochet anti - cheat was likely scanning players ’ devices for strings to determine who was a cheater or not . This is fairly normal to do but glance over this much memory quad with just an American Standard Code for Information Interchange string and ban off of that is highly prone to fictitious positive degree , ” said Vizor , refer to how the game was effectively scan for banned keywords , disregardless of linguistic context .
“ The same daylight I found this , I got myself banned by institutionalize a whisper substance on Call of Duty to myself with one of the string in the message mental object , ” said Vizor .
Vizor say that at one point they acquire a script — “ unite a plot , place a message , leave the biz , join a new biz , repeat repeat repeat , ” as Vizor put it — that would run mechanically and ban random players , which allowed them to go on holiday and still ban musician . Vizor said that over the calendar month that they were doing this , Activision would append novel signatures to its anti - cheat system , which they would find shortly after and use to shun thespian .
“ I was most dynamic with the troll when [ the ] Ricochet anti - cheat team would add new string signature . So if I check the [ memory ] region and see a newfangled train , I will go crazy with it so they retrieve they are detect real cheaters , ” said Vizor .
Activision did not respond to a request for comment .
A soul who used to go at Activision , and still has noesis of the work that the security and anti - cheat team do at the company , told TechCrunch that Ricochet was scanning for sure signature and “ that may have been weaponize against the anti - cheat , ” essentially the technique Vizor was exploiting .
“ If you know what signature the anti - cheat is looking for , I find a mechanism to get those byte in your secret plan operation and you get banned , ” enunciate the individual , who asked to stay on anon. . “ I ca n’t trust [ Activision ] are banning people on a remembering CAT scan of ‘ trigger bot . ’ That is so incredibly stupid . And they should have been protecting the signature . That ’s unskilled 60 minutes . ”
Apart from random player , Vizor said they point some well - known player , too . In the stop of time Vizor was using the exploit , somevideo game streamersposted on X that they had been banned , and thenunbanned , once Activision sterilise the germ .
The caller was alert of the existence of the bug when Zebleerpublished inside information of the exploiton X.
“ It was skillful to see it get fixed and see unbans , ” said Vizor . “ I had my fun . ”
