Call of Duty Hacker Exploits Anti-Cheat to Mass Ban Innocent Players

In October, Activision announced that it had resolved an error in its anti-cheat system, which allegedly led to a small number of players being mistakenly banned. However, according to a hacker known as Vizor, the issue proved to be far more severe—due to a vulnerability, he was able to personally ban thousands of Call of Duty Modern Warfare 3 players by falsely marking them as cheaters.

Vizor told TechCrunch that he managed to manipulate the anti-cheat system so that even regular players were automatically flagged as violators. The hacker admitted he found it “amusing to exploit the vulnerability” and noted that the scheme could have gone undetected for years if he had targeted unknown players.

The story of Vizor was unveiled with the help of a cheat developer named Zebleer, who is well-acquainted with the Call of Duty hacking community. He confessed that he had known about this vulnerability for several months and had personally observed Vizor’s actions.

The issue has intensified the long-standing struggle between game developers and hackers. For years, hackers have sought ways to circumvent anti-cheat systems to create and sell cheats, profiting handsomely. In 2021, Activision introduced a new system, Ricochet, operating at the kernel level of the operating system to make it harder for hackers to bypass protections.

However, Vizor managed to turn Ricochet against the players themselves. He discovered that the system uses hardcoded text strings as “signatures” to detect cheaters. For instance, one such string was “Trigger Bot,” referring to a cheat type that automatically fires at targets.

The hacker exploited a loophole in the system by sending personal messages in Call of Duty to players containing one of these signatures, resulting in an automatic ban for the recipient. Vizor noted that Ricochet scans players’ devices for these strings, and if they are found, the system automatically issues a ban without considering the context.

The vulnerability in Ricochet echoes previous instances where hackers found loopholes in Call of Duty and used them to their advantage. In July 2023, it was revealed that players’ computers could be infected via compromised game lobbies in Call of Duty Modern Warfare 2 (2009). Attackers exploited a network code vulnerability to spread a worm virus, which infiltrated players’ devices without their knowledge. The issue was so critical that Activision had to temporarily disable servers to investigate.

In March 2024, a new wave of attacks targeted player credentials through specialized malware. Exploiting vulnerabilities and third-party cheats, attackers stole not only gaming account passwords but also cryptocurrency wallet credentials. Despite Activision’s assurances of server security, the incident once again highlighted the vulnerability of gaming systems.

All these cases underscore the need for continuous improvement in security for popular online games to stay a step ahead of hackers and provide an adequate level of protection for everyday gamers.