[ad_1]
In October, video game giant Activision It said it fixed a bug in its anti-cheat system This affected a “small number of legitimate player accounts”, who were banned due to the error.
In fact, according to the hacker who discovered the bug and was exploiting it, they were able to ban “thousands and thousands” of Call of Duty players, who were essentially accused of being cheaters. The hacker, who goes by the name Vizor, spoke to TechCrunch about the exploit, telling his side of the story.
“I could do this for years, and as long as I’m targeting random players and no one famous, it won’t go unnoticed,” Vizor said, adding that it was “ludicrous to abuse this loophole.”
TechCrunch was brought to Vizor by a cheat developer named Zebleer, who is familiar with the Call of Duty hacking scene. Zebleer said he had been in contact with Vizor for months, and thus was aware of the vulnerability he said he saw Vizor use.
For years, hackers have targeted online video games to try to find flaws capable of installing and using cheats that give players an unfair advantage. Some cheat developers, such as Zebleer, sell their software as a service, Sometimes he makes millions of dollars. In response, video game companies have hired cybersecurity specialists to develop and fine-tune their own anti-cheat systems to catch and ban game cheaters. In 2021, Activision Ricochet has released an anti-cheat systemwhich works at the kernel level in an attempt to make it more difficult for cheat developers to get around it.
Vizor said they were able to find a unique way to exploit Ricochet, and use it against the players it was supposed to protect. The hacker realized that Ricochet was using a list of specific text strings encrypted as “signatures” to detect hackers. For example, Vizor said, one string was the phrase “Trigger Bot,” which refers to a type of cheat that automatically triggers a cheater’s weapon when its aiming line is above the target.
Vizor said they can simply send a private message — known as a “Whisper“in the game – which included one of these encrypted chains, like ‘Trigger Bot’, and the player they were messaging was banned from the game.
“I realized that Ricochet’s anti-cheat software was most likely scanning players’ machines for clues to determine who was a cheater or not. This is fairly normal, but scanning that much memory space with just an ASCII string and blocking that is very vulnerable,” Vizor said. for false positives,” referring to how the game effectively searches for banned keywords, regardless of context.
“The same day I found this, I was banned by sending myself a whispered message in Call of Duty using one of the strings in the contents of the message,” Vizor said.
Contact us
Do you develop or sell cheats? Or do you work on anti-cheat systems for a video game company? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, via Telegram and Keybase @lorenzofb, or email. You can also contact TechCrunch via SecureDrop.
At some point, Vizor said, they developed a script — “Join a game, post a message, leave the game, join a new game, repeat repeatedly,” Vizor said — that would automatically run and ban random players, allowing them to go on a rampage. Vacation and they still ban players. Vizor said that over the months that they were doing this, Activision would add new signatures to their anti-cheat system, which they would soon find and use to ban players.
“I’ve been more active in trolling when Ricochet’s anti-cheat team adds new string signatures. If I scan the (memory) area and see a new string, I’ll go crazy with it until they think they’re detecting real cheaters,” Vizor said.
Activision did not respond to a request for comment.
A person who used to work at Activision, and still has knowledge of the work done by the company’s security and anti-cheat team, told TechCrunch that Ricochet was looking for certain signatures and “they may have been used as a weapon against anti-cheat.” “, which is the technology that Vizor was mainly exploiting.
“If you knew what signature the anti-cheat was looking for, I would find a mechanism to get those bytes into your game process and you would be banned,” said the person, who requested to remain anonymous. “I can’t believe Activision is blocking people from scanning the Trigger bot’s memory. This is so stupid. They should have protected signatures. It’s amateur hour.”
Aside from random players, Vizor said they targeted some well-known players as well. During the time period that Vizor was using the exploit, some Video game players Posted on X that she was banned, and then Not prohibitedOnce Activision fixes the bug.
The company was alerted to the vulnerability when Zebleer Details of the exploit have been published On X.
“It would have been nice to see it fixed and the ban lifted,” Vizor said. “I had fun.”
[ad_2]