Hacker who banned 'thousands and thousands' of innocent Call of Duty players using an anti-cheat exploit says, 'I had fun'

Activision announced last month that they had "identified and disabling a workaround" in their automated anti-cheat software, Ricochet. The post's language is intentionally vague, but Activision claims that only "a small number" of legitimate Call of Duty: Warzone or Modern Warfare III users were affected and that these accounts have been restored.

It wasn't long, however, before hackers began to share their side of the tale--to be forgotten all the angry comments under Activision’s post from players who were still locked out of accounts. The exploit was first revealed by a hacker named Zeebler, who explained how they could permanently ban players with just two words in the lobby chat. TechCrunch caught up with Zeebler, the hacker that originally discovered the exploit.

Vizor is the name of the hacker who claims that the issue was far more widespread than Activision will admit. He claims they were able remotely ban "thousands and thousands" of players. The hacker tells TechCrunch that he could have continued to do this for years, as long as he targeted random players, and not anyone famous, it would have gone unnoticed.

Ricochet is targeting cheats such as these because Aimbots are the bane of shooter fans everywhere. They even caused Apex Legends anti-cheat software to go haywire. It's less obvious how typing 'aimbot' and sending it to another player can get them banned.

Vizor explained Ricochet uses hardcoded text strings to detect cheaters. They exploited this by sending innocent players one of these strings through an in-game whisper. To test the exploit, they sent themselves an in-game message that contained one of these strings the day they discovered it. They were immediately banned.

Vizor explains, "I realized that Ricochet Anti-cheat was scanning players' devices for string to determine whether they were cheaters or not. This is a fairly normal thing to do, but scanning so much memory with an ASCII character and banning based on that is prone to false-positives.

In simple terms, Ricochet would go through the setups of players, searching for keywords or signatures from a list, and then ban them when it found any of them, no matter what context they appeared in. This is not the most bizarre part.

Vizor also wrote a script to automate the exploit process. This allowed them to "join the game, post a comment, leave the game and join a new one, repeat, repeat, repeat" and continue dishing out permanent bans while they were on vacation. Vizor stayed up-to-date as Activision updated the anticheat software to include new string signatures. They continued to "troll" both the developer of Call of Duty and the players. This continued until Zeebler, a fellow hacker, made the exploit more widely known.

How does Vizor feel now that Activision finally figured out a workaround? Are their "trolling days" over? You may be surprised by their conclusion: "It's nice to see the bans lifted and that it was fixed," they say before adding, "I still had fun."