The nice thing about automated anti-cheat tools is they can get a lot of good done in a short amount of time. Take Call of Duty's Ricochet anti-cheat, a kernel-level program that's banned hundreds of thousands of cheater accounts in the years since its introduction. The bad thing about automated anti-cheat is that, sometimes, its deep access can be used for evil. Activision revealed today that it recently "disabled a workaround" in its systems that banned innocent players.
"RICOCHET Anti-Cheat identified and disabled a workaround to a detection system in Modern Warfare III and Call of Duty: Warzone that impacted a small number of legitimate player accounts," a tweet from the Call of Duty Updates account today said. "We have restored all accounts that were impacted. An examination of our systems was conducted for safety and monitoring will continue."
The statement doesn't mention what exactly this troublesome workaround was, but it's possible Activision closed an exploit that allegedly allowed anyone to weaponize Ricochet against any account they wanted. Yikes.
In an article posted on Twitter (first spotted by The Verge), cheat developers claim that people have been using this "remote perma ban" exploit for months to target random players and well-known streamers, and all it took to get someone banned was to type two words into chat while they're in the same lobby: "Trigger Bot".
The gist of the exploit, if accurate, is that Ricochet creates a specific signature in your RAM to signal that a known cheat is present on your system. The cheat dev says it was possible to force a false ban by typing those signatures into chat and therefore injecting them into players' system memory. One of the detected phrases is supposedly "Trigger Bot," a type of cheat that clicks your mouse for you, so exploiters could send a message like "Nice Trigger Bot" in game chat (or through a friend request username) and trigger a ban.
Public apology would go a long way. Imagine having your name drug through the mud for 2 weeks for something you never did and being offered 0 explanation. Oh wait that was ME the past 2 weeks!!!October 17, 2024
At least one well-known streamer is convinced he was targeted by the exploit. Warzone streamer BobbyPoff spent weeks fighting cheating allegations online and appealing to Activision after his account was permanently banned on Oct. 3. Then yesterday his account was restored, but not before he was the subject of a parody music video called "It Wasn't Me".
We can't verify the exploit is real (and can't exactly test it now if Activision just fixed it), but the claims are at least consistent with Activision's description of the problem as a "workaround of a detection system". It's also unclear how many accounts could have been caught up in this mess—Activision says a "small number," but who knows what that means when it regularly hands out bans in the tens of thousands.
