A hacker named Vizor claims to have exploited a vulnerability in the Call of Duty (CoD) anti-cheat system Ricochet, and was able to lock out thousands of legitimate players with false accusations of cheating.
The Ricochet anti-cheat system, introduced in CoD in 2021, works at the kernel level of the operating system and detects cheats by scanning the player’s device memory for prohibited strings. However, Vizor took advantage of an imperfection in the algorithm that reacts to certain words in the game to block other players. He simply sent private messages with keywords like “Trigger Bot,” which automatically flagged the behavior as a scam.
Vizor’s activity drew attention after a spike in bans in August, when Activision suspended 65,000 accounts. The hacker even automated the blocking process using scripts, and explained that the string signatures targeted by Ricochet are stored in the game’s memory regardless of context, allowing for the exploit.
The incident drew criticism from the CoD development community. The use of context-insensitive text triggers is a serious vulnerability in Ricochet that Activision intends to address. However, this situation highlights a serious problem with cheat protection systems that rely on text signatures, especially in big games like CoD.