Hacker Says They Banned 'Thousands' of Call of Duty Gamers By Abusing Anti-Cheat Flaw (techcrunch.com) 14
An anonymous reader shares a report: In October, video game giant Activision said it had fixed a bug in its anti-cheat system that affected "a small number of legitimate player accounts," who were getting banned because of the bug. In reality, according to the hacker who found the bug and was exploiting it, they were able to ban "thousands upon thousands" of Call of Duty players, who they essentially framed as cheaters. The hacker, who goes by Vizor, spoke to TechCrunch about the exploit, and told their side of the story.
"I could have done this for years and as long as I target random players and no one famous it would have gone without notice," said Vizor, who added that it was "funny to abuse the exploit." TechCrunch was introduced to Vizor by a cheat developer called Zebleer, who is familiar with the Call of Duty hacking scene. Zebleer said he had been in touch with Vizor for months, and as such had knowledge of the exploit, which he said he saw Vizor using.
"I could have done this for years and as long as I target random players and no one famous it would have gone without notice," said Vizor, who added that it was "funny to abuse the exploit." TechCrunch was introduced to Vizor by a cheat developer called Zebleer, who is familiar with the Call of Duty hacking scene. Zebleer said he had been in touch with Vizor for months, and as such had knowledge of the exploit, which he said he saw Vizor using.
Insecurity by security measures (Score:3)
Old story. And as makers of security software seem to be getting progressively more incompetent, probably an important topic in IT security for the rest of the decade at the very least.
Re: (Score:2)
"Yeah, the linebacker made 13 touchdowns in his mother's basement during the last 5 minutes to beat the opposing team. We're just taking his pigskin's word for it. He's an NFL champion!"
Corporate dishonesty (Score:2)
Corporate entities lie as a matter of habit; The bigger the corporation, the more likely that their public claims that would incur liability are purposely lacking in detail; leaving out facts, understating the breadth of faults and understating the severity of faults they have been responsible for.
This should be a rule of thumb.
Re: (Score:2)
omission is also a sin, Epic Games, for instance, never publishes information about banned players or how many thye ban
it's impossible to gauge the severity of the problem, there may be a lot more cheating going on than people realize or admit to
now can an hack mess up an esports event by doing (Score:2)
now can an hack mess up an esports event by doing this?
and will some one get banned live? and if so do they auto lose with no review?
Re: (Score:2)
GTA Online (Score:2)
Has a similar, but thankfully not as severe bug, where cheaters can trick other players' games into thinking BattleEye Anti-Cheat needs an update, so it boots them from the session and refuses to let them join another until they restart the game.
Of course there's another exploit to just crash the games of everyone in a session entirely which is the only thing that prevents this from being a big deal.
Re: (Score:2)
Has a similar, but thankfully not as severe bug, where cheaters can trick other players' games into thinking BattleEye Anti-Cheat needs an update, so it boots them from the session and refuses to let them join another until they restart the game.
Of course there's another exploit to just crash the games of everyone in a session entirely which is the only thing that prevents this from being a big deal.
I love how after 10 years they finally roll out anti-cheat for GTA 5. Obviously its in preparation for GTA 6, but it will prove to be as equally pointless as pretty much all cat and mouse games.
Re: (Score:2)
So long as they get rid of the idiotic server crash cheat and complete lack of IP obfuscation, which should never have been possible in the first place and wouldn't have been if it wasn't for the fact that GTAO was originally just an afterthought that they had no idea would blow up as big as it did, little to no players would really give a damn about cheaters in GTAO. They would be a minor annoyance at worst. R* obviously would because cheaters don't buy shark cards and are likely to toss out money like can
Re: (Score:2)
IP obfuscation
That's just BS. In order for your system to know where to send your inputs to it needs to know the IP addresses of the other players. That's matchmaking 101. No matter how hard a developer tries to hide it, a hacker will find it simply by sniffing the raw IP headers from the ethernet cable.
The best you could do would be to have a relay server that all of the other players had to go through. That would make it so that the only IP known to the attacker was the publicly known relay server, but because the "
Trolls are evil (Score:1)
I think there is a special place in the underworld for people like this causing mayhem, pain and collateral damage to many...for the lolz, and maybe showing off how someone or some company made a mistake or poor implementation even though they has best intentions (eg banning cheaters). Trolls be trolls, but I hope a comeuppance is on the way. Shame this person didn't learn any of those lessons on the playground. Same vein as a doxxer.