A hacker known as Vizor revealed that they used an exploit in Activision’s Ricochet anti-cheat system to falsely ban thousands of innocent players in Call of Duty: Modern Warfare 3 and Warzone. Activision had previously acknowledged the exploit, stating it affected only a “small number” of legitimate players, but Vizor contradicted this, asserting that they personally caused significantly more bans.
Vizor manipulated the system by using keywords or “signatures” that Ricochet used to detect cheats, sending these keywords in messages to unsuspecting players to trigger automatic bans. This exploit went unnoticed for some time until Activision recently resolved the issue.
The method Vizor used to trigger these false bans was unexpectedly straightforward, despite Ricochet’s reputation as a strong anti-cheat measure. Vizor found that Ricochet detected cheats based on specific text strings associated with hacking software. For instance, Ricochet would flag the term “trigger bot”—a type of cheat that auto-fires a player’s weapon when an enemy is in the crosshairs.
By simply sending a private message containing this term, Vizor could make the system falsely register the recipient as a cheater, resulting in an automatic ban. This approach revealed a serious flaw in Ricochet’s detection technique, which focused heavily on identifying cheat-related text.
Vizor shared that they found the exploit amusing and enjoyed targeting random players to avoid detection, rather than high-profile ones. When they realized how Ricochet scanned devices for cheat-related keywords, Vizor tested it by sending one of the flagged terms to their own account, which led to an immediate ban. This demonstrated that Ricochet’s method of relying on specific strings alone was vulnerable to exploitation, leading to false positives without confirming actual cheating activity.
To increase the impact, Vizor automated the process by developing a script that joined games, posted the trigger keywords, and then exited repeatedly. Whenever Activision updated Ricochet with new cheat-detection keywords, Vizor would identify the new terms and use them to continue triggering bans on innocent players.
This strategy allowed them to extend the exploit’s effects, as they could quickly adapt to any adjustments in Ricochet’s system by finding and using fresh keywords each time the anti-cheat mechanism was updated.
The exploit ultimately came to Activision’s attention thanks to Zeebler, a cheat developer who documented Vizor’s method and posted it online, alerting Activision to the issue. Following this, Activision patched the exploit and reversed the unjust bans. While Vizor seemed pleased to see the fix implemented and innocent players unbanned, they expressed no remorse, remarking that they had “enjoyed the experience.”
This incident shed light on the weaknesses of text-based cheat detection and underscored the complex challenges faced by anti-cheat systems in maintaining accuracy without causing harm to legitimate players.
