A security researcher from Google has been banned from Call of Duty: Modern warfare for attempting to reverse engineer its networking code while studying the security to hunt memory corruption vulnerabilities.
Almost a week later, after getting his account suspended by Call of Duty’s developer, Activision Blizzard, Google Project Zero’s Williamson, who carried out the research in his personal capacity, published a blog post telling that the research he conducted required him to reverse engineer the networking code in COD’e executable ( For reviewing the code for memory corruption vulnerabilities). However, as the executable was heavily obfuscated, IDA failed to examine it, forcing him to as he said in the blog, “dump the unobfuscated code from the memory of a running game process.”
It was at that point when the developers of the game suspected him as a cheater and consequently, his activities were flagged for being suspicious in nature. To ensure he doesn’t affect any players in the process, Williamson tried to read memory while he was in the main menu; he attached WinDbg debugging tool – in consequence to which the game exited, the incident was attributed to the flagging event as per Williamson who also attempted to pause the process prior to dumping memory from it. He dumped an image of the game from memory in the main menu and exited normally, as explained in his blog post.
The researcher who was saddened by the ban for multiple reasons, told, “after spending a few days reviewing the binary, I decided that the binary was so large and unwieldy to deal with that I would table the project for a later date. But unfortunately, I was banned about a month later, losing over a year of progress on my account.”
“The ban saddens me on a personal level as I’ve reconnected with family and friends from throughout my life playing this game during the pandemic. But more importantly, this sends a clear signal: this research is not welcome. I believe I had a reasonable expectation that it would be. I had done similar work during a CTF, where I reverse engineered and fuzzed CS:GO without ever risking a ban,” he further added.
Williamson, while scaling the magnitude of ‘cheating’ as a threat to online gaming, said that, “I understand that the developers shoulder an impressive burden in preventing cheat development and use. They need to leverage a variety of signals to detect cheat development and use. I’m guessing that because they may not have seen security researchers reviewing their platform before, they interpret any attempt to reverse engineer as a sign of malicious behavior. No typical player would attach a debugger to the game, and therefore they probably assume they don’t need much more evidence beyond this to issue a ban.”
While voicing his concerns regarding the ban for security researchers, he said, “Let me be clear: at no point did I intend to develop or use a cheat, and at no point did I manipulate any aspect of the game for another player or even myself. To this day, I don’t know what exactly caused the ban, and there’s no process to appeal it. What if using a reversing tool as part of my job gets me flagged? This fear is in the back of my mind for all games with anti-cheat, not just Warzone.”