Warzone Trojan Horse theory: Was RICOCHET’s anti-cheat leak intentional? - Dexerto
Call of Duty

Warzone Trojan Horse theory: Was RICOCHET’s anti-cheat leak intentional?

Published: 19/Oct/2021 22:09

by Theo Salaun

Share


Call of Duty’s highly anticipated RICOCHET Anti-Cheat was leaked to hackers, but an intriguing theory thinks that this was actually intentional. Instead of a security disaster, some think the Warzone anti-cheat leak was a Trojan Horse. 

Catching up to speed in the CoD and Warzone anti-cheat saga is fairly easy. Warzone (and CDL Challengers) had hacking problems and Activision announced an upcoming, proprietary RICOCHET Anti-Cheat.

Then, within a day, the kernel-level driver was apparently leaked and hackers began reversing it. Another day later, Activision calmed concerns that this leak meant impending doom for the Warzone anti-cheat. 

The devs explained that the leaked build was “pre-release” and intentionally given to third parties for testing. And that’s where the Trojan Horse theory comes in, as some are speculating that it was supposed to end up with hackers — as a means to sabotage them.

Advertisement

Warzone anti-cheat Trojan Horse theory

As you can see from CoD’s tweet, they didn’t seem particularly worried about the leaking and consequent anti-cheat reversing. This lends itself to the Trojan Horse theory, which was first raised by the New York Subliners’ Mavriq.

The theory, in essence, suggests that “this was a controlled ‘leak’ done with a decoy file to throw cheat providers off and get them working to exploit vulnerabilities that don’t exist.” In doing so, hackers would be thrown off the trail of the real anti-cheat.

Could malware have been hidden in the Warzone anti-cheat leak?

While some hope that Activision’s security team hid malware in their leaked build, there hasn’t been much evidence of that. Instead, Mavriq explained that the leak felt “barebones” and “out-of-date.”

Advertisement

So, the Trojan Horse might not be as exciting as a malware-infested build that would take down hackers from the inside. But, if it’s a rudimentary “pre-release” build, then there’s still hope that cheaters won’t be prepared for the final version when it finally launches.