Call of Duty's new advanced RICOCHET anti-cheat tool has already been leaked out into the wild, and coders are currently investigating ways on cracking it.
Yesterday Activision announced RICOCHET, a new innovative kernel-level anti-cheat solution aimed at decimating cheaters in Warzone and the upcoming Vanguard. Gamers were wary of yet another kernel-based anti-cheat (these programs technically get access to the most sensitive parts of your computer) and this kind of security is only ever deployed to combat the most stubborn threats.
Now it looks like RICOCHET could be rendered obsolete before it's even launch. Hackers have obtained and leaked RICOCHET out into the wild and P2C (pay2cheat) coders are already reverse-engineering the driver in an effort to exploit it and circumvent the measures. This means Activision's work may be useless even before it launches.
Read Also: RICOCHET anti-cheat FAQ
As far as security goes, Activision says that the RICOCHET kernel driver is not always-on and is only active when playing Call of Duty Warzone or Vanguard. The kernel driver works in tandem with remote servers and identifies all programs that interact with Warzone and Vanguard--the team is trying to use automated AI tools to catch cheaters using specific programs.
Kernel-level protection isn't new for games. Irdeto's Denuvo anti-tamper uses it, although this has been widely controversial among gamers.
Activision has yet to respond to the reports of RICOCHET's leak but we should hear more info soon.