A Minecraft exploit is reportedly allowing co-ordinated attackers to get any Xbox / Microsoft account fully banned

Image of Minecraft logo cracked
A Minecraft exploit is wreaking havoc on Xbox accounts. (Image credit: Microsoft)

What you need to know

  • While still unconfirmed by Xbox, the video evidence is pretty convincing that a Minecraft exploit is allowing people to trick Xbox into banning any account they want. 
  • The Java version of Minecraft seems to be susceptible and the exploit is quite easy to carry out. 
  • YouTuber Nick (@GhillieYT) reports that he has become a victim of this exploit, with his entire Xbox account banned due to false reports by harassers abusing this exploit. 

Xbox has had a lot of issues recently with its banning system. We reported not too long ago that Baldur's Gate 3 DVR recordings could cause your account to get banned if you recorded and uploaded any of the intimate scenes in the game. Now there seems to be another black mark on Xbox's automated content enforcement system that has allowed a content creator to get banned through what appears to be no fault of their own, though we have yet to hear a response from Microsoft about whether or not the YouTuber did violate a polity warranting the ban. 

So what is actually going on here? How is an exploit in Minecraft allowing malicious people online to get content creators or other Xbox users banned? Let's take a look. 

How is a Minecraft exploit getting people banned? 

First off, we should give credit where it is due. We first saw this come to light from a text in response to the President of Xbox Sarah Bond on Twitter(X) by Rockstar content creator @videotechuk_. You can see the tweet below. 

In the Tweet, there is a video embedded from YouTube by Gtamen that explains the situation in more detail though with a healthy dose f humor/sarcasm added on top. If you want to watch the video yourself please feel free to do so, but the important takeaway is that in Minecraft you can do an exploit that allows you to "fill in somebody's GamerTag, then just spam a bunch of slurs, and then report said slurs to Microsoft." 

See more

Due to Microsoft's automated banning system, this will lead to a ban on the targeted Xbox account. I don't wish to add a screenshot of the Account Spoof exploit tool that is shown in the video as it has some inappropriate language in it but it is in the video. 

Obviously, this is allowing people who like to be trolls online and grief content creators to successfully impersonate anybody they want who has an Xbox GamerTag create policy-violating speech or content, and then report that content with actual attribution to the target individual. This is a huge issue, and we add our voices to others who have asked for Sarah Bond and others at Xbox to resolve this issue as our bringing it to a larger audience could exacerbate the problem. 

How can Xbox improve its content moderation?

Xbox has an issue with its push to moderate content more aggressively.  (Image credit: Microsoft Copilot)

Large juggernauts like the now Microsoft-owned Call of Duty recently announced they are performing content moderation for live voice chat in Modern Warfare 3. With other initiatives from Xbox to try to automate moderation of content on its platform and in its games, there is also a need to be extra care given to proper attribution and validation of the policy violation before bans are issued. 

There has been a lot of talk in 2024 about how bad it would be for Xbox to exit the console market and one of the biggest arguments for why that would be a horrible thing is due to Xbox gamers' huge digital libraries. I, for one, have around 800 digital games in my Xbox library and I can't even imagine the outrage and sense of loss I would feel if an automated action were to ban my Xbox account due to false reports made through an exploit like the one discussed today. 

Microsoft is now one of the leading companies in AI in nearly every metric, and I hope as they continue down this path to make the Xbox platform safe for its players it can put a bit more intelligence into the artificial automation Xbox is using to so casually ban players. If a human had reviewed these reports, it is likely that the content creator GhillieMaster wasn't even playing Minecraft at the time the malicious chats were crafted and reported and a human could have easily checked that and not issued a ban. 

Xbox has a long way to go, but this should be an easy fix, assuming that it's all true of course. There should be an immediate halt to any bans issued due to Minecraft-reported chat violations until they are reviewed by a human who can verify that this exploit was not used to generate fake inappropriate chats. As Xbox enters into this new realm of being one of the largest publishers in the world with its recent acquisition of Activision Blizzard and King Xbox can do better and it should do better.

Colton Stradling
Contributor

Colton is a seasoned cybersecurity professional that wants to share his love of technology with the Windows Central audience. When he isn’t assisting in defending companies from the newest zero-days or sharing his thoughts through his articles, he loves to spend time with his family and play video games on PC and Xbox. Colton focuses on buying guides, PCs, and devices and is always happy to have a conversation about emerging tech and gaming news. 

  • ggp
    Wow, how unfortunate! If only someone had told Microsoft that forcing people to tie their Xbox accounts to Minecraft, which is probably the most modded game of all time, was a bad idea. Someone like, say, a large part of the Minecraft community. If only.
    Reply