Interesting news via PST*Joker (from mycallofduty.com) tonight.

• Cracked server admins got a dose of their own medicine recently.
• Cracked servers get around server authentication by pointing to a non-Activision site.
• Normally, CoD4 points a server to the cod4master.activision.com url. This url cannot be changed too dramatically because of the md5 (encryption) hash which would fail security checks if too many letters in the url were altered. This means that the authentication address cannot be changed dramatically. Typically, cracked admins will just change one letter of that address.
• Many in the cracked community had been pointing their cracked servers to "cod4master.activhsion.com"...this was noted by folks at PBBans, who in a stroke of genius bought that domain name!
• They then pointed the domain to the master server url and soon thereafter, server (and player) information was collected for further action.
• PBBans could have banned player IP's but those are typically dynamic. For that reason, the best solution was to IP ban the servers. If those servers were leased, the server company would of course notice and ban the lessor.
• Genius.

Reference links: 

FileForum post

http://www.activhsion.com/