‘CS:GO’ exploit allows hackers to take over victim’s PC using a game invitation

‘CS:GO’ exploit which allows hackers to take over victim's PC using a Steam invitation persists, despite a security researcher flagging it in 2019. — CS:GO

Video games including popular eSports title Counter Strike: Global Offensive (CS:GO) have an exploit that could allow hackers to take over the player’s computer, warns a cybersecurity researcher.

Motherboard reported that a researcher named Florian discovered the exploit, where hackers gain control by using a bug with the Steam ‘invite to play’ feature.

Once they gain control of the computer, the bug can also go on to infect their friends’ machines through the same method, it reported.

Steam is a game software distribution platform owned by Valve Corporation. Valve is also the maker of Source Engine, which is used by CS:GO and many other games, including Team Fortress 2.

The bug could theoretically affect other games using the Source Engine, although the Motherboard article reported that the vulnerability appeared to have been patched in games other than CS:GO.

“We can’t say in how many games it used to work and if/when things got patched,” Florian was quoted as saying in the article. “When we posted that this exploit affects every source engine game one should understand this as ‘every game might theoretically be affected as it is a bug in the engine and not something game specific’.”

However, at press time, CS:GO was still not patched.

In a call with Motherboard, Florian also pointed out that though he raised the issue through Valve’s bug bounty platform back in 2019, the company did not resolve the issue even though it marked the bug as “critical”.

“I am honestly very disappointed because they straight up ignored me most of the time,” Florian said in an online chat.

Valve did not respond to a request for comment by Motherboard.

Article type: free
User access status:

Next In Tech News

As of iOS 14.4, Apple lets you get more volume out of your iPhone
Need a professional photo? In pandemic times, you can do it yourself
Biden revokes Trump order that sought to limit social media firms' protections
Stock photography: Tips for turning your photos into cash
'Chaos Monkeys' author calls Apple's statement on his departure defamatory
TeamViewer adds 2FA for extra security on Windows
Vivaldi browser wants to end annoying 'accept cookies' banners
Ransomware gangs disrupted by response to Colonial Pipeline hack
Exclusive: Personal finance startup NerdWallet files for U.S. IPO - sources
Facebook to defend itself against 'damaging' Irish data privacy probe

Stories You'll Enjoy