Security

CS:GO & Team Fortress 2 source code leaked – Virus alert for TF2

Earlier today, the source code for Counter-Strike Global Offensive (CS:GO) and Team Fortress 2 (TF2) were leaked on 4chan and uploaded on Torrent sites for free download.

It all started when a Reddit account going by the online handle of /iShaugrrz published a screenshot displaying several compressed files. The Redditor claimed that these files contained unreleased source mods, CS:GO source code as of Operation Hydra and TF2 code as of Jungle Inferno.

See: Ex-employee stole secrets of Israeli spyware firm for dark web deals

Initially, it was feared that hackers would use the data to target Steam accounts since CS:GO turned out to be one of the biggest success on Steam. One Reddit users /SauceSRfun asked,

“So basically if I play either game I run a risk of hackers managing to damage my computer or something I assume?.” In response, another user /MovinThatGearUp claimed, “They’ve found a Remote Code Execution exploit (RCE) bug which allows hackers to do exactly that.”




One Twitter user warned gamers of staying away from TF2 claiming that “Remote Code Execution exploits have already been found which means you can receive a virus from simply joining a server with a cheater.”

Screenshot of the leaked source code

However, Valve has now addressed the issue and rubbished rumors that the source code leak put any of the aforementioned games or players at risk.

“We have reviewed the leaked code and believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018. From this review, we have not found any reason for players to be alarmed or avoid the current builds (as always, playing on the official servers is recommended for greatest security),” the company said.

“We will continue to investigate the situation and will update news outlets and players if we find anything to prove otherwise. In the meantime, if anyone has more information about the leak, the Valve security page describes how best to report that information.”

YET, an official announcement from The Team Fortress 2’s subreddit has urged gamers to refrain from playing the game until the issue is fixed. The announcement also confirmes that gamers are significantly more vulnerable in multiplayer matches meaning malicious hackers can exploit the source code to install malware or backdoor on their device.

As I’m sure many of you have heard there has been a recent data breach for TF2 and other source games. What does this mean for you? Basically you are significantly more vulnerable in multiplayer matches. It is definitely possible that someone could install a virus on your machine by just being in the same server. Your items and steam profile could also be targeted. For your own safety we would advise that you hold off playing untill this problem has been resolved. I do not know how long that will be but we will keep you posted,.

Who leaked the source code?

Although it is unclear who is behind this breach, a gaming YouTuber “mbhound” from Valve News Network has claimed that they are aware of who leaked the source code and that they contacted Valve back in 2018 about the leak but didn’t receive any response from the company.

This stuff was leaked in late 2018 by a member of the course engine development community that unfortunately had a mental breakdown and who was about to do some other very unrelated yet very illegal stuff and right before doing these things leaked this source code on the internet, said the YouTuber.

Watch the YouTuber talking about the leak:

Hackread.com advises users to avoid downloading the source code as hackers use such situations to upload malicious files with the data that could end up infecting your computer with ransomware. 

See: Counter-Strike 1.6 game client 0-day exploited to spread Belonard trojan

This story is developing so stay tuned.

You Might Also Like