Hackers are running free in "Counter-Strike: Global Offensive" servers and spreading their malicious activity through Steam invites. Look out for these invites, or you might be their next victim of data hacking.
Unfortunately, Valve is currently not doing anything to fix the problem.
Dexerto reported that the Secret Club, a not-for-profit reverse-engineering group, first alerted Valve about the hacking incident two years ago. However, they have never been acknowledged by the developers, and the issue was never fixed. The group even said that Valve prevented them from publicly disclosing the issue until today. The group created multiple Twitter posts to explain further the nature of this hacking attack.
"CS:GO" Steam Invite Steals Your Data
A remote code execution that directly affects the source engine game is hidden inside a Steam invite. The Secret Club tweeted a 20-second video of how the code is being executed on your PC. The code also prompts your system to run the user's program and access personal data automatically.
Two years ago, secret club member @floesen_ reported a remote code execution flaw affecting all source engine games. It can be triggered through a Steam invite. This has yet to be patched, and Valve is preventing us from publicly disclosing it. pic.twitter.com/0FWRvEVuUX— secret club (@the_secret_club) April 10, 2021
On the topic of our previous thread, we have @brymko @cffsmith @scannell_simon showcasing their remote code execution 0-day for CS:GO. This has been reported to Valve months ago, but they have neither paid them nor acknowledged the exploit. pic.twitter.com/yGUJTZZzrO— secret club (@the_secret_club) April 10, 2021
Their third tweet was about their member Mev showcasing the code for "CS:GO" as a report to Valve, but it remain unanswered.
Third times a charm; @the_secret_club member mev showcases their remote code execution 0-day for CS:GO. This has been reported to Valve 5 months ago with no response from Valve. pic.twitter.com/Jw8icRPh3j— secret club (@the_secret_club) April 10, 2021
This hacking happens when you accept the steam invite, and the remote code execution gets activated. After gaining free access to the user's data and running programs, the hacker could host community programs and send the same remote code execution to steal more data from other new victims.
However bad or problematic this situation has gotten, Valve is keeping quiet about the whole fiasco. They have not addressed the case, let alone even acknowledge the Secret Lab and its disputes. The problem has been ongoing for months now, and players are left with the option to learn how to defend themselves. Luckily, the malicious steam invite is exclusive to "CS:GO" and your other Steam games should remain safe for the time being.
Be Careful When Accepting Steam Invites
Here are some tips on how to protect yourself and your data from hacking attempts:
- Do not accept suspicious steam invites: stick to the invitation and gaming teams with friends.
- Check your computer for any suspicious activities: the program takes your personal information, so remain on alert if your data has been tampered with or if new programs have been installed in your computer without your consent.
- Stay away from the game for now: unfortunately, Valve has not made any fixes to address the current problem. One of the safest options you could consider is to stop running the game temporarily from your personal computer.
- Keep an eye out for the latest news: the "CS:GO" community remains active in its attempts to prevent the hacking attempts from getting out of hand. Monitor its news for any developments in this hacking strategy.
"CS:GO" remains to be one of the more popular first-person shooter games. Unfortunately, malicious intentions continue to run rampant in its gaming community, so be careful about accepting the next steam invite you receive!
Related Article: 'Star Wars: Republic Commando' Gets Disappointing Reviews: New Switch, PS4 Game Not Enjoyable