Valve’s Source Engine Cheating Exploit Has Remained Unpatched For Two Years

The past year has caused an explosion in the games industry, but that explosion has caused several secondary explosions in the cheat-making market. Aimbots, wallhacks, and other forms of cheat software is big business these days, which has forced the industry to renew its focus on combating cheaters.

Except for Valve, apparently. The Dota 2 and CS:GO maker has been reportedly sitting on a massive Source Engine vulnerability for the past two years.

This report comes courtesy of The Secret Club, a “not-for-profit reverse-engineering group” that looks into publicly available software and publishes vulnerabilities under the expectation that the software developer fixes those vulnerabilities. Recently, the group posted a video on Twitter showing how someone can gain remote access to someone else’s computer just by exploiting that Source Engine vulnerability.

The specifics of the vulnerability were not disclosed, but The Secret Club did make it clear that on the victim’s end, all they need to do is accept an invitation to play a Source Engine game on Steam. After that, the hacker has full access to the victim’s PC to do with as they please.

Strangely, The Secret Club is also saying that Valve is preventing them from publishing the details of this vulnerability even though they’ve known about it for two years. And if they’ve known about it that long, then it’s a certainty that less scrupulous hackers know about it too.

On top of that, Valve still hasn’t fixed the exploit themselves even though The Secret Club told them about it years ago.

All we can suggest for now is that Steam users only accept invitations to play games from known friends and to be especially careful when accept game invites to Source Engine games.

Just remember that cheaters can get scammed just as easily as legit players. A recent Activision Blizzard report describes how Warzone cheaters were unwittingly downloading trojans onto their machines disguised as Warzone hacks. The worst part? People were even paying subscription prices for the privilege of having their computers hacked.

Next: Sony Reportedly Removing PS3 Game Patches Ahead Of Store Shutdown

  • Game News
  • Steam
  • Dota 2
  • Valve
  • Counter Strike: Global Offensive
  • CS:GO
  • Counter Strike

Actually a collective of 6 hamsters piloting a human-shaped robot, Sean hails from Toronto, Canada. Passionate about gaming from a young age, those hamsters would probably have taken over the world by now if they didn’t vastly prefer playing and writing about video games instead.

The hamsters are so far into their long-con that they’ve managed to acquire a bachelor’s degree from the University of Waterloo and used that to convince the fine editors at TheGamer that they can write “gud werds,” when in reality they just have a very sophisticated spellchecker program installed in the robot’s central processing unit.

Source: Read Full Article