Reports: Counter Strike: Global Offensive bug allows PC hack
Image Credit: Bethesda
Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Counter Strike: Global Offensive bug
Image via Valve

Reports: Counter Strike: Global Offensive bug allows PC hack

In a report by Lorenzo Franceschi-Bicchierai of Motherboard, hackers can potentially take control of a person’s computer by having them click on a Steam invite to play Counter Strike: Global Offensive. According to researcher and Secret Club member Florian, hackers can use the invite bug to take over a victim’s computer.

Recommended Videos

The bug does utilize the Source engine, which is used for other Valve titles such as Team Fortress 2, Portal and Left 4 Dead. But, it may have been patched in other titles. The researchers have mainly focused their efforts on CS:GO.

According to Secret Club, Valve has known about the exploit for years and has been slow to announce changes.

“Two years ago, secret club member @floesen_ reported a remote code execution flaw affecting all source engine games. It can be triggered through a Steam invite. This has yet to be patched, and Valve is preventing us from publicly disclosing it.” Secret Club said in a Twitter post.

Secret Club is a not-for-profit reverse-engineering group that break games and expose flaws in game systems like this CS:GO bug. The group has been posting about the bug recently, claiming they have notified Valve about the issue.

How long has the Counter Strike: Global Offensive bug been in place

According to Secret Club, the organization alerted Valve over two years ago. Other people have also come forward to say they have contacted the company about the same issue.

“As you may know, @the_secret_club recently posted videos about Source Engine games RCE. I was also ignored by Valve for a year. Here’s the demonstration of my report. RCE can be achieved by connecting to a malicious server, then the chain will be completed when game is restarted.” Bien Pham, a software engineer for Shopee Singapore wrote.

Valve is notoriously slow when it comes to responding to community feedback and bugs in its systems. The Secret Club further claims other CS:GO bugs have been found and demonstrated that Valve has yet to address.

CS:GO is currently Steam’s most popular title in terms of players. The game has over 900,000 current players and peaked at 1,305,714 players in April.

Author
Image of Declan McLaughlin
Declan McLaughlin
Declan is an esports journalist and part-time editor for Upcomer. He is an avid gamer and League of Legends player. You can find him at the bottom of the leaderboard in most games or on Twitter.