Yesterday, a huge CS2 exploit was made public that allowed hackers to execute HTML code via their names and thus even access the IP of all players on the server via detours. This of course has fatal consequences for users and had to be fixed immediately by Valve.
Of course, we won’t go into the details of how it works in this article so that nobody gets any stupid ideas, and the exploit has apparently already been fixed by Valve.
A simple name change allowed hackers to execute HTML code on CS2 servers and thus change image data in the game. In a roundabout way, clever hackers were also able to gain access to players’ IPs and of course cause even more damage. According to reports, in the worst case it would even have been possible to execute code on the end user’s computer! However, this could not be confirmed and fortunately Valve reacted quickly by their standards and fixed the bug.
How can such errors occur?
The basic question now, of course, is how many people have suffered damage? If you have had a problem due to this hack, please contact Steam Support! Of course the next question is, how can a million dollar project like CS2 make such an amateurish mistake?
HUGE SECURITY EXPLOIT IN CS2 RIGHT NOW⚠️
This image has been going around reddit for the last few hours (very explicit, blurred for obvious reasons). People were saying it's fake, but it isn't.
Apparently, there is a security exploit with Steam names inside CS2, which allows… pic.twitter.com/lcQqsAB5Ba
— Ozzny (@Ozzny_CS2) December 11, 2023
Every programmer has certain “best practices”, i.e. things that you should never do wrong, including avoiding obvious “backdoors”, i.e. ways for hackers to obtain information from computers or servers that are not intended for them, or even to access the machines directly. Imagine someone leaves their front door open, it’s their own fault. But now imagine the apartment you are renting simply has no door at all, this is of course not normal and it is similar with programs. Above all, this exploit refers to the most rudimentary functions, which every reasonably experienced (and even beginners) know and for which there have long been special solutions so that they don’t become a problem.
Valve is simply lazy
It looks like Valve was simply lazy in this respect and neither programmed nor checked properly. Something like this simply shouldn’t happen to a giant company with a premium product and millions of players worldwide. We can live with the fact that we get an “end product” that needs improvement, but such easily avoidable problems clearly show that Valve has little love for CS. The cash cow is milked and just kept alive. But we are also a frugal community that is trained to put up with everything. So we can almost be glad that Valve rarely interferes in the meta, otherwise we would probably have a lot more chaos.
Similar posts
LoL Lunar Revel 2024 Event: Release Date, Battle Pass and More
With the end of the Winterblessed Event, Riot Games has announced a new event that will spice things up....
| 17. January 2024
MV3 in, VeeWise out for Blacklist International’s MPL-PH S13 roster
Albeit having no Royal Duo, the MV3 is back in the game, and ready to take charge for MPL...
| 21. February 2024
TI11 aftermath: Soniqs drops entire Dota 2 roster
Soniqs has dropped its entire Dota 2 roster following a disappointing performance at The Internationals 11. Dota 2’s biggest...
| 2. November 2022
ESL One Cologne EU: OG And Vitality Complete Playoffs List
With OG and Vitality, the two remaining playoffs spots for ESL One Cologne have been filled. While OG had...
| 26. August 2020
PEACE violates LCO rules and is removed from the league
A strange and unusual situation occurred recently in the LCO (League of Legends Circuit Oceania) when the league announced...
| 26. February 2023
FIFA 23 TOTY, Vinicius Jr. as an Honorable Mention in Ultimate Team
A set of honorable mention cards will soon be released for the FIFA 23 TOTY promotion, and there is...
| 26. January 2023