A vulnerability in Valve’s Source Engine allowed hackers to take control of gamers’ PCs. According to OneUpSecurity, hackers targeted games such as CS:GO, Left 4 Dead 2, and Team Fortress 2 as vessels to inject malicious code. The culprits used custom assets in user-created maps to carry the malware. In fact, tests triggered the code by killing the player’s character. That’s just plain mean.
OneUpSecurity’s Justin Taff reported on the exploit last week. The researchers made Valve aware of the issue prior to publication, though. Taff revealed that the “Source SDK contained a buffer overflow vulnerability which allowed remote code execution on clients and servers”. Taff tested the vulnerability by creating a custom ragdoll model: triggering the ragdoll animation by killing a character would execute the malicious code. Double-owned.
Thankfully, Taff reports that Valve “swiftly” patched the Source vulnerability. He adds, though, that exploiting games to spread malicious code is an increasing danger. Of course, the perceived lack of risk means many don’t consider games to be a potential medium for viruses. Taff warns gamers to not install games on work devices and restrict gaming machines to untrusted networks. Air-gaps between public and private networks are also potentially exploitable, he says.
Just a few hours after its release on Steam alone Manor Lords has already managed…
FORTY YEARS OF WRESTLEMANIA WrestleMania is the biggest event in sports entertainment, where Superstars become…
FHD 1080P & 44MP & Anti-Shake: This digital camera with Full HD 1080P resolution and…
Clicky switches designed to be precise and responsive for gaming High actuation force paired with…
Product seriesProduct Series/FamilyROG StrixColourPrimary ColourBlackSecondary ColourGreyStorage PortsM.2 PCIe 4.0 x43SATA 6G (internal)4M.2 PCIe 2.0 x24Internal…
Compact and stylish Mini-ITX case Clearance for 315mm GPUs with up to three slots PCIe…