Table of Contents
Not long ago, a report by Lorenzo Franceschi-Bicchierai revealed that a Counter-Strike Steam bug allows hackers to take control of a user’s PC. It is a terrifying thing for those who have sensitive information on their PC. If you’re just a casual gamer, you might think it’s this bug would not influence you. But who knows?
If you read this article, you will know everything about the Counter-Strike Steam bug that allows hackers to get inside people’s PCs related to the Steam invite feature.
Valve’s Passive Approach
The dangerous exploit mentioned above utilizes the Source engine. What is interesting, this game engine is used by Team Fortress 2, Left 4 Dead, and Portal. It is not yet clear whether or not the bug works for any of those games, but it does work for Counter-Strike: Global Offensive.
Valve has been heavily criticized since the bug appeared. Not just because they’re a huge corporation and should take better care of their users, but also because they did not dedicate the necessary resources to take care of the problem as soon as it became public.
Normally, you would think that a company valued at more than $7 billion would invest a bit of money in Steam bug bounty contests or even launch a bug bounty platform and have everything fixed. After all, there are more than 120 million people use this software to play video games and their safety is at stake.
Given the circumstances, launching a bug bounty program to fix reported vulnerabilities in CS:GO should be a top priority for Valve. But it isn’t.
Read Also: What is the Cheapest CS:GO Knife You Can Buy?
The Person Who Discovered the Bug
The first time Valve put on guard about the issue was in June 2019. The person who said “please fix the Steam bug, please!” was a security researcher known as @floesen on Twitter. His name is Florian. And this guy is interested in reverse engineering and low-level development.
He noticed the security issue that most of us will never recognize. So his input should have been the starting point for Valve’s investigation. But Valve didn’t try that hard to fix the problem. They applied a “don’t know, don’t care, didn’t happen” approach.
The security researcher alerted Valve about the issue years before reports started to emerge that the problem existed and Valve was not taking care of it.
Florian wasn’t the only one who told Valve about their bug and asked them to fix it. Others tried, but the result was the same. Valve ignored their complaints for a long time, leading the community to believe that they don’t know how to handle the problem.
A group named Secret Club, which specializes in reverse engineering and hacking into software has reported that they attempted several times to warn Valve about the issue and other issues. They even presented to Valve the game-specific remote code execution utilized by the hackers to take control of the victim’s computer.
But every time company refused to take action or even heed their warning. Nobody knows how many people the exploit affects every month. But it’s probably quite a few of them.
Other CS:GO Bugs
The Counter-Strike Steam bug that allows hackers to take control of a user’s PC is not the only bug that affected Counter-Strike in the last several years. Another bug, which gained a lot more popularity, has nearly compromised the game’s integrity.
In the professional CS:GO scene, it is worth mentioning Counter-Strike coaching bug scandal. Because it triggered a massive scandal in the esport. ESIC launched the investment to tackle the problem. And many people were sanctioned as a result. The number of coaches involved in the scandal was staggering: around 100.
What this bug did is quite shocking. It allowed coaches to receive access to the various parts of the map their team is playing on and then inform their team about the opponent’s movements. In essence, it was the Counter-Strike: Global Offensive version of StarCraft 2’s maphack. So it raised a huge question mark. Nobody knows how many games used it.
When such a big bug is discovered, Valve looks like a start-up created by amateurs. And it’s depressing to see this company fail so hard at basic things.
In almost every other way, Valve Corporation has behaved like a saint. And its reputation is far better than that of Activision-Blizzard and Riot Games. But mistakes like this can have a visible impact on its brand. And it won’t be long before the CS:GO community starts to wake up.
More recently, Valve was asked to take care of the bot problem in Team Fortress 2. This game has been hugely popular for the past 15 years and millions still play it. It’s bizarre to see such a great game being destroyed by such a small gaming problem.
Players have been complaining for years that Valve should intervene and years later, the company finally responded and promised to take action: “We hear you!”, they said. But the measures they’ve taken so far have been a complete disappointment. Moreover, the bot Steam problem has not gone away. Valve’s response to the issue has been futile.
The same is true for the Counter-Strike Steam bug that allows hackers to take control of people’s PCs. Years later, it is still unresolved and the company seems to have forgotten about it. There’s no clear sign that a solution is currently underway.
Nobody at Valve bothers to communicate with the Community in a transparent way. When we are talking about the issue with an online chat, the company seems to be living under a rock.
All we have at this point are guesses about what might come next. But month after month, many issues persist. And even new ones are arising. People have given up all hope in Valve’s ability to tackle the problems or change its philosophy concerning what has come to be known as the “hands-off approach”.
If Valve admitted its inability to deal with critical bugs reported by the community and hire a team of security researchers and experts, everyone would be happier.
The problem has not been solved. And yes. If you’re playing CS: GO on Steam, you are vulnerable to hacks. The odds of this happening are slim, just because the game has more than 10 million active players. But it could happen. And Valve’s slow response times only encourage hackers to act with more impunity.