Published
12 Apr, 2021
Hack-hunting group Secret Club have revealed multiple exploits affecting Source Engine games like CS:GO, which could allow hackers to steal player data via Steam invites and community servers. They claim they reported one of these exploits to Valve two years ago, but not only are the company yet to patch it, but they allegedly prevented Secret Club from publicly disclosing the information too.
Secret Club are a not-for-profit reverse engineering group who've found a number of exploits with Valve's software, which they explain in a series of posts on Twitter. Each of these exploits are remote code execution flaws, which allow hackers to remotely trigger commands on someone else's machine, letting them subject it to malware, nab data, or do other illegal things. Below they show how the exploit can be activated through Steam invites.