CS.MONEY has identified hacker who stole over $6 million in CS:GO skins heist

CS.MONEY has shared a detailed update in the hacking situation.

CSMONEY hack

Counter-Strike: Global Offensive has a very lucrative skin trading scene, with some weapon skins worth hundreds of thousands of dollars. Many skin collectors and traders use third-party websites to conduct their business, including a site called CS.MONEY.

But with so much money on the line, it’s no surprise that popular transaction sites like CS.MONEY are often targeted by greedy CS:GO hackers.

On Aug. 12, CS.MONEY reported over $6 million in skins were stolen by a hacker. Originally thought to be around $1.6 million, the CS:GO community acted with alarm when the skins were stolen and banned together to find the accounts involved and get the skins back. Now, CS.MONEY has an update on the situation.

CS.MONEY gives update on $6 million hack

In a TwitLonger, EX CORP’s chief communications officer said CS.MONEY was hacked by someone who stole the site’s MA-files and took control of some of their bots. The hacker had stolen around $6 million worth of skins.

“We decided to be upfront about the details of the hack,” he said.

“Firstly, we want the skin trading market to stop being treated as a “gray” zone, seen by the community as murky and non-transparent business. Being open about it is the best way to solve this problem. Secondly, we hope that our experience will help other market participants avoid similar problems.”

While the site wanted to be open about “past events,” they did not plan to share “future actions” since the hacker has continued to transfer skins to another account and they didn’t want the hacker to know their next moves.

According to CS.MONEY, the hackers gained access to a bunch of bots and started sending outgoing transaction offers to themselves and then accounts owned by popular bloggers and traders.

This was possibly done in an attempt to hide their tracks or divert attention.

At first, devs thought the site itself was getting hacked and they disabled authorization of all external devices and services.

They explained: “It’s also worth mentioning how they tried to hide their tracks with bot messages. When you buy something from one of our bots, our system generates an outgoing message automatically, which you receive from the bot alongside the transaction on Steam. The hackers appear to have generated a ton of fake messages mentioning other trading platforms, which they sent with their trade offers. Their goal was probably to get us thinking that the problem had something to do with authorization on 3rd party platforms.”

During the hacking spree, the hacker pulled off around 1,000 trades with about 100 user accounts in just one day. One-third of the $6 million in stolen skins were from the site’s users.

“We will prioritize returning these and compensating the users once we have restored CS.MONEY to a fully-functioning state. All of the skins that have been transferred are in trade-lock now, so they couldn’t have been moved further, and we hope to be able to get these back. Moreover, the community has been instrumental in identifying everyone who has received these skins,” developers said.

CS.MONEY developers established that the hack happened due to hackers gaining access to the site’s mobile authenticator files used for Steam authorization. Now, the CS.MONEY team is struggling to reset its passwords and MA files to “invalidate the compromised” data.

“This hack is a very good, albeit expensive lesson to us. But as they say, what does not kill me makes me stronger,” the CCO said.

The CS:GO community has largely rallied behind CS.MONEY, a passionate team of gamers. While many have continued to express that the site has jacked up prices, they tweeted that nobody deserves to get hacked.

EX CORP previously offered $100,000 to anyone that wants to assist the site in understanding how the hackers accessed the files. The team thanked the CS:GO community for its continued support in finding the hacker and preventing future hacks.