Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Image via KnowYourMeme

Source code for CS:GO and Team Fortress 2 leaked, putting players in danger of exploitation

Players need to be careful when deciding to play or not.
This article is over 4 years old and may contain outdated information

The source code for CS:GO and Team Fortress 2 leaked earlier today on 4chan. This has caused many people to recommend that players should avoid playing either game since it could put them in danger of exploitation. 

Recommended Videos

Since the source files are now available, many hackers will likely be messing with the online servers, which in turn could impact millions of players who access either game’s online modes. 

The source code in question is from 2017-18, which was previously made available to Source engine licensees to use. But even though the code is from an older model, the files inside could lead to advanced exploits being developed for both titles. 

Valve has yet to comment on the leak, but multiple community-run servers for TF2, like Creators.TF and Red Sun, have announced that they’ll be shutting down all operations until something is done to counter potential exploitation. Reddit moderators on r/tf2 and r/counterstrike are recommending that players completely avoid playing either game, at least until Valve responds. 

These measures are being pushed to try to keep players safe from any Remote Code Execute (RCE), which has been used in the past to push viruses, turn on aimbot for any player, or delete inventory items through the servers.

“Basically you are significantly more vulnerable in multiplayer matches,” an r/tf2 moderator said. “It is definitely possible that someone could install a virus on your machine by just being in the same server. Your items and steam profile could also be targeted. For your own safety we would advise that you hold off playing until this problem has been resolved. I do not know how long that will be but we will keep you posted.”

https://twitter.com/nikkehtine/status/1253008470657335296

Until an official statement is made by Valve, it’s recommended that CS:GO and TF2 players avoid playing online or booting up the game entirely, if possible. There haven’t been any confirmed RCE attempts yet, but it’s better to proceed with caution.

Update April 22 4:45pm CT: Valve posted an update from the official CS:GO Twitter account about the leaked source code, saying that it hasn’t found “any reason for players to be alarmed or avoid the current builds.”

“We have reviewed the leaked code and believe it to be a reposting of a limited CS:GO engine code depot released to partners in late 2017, and originally leaked in 2018,” Valve said. “As always, playing on the official servers is recommended for greatest security. We will continue to investigate the situation and will update news outlets and players if we find anything to prove otherwise. In the meantime, if anyone has more information about the leak, the Valve security page describes how best to report that information.”


Dot Esports is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
Author
Image of Cale Michael
Cale Michael
Lead Staff Writer for Dota 2, the FGC, Pokémon, Yu-Gi-Oh!, and more who has been writing for Dot Esports since 2018. Graduated with a degree in Journalism from Oklahoma Christian University and also previously covered the NBA. You can usually find him writing, reading, or watching an FGC tournament.