So I think yesterday an exploit has been found that can make you download a RAT, that will steal your items from TF2, CS:GO, Dota and Steam, and then maybe even get you VAC'd.
Not sure if it affects TF2 or CS:GO, so look out joining random servers out there.
Source #1
Source #2
Source #3 (there's some post not related to that, but most of them are related)
So I think yesterday an exploit has been found that can make you download a RAT, that will steal your items from TF2, CS:GO, Dota and Steam, and then maybe even get you VAC'd.
Not sure if it affects TF2 or CS:GO, so look out joining random servers out there.
[url=https://www.reddit.com/r/Steam/comments/3jja73/source_2013_mp_base_file_upload_and_execution/]Source #1[/url]
[url=https://www.reddit.com/r/GlobalOffensive/comments/3jpyhh/do_not_join_unkown_cs_source_servers_via_ip/]Source #2[/url]
[url=http://facepunch.com/showthread.php?t=1483571&page=4]Source #3 (there's some post not related to that, but most of them are related)[/url]
tl;dr:
Games affected:
- Fistful of Frags
- Team Fortress 2 Classic
- Fortress Forever
- No More Room in Hell
- Vikings and Knights 2
- Possibly other Source 2013 mods.
Games believed to be unaffected:
- Team Fortress 2
- Counter Strike: Global Offensive
- Dota 2
- Garry's Mod
- Counter Strike: Source
Workaround:
- cl_allow download 0
- cl_allowupload 0
- cl_customsounds 0
- Disable sprays
tl;dr:
[u]Games [b]affected[/b][/u]:
[list]
[*] Fistful of Frags
[*] Team Fortress 2 Classic
[*] Fortress Forever
[*] No More Room in Hell
[*] Vikings and Knights 2
[*] Possibly other Source 2013 mods.
[/list]
[u]Games believed to be [b]unaffected[/b][/u]:
[list]
[*] Team Fortress 2
[*] Counter Strike: Global Offensive
[*] Dota 2
[*] Garry's Mod
[*] Counter Strike: Source
[/list]
[u]Workaround[/u]:
[olist]
[*] cl_allow download 0
[*] cl_allowupload 0
[*] cl_customsounds 0
[*] Disable sprays
[/olist]
flatlineteam fortress 2 classic
I know.
But still, it's better that people know that a mod can be affected by the exploit. Same with people that play CS:S or DOD:S, those are affected as well.
[quote=flatline]team fortress 2 classic[/quote]
I know.
But still, it's better that people know that a mod can be affected by the exploit. Same with people that play CS:S or DOD:S, those are affected as well.
i forgot what team fortress 2 classic was and thought the guy combined the two games into one
i forgot what team fortress 2 classic was and thought the guy combined the two games into one
This is the umpteenth Source exploit of this type. Everyone should already have been running with cl_allowdownload and cl_allowupload set to 0 by default and only setting those cvars when you absolutely need them and trust the server (even then, some of these exploits are player-to-player, so even if you trust the server you can get pwned). If you're playing with those set to 1, change your configs now.
Exploits like this have been out in the open for months without Valve fixing them, and sometimes the reported fixes get bypassed in a few weeks, so even when this gets fixed, keep those features disabled.
This is the umpteenth Source exploit of this type. Everyone should already have been running with cl_allowdownload and cl_allowupload set to 0 by default and only setting those cvars when you absolutely need them and trust the server (even then, some of these exploits are player-to-player, so even if you trust the server you can get pwned). If you're playing with those set to 1, change your configs now.
Exploits like this have been out in the open for months without Valve fixing them, and sometimes the reported fixes get bypassed in a few weeks, so even when this gets fixed, keep those features disabled.
flatlinei forgot what team fortress 2 classic was and thought the guy combined the two games into one
theres a mod named that and it's exactly that
[quote=flatline]i forgot what team fortress 2 classic was and thought the guy combined the two games into one[/quote]
theres a mod named that and it's exactly that
am i still at risk with cl_allowdownload 1, but cl_downloadfilter set to mapsonly?
am i still at risk with cl_allowdownload 1, but cl_downloadfilter set to mapsonly?
this is scary
i already had sprays/download/upload turned off, but that's still insane how people could find an exploit based on someone joining a server
this is scary
i already had sprays/download/upload turned off, but that's still insane how people could find an exploit based on someone joining a server
I only play CSGO and this doesn't affect csgo right? Or did someone figure out if it does
I only play CSGO and this doesn't affect csgo right? Or did someone figure out if it does
Red_I only play CSGO and this doesn't affect csgo right?
yttriumtl;dr:
Games believed to be unaffected:- Team Fortress 2
- Counter Strike: Global Offensive
- Dota 2
- Garry's Mod
- Counter Strike: Source
[quote=Red_]I only play CSGO and this doesn't affect csgo right?[/quote]
[quote=yttrium]tl;dr:
[u]Games believed to be [b]unaffected[/b][/u]:
[list]
[*] Team Fortress 2
[*] Counter Strike: Global Offensive
[*] Dota 2
[*] Garry's Mod
[*] Counter Strike: Source
[/list]
[/quote]
There's a reason to say believed. If anyone figured out if it worked/didn't I would like to know. Thank you for your input.
There's a reason to say believed. If anyone figured out if it worked/didn't I would like to know. Thank you for your input.
https://www.reddit.com/r/tf2/comments/3jte6e/got_hacked_3k_in_items_stolen_internet_is_down/