HUGE SECURITY EXPLOIT IN CS2 RIGHT NOW⚠️ This image has been going around reddit for the last few hours (very explicit, blurred for obvious reasons). People were saying it's fake, but it isn't. Apparently, there is a security exploit with Steam names inside CS2, which allows for people to change visual stuff inside the game with a simple HTML code linking an image. But this is not it, apparently you can also get the IP's of EVERYONE in the server using this method with the assist of an IP Logger. (Not going to show much or explain how for obvious reasons, but it is very easy) It's also speculated people could potentially do things like run code on your computer or get access to your steam account this way. I DID NOT see anyone do this, it's speculation from people who know much more than me. This should be fixed very fast but what a huge oversight from Valve, maybe it's better to just not open CS2 while this is not fixed. @CounterStrike
As I said in the tweet, the only thing confirmed is its possible to change ingame images with a line of HTML code, and you can get IP's from players Everything else is speculation and not confirmed (for eg, access your steam account) Will keep this thread updated w/ news
If you don't want to just take my word from it, here's an actual expert's opinion validating this issue: (📽️ @PirateSoftware)
@Ozzny_CS2 I honestly feel like its a big reach, running an image with the vote kick thing is one thing but running an whole ass ip grabber isn't as simple as running a single html line. But again not a game dev so I am not 100% sure I say 80% it isn't nothing but a quick fix.
Made a video talking about this exploit and most recent news. Watch ➡️ youtube.com/watch?v=aCbm_l…
@Ozzny_CS2 Chill bro everyone makes statements so fast now without fact checking them, at least say “possibly huge” because this still might be a troll