Steam/Source exploit found if you didn't know already

Discussion in 'Other Games' started by BossClaire, Sep 7, 2015.

  1. BossClaire

    BossClaire Please check information for contact details

    Messages:
    1,888
    Likes Received:
    1,156
    Quick return from the dead, woohoo. I'm actually surprised this hasn't been posted yet, so here we go.

    There is a bug that's going around with all Source games that use Source SDK 2013 Base and other related engines. It was found two days ago. The bug allows certain files to be downloaded onto your machine, which in most cases can now be a malware which will steal your Steam account, spam friends, and take everything in your inventory. It will ALSO V.A.C ban you. All Source games are considered vulnerable, so watch your sixes, guys.

    Affected games are as follows: TF Classic, [[MOD]]Fortress Forever, Counter-Strike: Source, Garry's Mod, (possibly) [[MOD]]Black Mesa: Source (Steam Edition), (Possibly) Left 4 Dead and Left 4 Dead 2, Fist Full of Frags, No More Room in Hell, Vikings and Knights 2. TF2, CSGO, and Dota 2 are patched, but still be alert.

    To prevent virus downloads, take these steps:

    1. Type these commands in console:

    cl_allowdownload 0
    cl_allowupload 0
    cl_customsounds 0
    cl_disablesprays 0


    2. Disable Custom Sprays in options.

    3. Play ONLY on Official Valve/Mod Developer servers.

    4. If you already played on a custom server (as of 9/5/2015), take these steps:

    Navigate to the main folder for the Source Game (ex, TF2 = tf, CSS = cstrike |C:\Program Files (x86)\Steam\steamapps\common\)
    Delete the "download" folder, or everything in it (Except readme.txt, if the folder has that.)

    5. Perform a complete malware scan on the following: everything before \Steam\steamapps\common and
    everything before \Steam\steamapps\common\Source SDK Base 2013 Multiplayer (if installed)

    The Steam reddit mods have reported the issue, so it'll be fine soon. Stay safe, stay paranoid.

    Relevant links:
    Valve New Network's summary of this storm:


    My source is from here (c)SyphenTV: http://undertowgames.com/forum/viewtopic.php?f=8&t=4786
    Addressing issue thread on Steam reddit: https://www.reddit.com/r/Steam/comments/3jja73/source_2013_mp_base_file_upload_and_execution/
     
    NoahMC, Morcov, Weeb and 1 other person like this.
  2. Morcov

    Morcov Furry|♥Zoroark♥|The everything man

    Messages:
    1,389
    Likes Received:
    1,826
    According to said video it was patched in TF2, CS:GO, & DOTA 2, so those games don't need this action done, although all other games on the source engine do.
     
  3. BossClaire

    BossClaire Please check information for contact details

    Messages:
    1,888
    Likes Received:
    1,156
    I said this:
     
  4. Morcov

    Morcov Furry|♥Zoroark♥|The everything man

    Messages:
    1,389
    Likes Received:
    1,826
    Oh, didn't see, sorry Dx