Serious TF2 & CSGO Source Code Leaked

[alex]

I've changed the title of the thread to reflect what actually happened.

 

[Trains]

I've changed the title of the thread to reflect what actually happened.

now we know most of this is bullshit then - and regardless, doesn't effect gmod - we can chill

im almost worried that a lot of people aren't gonna come on now because they're worried, not everyone is gonna see this thread or that tweet

 

[alex]

now we know most of this is bullshit then - and regardless, doesn't effect gmod - we can chill

im almost worried that a lot of people aren't gonna come on now because they're worried, not everyone is gonna see this thread or that tweet

It might affect GMod but likely no more than it's already affected by people who find exploits anyway. I wouldn't be worried about it.

 

[aperson]

 

[abcdefg]

this leaked code was leaked years ago. im not sure if you guys play tf2, but there was some cathook hack that exploited this leaked code like 2-3 years ago. I assume the hackbots that plague TF2 casual now abusing in a similar fashion.

the same guy who made the cathook hack is the person who fucking started this RCE fearmongering bullshit. if RCE was possible, it would have been done and known a while ago.

on another note, i've spent 1000s of hours in tf2 and it's a game i'm passionate about and i love playing competitively, so it's honestly really sad to see it deteriorate in the manner and to the degree it has done, all because it's been neglected and because the dev team have made really poor decisions when they did update the game. casual is so much worse than quickplay used to be, and community servers with an actual community (im talking about community servers that aren't as possible as fragmasters) are so few and far between. the hackbots were the final nail in the coffin for me, and i rarely touch this game for anything other than rocketjumping, MGE, or competitive PUGs

 

[Ond]

the big sleep: electric boog

 

[Moth Man]

If you're paranoid like me, Malwarebytes will let you use their premium thing for 2 weeks and two weeks should be enough for anyone to develop an exploit get caught and have it patched. If something tries to put a virus on your comp or pull information off you it "should" catch it. They claim it is "real-time virus protection" so it should nip nefarious things in the bud.

I am not a cybersecurity man, but the people at my dad's work use it and it appears to be good enough.

EDIT: I don't think you have to sign up or have an account or anything for the free trial.

 

[alex]

If you're paranoid like me, Malwarebytes will let you use their premium thing for 2 weeks and two weeks should be enough for anyone to develop an exploit get caught and have it patched. If something tries to put a virus on your comp or pull information off you it "should" catch it. They claim it is "real-time virus protection" so it should nip nefarious things in the bud.

I am not a cybersecurity man, but the people at my dad's work use it and it appears to be good enough.

EDIT: I don't think you have to sign up or have an account or anything for the free trial.

Yeah... no.

 

[Moth Man]

Yeah... no.

Is it bad?

 

[Dalekfodder]

If you're paranoid like me, Malwarebytes will let you use their premium thing for 2 weeks and two weeks should be enough for anyone to develop an exploit get caught and have it patched. If something tries to put a virus on your comp or pull information off you it "should" catch it. They claim it is "real-time virus protection" so it should nip nefarious things in the bud.

I am not a cybersecurity man, but the people at my dad's work use it and it appears to be good enough.

EDIT: I don't think you have to sign up or have an account or anything for the free trial.

bro...

is this an ad

 

[Moth Man]

bro...

is this an ad

No...?

 

[Ibarra]

If you're paranoid like me, Malwarebytes will let you use their premium thing for 2 weeks and two weeks should be enough for anyone to develop an exploit get caught and have it patched. If something tries to put a virus on your comp or pull information off you it "should" catch it. They claim it is "real-time virus protection" so it should nip nefarious things in the bud.

I am not a cybersecurity man, but the people at my dad's work use it and it appears to be good enough.

EDIT: I don't think you have to sign up or have an account or anything for the free trial.

I don't think an anti-virus program is gonna catch an exploit of that degree, or at all. Appreciate you for trying to help though, think as long as people stay away from the targeted games, they'll be alright.

 

[Moth Man]

I don't think an anti-virus program is gonna catch an exploit of that degree, or at all. Appreciate you for trying to help though, think as long as people stay away from the targeted games, they'll be alright.

Oh well, I thought it might help. But I went on the server and I didn't get nuked today so I'm assuming we're still probably fine. But it did say Gmod was a trojan when I started it so I think its probably kinda retarded.

 

[Zombine]

at best it would find if a registry key is modified or if something gets installed
but the nature of remote code execution is that it runs under the program you're already allowing on your computer.
malwarebytes or any antivirus scans existing code in an executable and classifies it, but with RCE the malicious code isn't part of the program, it's sent from somewhere and then your game executes it.

 

[Moth Man]

at best it would find if a registry key is modified or if something gets installed
but the nature of remote code execution is that it runs under the program you're already allowing on your computer.
malwarebytes or any antivirus scans existing code in an executable and classifies it, but with RCE the malicious code isn't part of the program, it's sent from somewhere and then your game executes it.

So is there anything we can actually do to protect our pcs?

 

[Zombine]

So is there anything we can actually do to protect our pcs?

well as it was probably mentioned, Valve has specified the leaks are from earlier game versions and it's likely they've already patched it.
Their official advice was to only play on valve-provided servers.

With the advent of the code being made public it will certainly spur them to begin fixing their games in a more timely fashion, so, for now, you should probably just avoid TF2 if you're not confident that official servers are safe.

 

[Moth Man]

well as it was probably mentioned, Valve has specified the leaks are from earlier game versions and it's likely they've already patched it.
Their official advice was to only play on valve-provided servers.

With the advent of the code being made public it will certainly spur them to begin fixing their games in a more timely fashion, so, for now, you should probably just avoid TF2 if you're not confident that official servers are safe.

Well I don't care a out those is nebulous and gmod safe?

 

[Zombine]

Well I don't care a out those is nebulous and gmod safe?

The leaked code was for TF2 and CS:GO, why would it have anything to do with Garry's Mod?
Even if it did, GMod runs on a very different version of the engine and the vulnerability is probably just TF2 specific.