When it comes to Team Fortress 2 (TF2), the developer community has always taken advantage of the game’s accessibility. For years, fans have taken apart game files to modify TF2. From custom HUDs to changing hit sounds, being able to strip down Valve’s beloved shooter to its bare bones has given developers the opportunity to learn and create. However, today news broke via Reddit and Twitter of TF2 and CSGO (Counter-Strike: Global Offensive) source code allegedly leaking.
The code dates to CSGO‘s Operation Hydra and Team Fortress 2‘s last major update, Jungle Inferno. The entirety of the game’s code and an unreleased source mod are reportedly packaged inside a downloadable torrent. Although this isn’t current code that has leaked, having source code to two Valve games out in the open could potentially lead to security risks for players of those games. Valve has yet to issue any statement about the legitimacy of the leak.
If it can happen, it will happen
Programmer and developer 2Eggs among others has warned that malicious parties may use a remote code execution (RCE) to access players with TF2 installed on their computer. RCEs allow a party to access and make changes to someone’s computer without their consent.
Furthermore, 2Eggs follows up his thread by posting screenshots and videos from Reddit. The images depict a user’s command prompt opening by itself alongside an in-game alert.
Reports suggest the images are fake, but 2Eggs emphasizes that there is indeed an RCE exploit active in TF2. About how long the Valve exploit has affected users, 2Eggs shared with Daily Esports that the source code was leaked some time ago, but the exploit was just revealed today.
Better safe than sorry
Until Valve makes an official statement, the best thing players can do right now is not play TF2 until further notice. Moreover, it’s unclear the extent to which CSGO may be affected by these exploits. While the community says CSGO is safe, be wary of any activity in both games.