As Counter-Strike 2 continues to thrive, unfortunately players have discovered yet another loophole in the Valve shooter’s backend coding. According to multiple sources across X (formerly Twitter) and Reddit, players can manipulate CS2’s code to, allegedly, access the IP addresses of everyone in their lobby, and in turn potentially alter code on their PCs.
Counter-Strike 2 is certainly having a pretty rough run at the moment. With a recent update accidentally unleashing a series of seemingly random VAC bans, and the shooter’s player count dropping to its lowest of the year, Valve’s classic FPS game has a lot of us reminiscing over the good ol’ days of CS:GO.
The worst, however, is apparently yet to come. As spotted by a Reddit user called ‘TryingToBeReallyCool,’ a new loophole in the game’s coding is allowing players to obtain the IP addresses of others in their lobby and, allegedly, “execute code on [their] machine.”
In the Reddit thread, TryingToBeReallyCool writes “I won’t go into details, but there is a back door that allows other players in your lobby to execute code on your machine.
“I managed to find instructions after not too hard a search, and it’s super easy to pull off. I wouldn’t play the game for the next day or two until this gets patched, it looks both legit and very serious. Your machine could genuinely be at risk if attacked by this.” Note that the latter part of this comment is, at the time of writing, speculative.
CS2 content creator ‘Ozzny’ has also shared a series of images where, apparently using an IP logger, they claim to have obtained the IP addresses of the players in their lobby. This sentiment is echoed by CS2 skin trader ‘coco,’ and finally by Twitch streamer ‘PirateSoftware,’ who refers to themself as “a cybersecurity expert” and “a hacker” with 20 years of experience.
In the clip below, PirateSoftware states that he “wouldn’t play CS right now,” claiming that players are “100% vulnerable to [the exploit] until [Valve] fixes it… This is incredibly easy to pull off, and you don’t want this.” He goes on to refer to the exploit as “very serious,” and warns that its rapid spread on the internet will leave the game in jeopardy.
At the moment, Valve has not commented on this exploit, but PCGamesN has reached out for a statement, and will update this article if we receive any further information.
Until a fix comes through, I’d advise checking out our list of the best multiplayer games that you can play instead of CS2. Additionally, we have a rundown of other free Steam games, so that you won’t have to break the bank.
This story originally appeared on PC Gamesn