Security News

Valve introduces SMS-based confirmation to prevent malicious games on Steam
2023-10-17 13:31

Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to "Validate" new builds with a confirmation code received via SMS. The Steam SMS confirmation requirement. Valve sent out notices last month to select users to inform them that they may have been infected with malware after playing a specific game via Steam.

Valve “honeypot” used to ban 40,000 Dota 2 players using cheat
2023-02-23 19:45

Game developer Valve has announced that it permanently banned more than 40,000 accounts for using cheating software to gain an unfair advantage over other players in the Dota 2 game. The cheat gave players access to internal client app information that is not visible during normal gameplay, thus obtaining a competitive advantage.

Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets
2021-08-16 20:50

A security researcher helped Valve, the makers of the gaming platform Steam, plug an easy-to-exploit hole that allowed users to add unlimited funds to their digital wallet. Steam Wallet funds are exclusive to the Steam platform and are used to purchase in-game merchandise, subscriptions and Steam-related content.

CS:GO, Valve Source games vulnerable to hacking using Steam invites
2021-04-12 20:44

A group of security researchers known as the Secret Club took to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. Exceptions are games built with Source 2 or those that run a modified version of the Source engine, like Titanfall.

4 security bugs discovered in games on Valve's Steam platform
2020-12-10 16:42

Check Point Research has identified four vulnerabilities in the network library of Steam, the online platform from game developer Valve that is used by 25 million users to connect together at peak time to buy, play, create, and discuss PC games. An attacker could have used the security flaws to remotely crash an opponent's game client and potentially take over a gamer's computer and hijack all computers connected to a third-party game server.

Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games
2020-12-10 08:37

Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even perform a 'nuclear rage quit' and crash the Valve game server to end the game completely," Check Point Research's Eyal Itkin noted in an analysis published today.

Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak
2020-04-23 17:45

The discovery of leaked source code for two popular games - Counter-Strike: Global Offensive and Team Fortress 2 - has led to security concerns and even calls for gamers to uninstall the software from their computers. The developer and publisher of the two games, Valve, is downplaying the source-code leak, saying it does not see "Any reason for players to be alarmed or avoid the current builds." In a statement posted on the CS:GO and Team Fortress 2 Twitter accounts, Valve said the source code in question is older, dating to 2017 - and that it was already part of an existing leak from 2018.

Valve Source Engine, Fortnite Servers Crippled By Gafgyt Variant
2019-10-31 13:00

Servers hosting Valve Source Engine and popular games like Fortnite are targeted by a new variant of the Gafgyt botnet.

Steam cleaned of zero-day security holes after Valve turned off by bug bounty snub outrage
2019-08-22 23:14

Security bod may be invited back into vuln reward program, Half-Life 3 still ain't happening Games giant Valve is attempting to make nice with the infosec bod who disclosed zero-day exploits for...

Steam cleaned of zero-day security holes after Valve turned off by bug bounty snub outage
2019-08-22 23:14

Security bod may be invited back into vuln reward program, Half-Life 3 still ain't happening Games giant Valve is attempting to make nice with the infosec bod who disclosed zero-day exploits for...