Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware

guest · Mar 13, 2019

Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware
Dr.Web: 39 percent of all Counter-Strike 1.6 servers were malicious and tried to infect users with malware
March 13, 2019
https://www.zdnet.com/article/malic...-used-zero-days-to-infect-users-with-malware/

Security researchers have discovered a network of malicious Counter-Strike 1.6 multiplayer servers that exploited remote code execution (RCE) vulnerabilities in users' gaming clients to infect them with a new malware strain named Belonard.

The network has been shut down, researchers from Russian antivirus firm Dr.Web said in a report published on Monday.

The entire operation relied on proxy multiplayer servers that enticed users to connect to them because of low ping values.
When CS1.6 gamers connected to these proxy servers, they'd be redirected to malicious ones that used one of four RCEs (two in the official CS1.6 game and two in a pirated version) to execute code and plant the Belonard malware on their PCs.
Click to expand...

Report: Study of the Belonard Trojan, exploiting zero-day vulnerabilities in Counter-Strike 1.6 (PDF - 2.20 MB):
https://st.drweb.com/static/new-www/news/2019/march/belonard_trojan_en.pdf

guest · Mar 24, 2019

Steam vulnerability exposed users to account hijacking and malware
March 21, 2019
https://thenextweb.com/apps/2019/03/21/valve-steam-vulnerability-malware-steal/

The security kink resided in Steam‘s server browser functionality – which lets players look up severs for a number of games (including hit titles like CS:GO, Half-Life 2, and Team Fortress 2) – according to a HackerOne vulnerability disclosure made public on March 15.

To make matters worse, it was possible to combine this vulnerability with others to make the attack vector even more efficient. “This vulnerability can be chained with another memory leak vulnerability to make it 100 [percent] reliable,” the researchers added.
Don’t sweat it though, Valve has confirmed the flaw has since been patched on Windows, OS X, and Linux.

The disclosure report shows the researchers first outlined the issue last December. In return for their efforts, Valve awarded them with a $15,000 bug bounty and an additional $3,000 bonus. Not a bad payday.
Click to expand...

Log in or Sign up

Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware

guest Guest

guest Guest

Log in or Sign up

Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware

guest Guest

guest Guest

Useful Searches