Counter-Strike 2 players urged not to play due to huge security issue

A series of tweets and Reddit discussions are urging players to avoid Counter-Strike 2, as a security breach has been found in CS2's code.

A man in a gas mask loads a gun wearing a bomber jacket with a union jack flag on it

As Counter-Strike 2 continues to thrive, unfortunately players have discovered yet another loophole in the Valve shooter’s backend coding. According to multiple sources across X (formerly Twitter) and Reddit, players can manipulate CS2’s code to, allegedly, access the IP addresses of everyone in their lobby, and in turn potentially alter code on their PCs.

Counter-Strike 2 is certainly having a pretty rough run at the moment. With a recent update accidentally unleashing a series of seemingly random VAC bans, and the shooter’s player count dropping to its lowest of the year, Valve’s classic FPS game has a lot of us reminiscing over the good ol’ days of CS:GO.

The worst, however, is apparently yet to come. As spotted by a Reddit user called ‘TryingToBeReallyCool,’ a new loophole in the game’s coding is allowing players to obtain the IP addresses of others in their lobby and, allegedly, “execute code on [their] machine.”

YouTube Thumbnail

In the Reddit thread, TryingToBeReallyCool writes “I won’t go into details, but there is a back door that allows other players in your lobby to execute code on your machine.

“I managed to find instructions after not too hard a search, and it’s super easy to pull off. I wouldn’t play the game for the next day or two until this gets patched, it looks both legit and very serious. Your machine could genuinely be at risk if attacked by this.” Note that the latter part of this comment is, at the time of writing, speculative.

A Reddit comment claiming that a huge vulnerability in the CS2 source code allows players to obtain and access data from other computers

CS2 content creator ‘Ozzny’ has also shared a series of images where, apparently using an IP logger, they claim to have obtained the IP addresses of the players in their lobby. This sentiment is echoed by CS2 skin trader ‘coco,’ and finally by Twitch streamer ‘PirateSoftware,’ who refers to themself as “a cybersecurity expert” and “a hacker” with 20 years of experience.

In the clip below, PirateSoftware states that he “wouldn’t play CS right now,” claiming that players are “100% vulnerable to [the exploit] until [Valve] fixes it… This is incredibly easy to pull off, and you don’t want this.” He goes on to refer to the exploit as “very serious,” and warns that its rapid spread on the internet will leave the game in jeopardy.

At the moment, Valve has not commented on this exploit, but PCGamesN has reached out for a statement, and will update this article if we receive any further information.

Until a fix comes through, I’d advise checking out our list of the best multiplayer games that you can play instead of CS2. Additionally, we have a rundown of other free Steam games, so that you won’t have to break the bank.

You can also follow us on Google News for daily PC games news, reviews, and guides, or grab our PCGN deals tracker to net yourself some bargains.