UPDATED 12:21 EST / OCTOBER 18 2012

NEWS

ReVuln Discovers Vulnerability in Steam That Opens Gamers to Remote Exploits

The Steam gaming platform offers thousands of free and paid PC games to download. These include well-known titles such as Counter Strike, Half-Life or Fallout New Vegas. Many gamers use the Steam cloud service to comfortably and easily load games on the home PC. The platform has been established in recent years, but it makes hardly any user concerned about potential safety issues–after all, Valve is one of the more reliable cloud providers.

However, the close integration of cloud storage and home PC can also provide risk.  ReVuln, a startup research company focused on security vulnerabilities, recently revealed in a report that details exactly a potential weakness in the security system of Steam and Safari.

The company has analyzed the protocol by which the Steam servers communicate via a browser and execute commands. The researchers have encountered critical security issues, where an attacker could infect PCs without user intervention.

When you install the Steam client, it registered protocol handler “steam ://”. In short, it consists in the fact that some of the functions performed by the protocol from the selected web browsers are invisible to the user. Two most popular, Internet Explorer and Chrome present security warnings and show the URL, Firefox reports a confirmation but doesn’t show the URL; Opera presents a warning but only shows the first 40 characters of the URL and Safari will directly execute the program without warnings.

“Steam has become a major component of PC gaming,” says HackANGLE editor Kyt Dotson. “The discovery of vulnerabilities in this cloud-distribution gaming platform means that almost twenty-five million users could be affected by this exploit. Looking at previous hacks that affected Valve’s service directly, it’s in their best interest to get this one cleaned up quickly.”

At the moment it is not known how much this discovery represents danger or if Valve intends to take measures in this regard, however, users of Safari browser, which is installed by default in OS-X systems, would do well to start using any other to transact with Steam, since many of these include notifications that alert the user before opening any applications.

“All the browsers that execute external URL handlers directly without warnings and those based on the Mozilla engine (like Firefox and SeaMonkey) are a perfect vector to perform silent Steam Browser Protocol calls,” said ReVuln security researchers and founders Luigi Auriemma and Donato Ferrante. “Additionally for browsers like Internet Explorer and Opera it’s still possible to hide the dodgy part of the URL from being shown in the warning message by adding several spaces into the steam:// URL itself.”

The researchers also released a video in which they demonstrate how steam:// URLs protocol can be used to remotely exploit some vulnerabilities they observe in the Steam client and popular games.

It is true that Steam does not give hackers the tools to run these commands on the uninfected computers, but the oversight hacker can hide them. For example, the Steam protocol’s “retailinstall” command can be used to load a malformed TGA splash image file that can exploits a vulnerability in the Steam client to process malicious code.

This is not the first time that the cloud-based game delivery service Steam has been compromised. Back in November 2011, attacker hack their service and stole personal and financial information from a backup database. In the same month itself, the Steam’s forums again have been hacked.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU