Grand Theft Auto (GTA) Online players are reporting loss of game progression, theft of in-game money, and being banned from game servers due to a suspected vulnerability in the PC version of the game.
GTA Online is the multiplayer version of Rockstar Games’ acclaimed action-adventure game series, originally released in October 2013, with new content added via free title updates.
Apparently a new “remote code execution” vulnerability in the PC game client has been abused by the developer of the ‘North’ Grand Theft Auto V cheat to remotely change player account attributes (like zero their money balance), corrupt accounts and even ban players from the game.
According to user reports, the exploit can affect even players who are not in the same multiplayer lobby as the attackers, so anyone, as long as they are online, is susceptible to attack. .
According to a changelog seen by BleepingComputer, cheat developer North GTA Online added these “new features on January 20, 2023, as part of their 2.0.0 release.
This alleged vulnerability has been given a CVE and is being tracked under CVE-2023-24059.
Cheat developer North GTA Online removed these abusive features on January 21, apologizing for the chaos it caused.
“Removed badsport/corrupted account for gamers (bad judgment on my part for adding this audience),” reads a changelog for the North cheat.
“Removed taking money from player (poor judgment on my part for adding this audience).”
Unfortunately, the reversal comes too late, as the issue has already affected many players.
The Rockstar Games support forums have been flooded by reports of users claiming to have experienced account issues since the cheat was posted.
Not sure about playing on a PC
Although Rockstar Games has yet to release an official announcement on the situation, the developers and people in this space claim that the exploit is a “remote partial code execution” flaw and could extend to violation not only of GTA Online accounts, but also of computer security. run the game.
Here’s what it looks like if your account is “corrupted” due to the recent RCE exploit on PC. Basically, you’ll get stuck in the clouds indefinitely when trying to get online.
— ground ball (@Fluuffball) January 21, 2023
A Twitter user, Tez2, who follows Rockstar Games closely, declared that users should avoid playing the game without a firewall rule, or better, not play it at all.
A temporary fix for corrupted accounts that seems to have worked for some players is to delete the “Rockstar Games” folder from the Windows Documents folder, then reload the game to refresh the profile data.
BleepingComputer has not tested this method, so proceed at your own risk.
Speyedr, the developer of a custom GTA V firewall tool dubbed ‘Guardian’, has warned that attackers are close to finding a full remote code execution path for the newly emerged exploits.
However, Speyer warned that Guardian must be configured properly to protect users from the exploit and advises Windows users not to play the game until the bug is fixed.
“Just to reassure everyone – Guardian still works, and this new exploit does not bypass Guardian one way or another”, tweeted Speyedr.
HOWEVER, the risk of a user (especially newbies) misconfiguring Guardian in a way that does not protect them is too high for such a dangerous exploit.”
BleepingComputer has contacted Rockstar Games to comment on these issues, but we are still awaiting a response from the game publisher.
Until there is an official fix to the issues by Rockstar Games, it would be advisable to avoid running the game on PC, especially if you have made significant progress or spent a lot of money on it.