Cyberpunk 2077, one of the most successful and controversial games of recent years, maybe exploited to get into the system because of a bug.
A security hole in Cyberpunk 2077 allows hacking your computer
CD Projekt Red, creators of one of the best-selling games worldwide in 2020, Cyberpunk 2077, has issued a warning to players about the possibility of it being used to hack computers.
This is just the latest in a long list of controversies related to what was one of the most anticipated games of recent years; After creating the popular The Witcher saga, CD Projekt established itself as one of the most important developers in the industry.
The first few hours were good, with Cyberpunk 2077 crashing Steam due to the number of players downloading the game; But it didn’t take much longer to realize the state the code was in. Cyberpunk 2077 was one of the fiascos of 2020, due to the number of bugs and performance issues it had, especially on consoles.
Bug in Cyberpunk 2077
Although these problems are gradually disappearing with the arrival of more ‘patches’, and although CD Projekt has already presented a roadmap to leave the game as it should have been from the beginning, it is undeniable that the damage is done.
The latest bug discovered is more serious, because it does not affect gameplay or performance, but user security. CD Projekt Red has confirmed to Eurogamer the existence of a vulnerability in the code that would allow an attacker to take control of the computer.
The problem lies in the way the game allows the use of ‘mods’, modifications created by fans that allow them to introduce more content or implement changes to the game. Many titles, such as The Elder Scrolls V: Skyrim, remain popular years after their release, thanks to the number of ‘mods’ that exist.
Insecure mods
It was PixelRick, a modder or mod creator, who raised the alarm when he discovered that mods could be used to run malicious code on the computer, taking control of the computer without the user being able to do anything.
When Cyberpunk 2077 reads a save game, it is possible to create a buffer overflow, which allows a file that is not executable to run in memory.
The victim would only have to download a ‘mod’ or a saved game that has been modified by a stranger and install it like any other; When running the game, the malicious code is also executed.
Although details about this vulnerability are scarce, the developers have confirmed its existence and thanked the community for their work in discovering it. At the same time, it has clarified that it is a “difficult to exploit” flaw, and describes it as “a vulnerability of the game, and not of human nature”.
Although CD Projekt Red is already working on a fix for the next update, it warns users to take special care when installing ‘mods’ in their game for the time being. As always when downloading files from the Internet, it is important to avoid obtaining them from unknown sources.
