The CS.Money Hack: Biggest hack in CS:GO history
One of the most popular CS:GO skin trading sites has reportedly lost around $6M worth of CS:GO skins due to a hack attack.
On August 13th, 2022, Cs.Money got hacked and it was reported that $1.6 million worth of skins got stolen from the owners. However, this amount of money was not a full reflection of all the CS:GO skins that were stolen from CS.Money, as some of the Steam accounts were still missing. Today, on August 15th, one of the owners gave an update on TwitLonger about the CS.Money hack and revealed that the hackers had already stolen around $6M worth of CS:GO skins. There are currently around 30 accounts linked to the hackers, with more yet to be found. On the first day of their attack, the hackers managed to pull off around 1000 trades with 100 different Steam accounts.
“Last night we faced the biggest hack in the history of the service. As a result, our bots started sending skins to a large number of users. The attackers were well prepared and tried to inflict maximum damage, which already amounts to millions of dollars. One fact shows their level of preparation. Along with the hack, they sent small commercial offers to dozens of popular traders and influencers to distract them from ongoing transactions as much as possible.” – Cs.Money | Telegram CYBERSLOVO
How did the hackers get away with this?
The owners of CS.Money have established that the attack happened due to hackers gaining access to Cs.Money’s Mobile Authenticator files, which are used for Steam authorization. This means that the thieves had direct access to Cs.Money’s files and were allowed to control their trade bots without any issues. As a consequence of this, the CS.Money owners’ attempts to reset the authorization failed. When the hackers gained access to a bunch of CS.Money’s bots which contained valuable CS:GO skins, they started sending outgoing transactions left, right, and center. At first, the hackers only sent CS:GO skins to themselves, but later they mixed it up by sending plenty of offers to popular bloggers, traders, and regular users to hide their tracks. With this tactic, the hackers hoped to divert the attention, all while dragging innocent people in their skin-stealing scheme as well, in hopes of making it impossible to track them down.
It’s also worth mentioning that the hackers used Bot messages as another method to hide their tracks. When someone buys something from CS.Money and gets a trade offer from one of their bots, Cs.Money’s system generates an outgoing message automatically, which the buyer receives alongside the transaction on Steam. It appears that the hackers have generated a ton of fake messages mentioning other CS:GO trading platforms, which they sent with their trade offers. Their goal was most likely to get Cs.Money to think that the problem on the website had something to do with authorization on 3rd party platforms.
Will Valve do anything to resolve this?
Many of you are probably thinking that Valve should just be able to “undo” the trades and hand the items back to the owners. But that may not be the case, unfortunately. Cs.Money is a 3rd party marketplace, which means that they’re not supported by the guidelines of Valve. Therefore, it seems quite unlikely that CS.Money will have Valve’s support and help with undoing the trades. According to CS:GO skins market’s Batman-like figure and expert, zipeL, it’s also very unlikely that Valve will do anything to try to undo the trades. However, he stated: “I can guarantee you they will minimum ban some of these accounts that got skins.”
So, for Valve to intervene in this case and maybe undo the trades seems quite unlikely for now. There is a small possibility that the stolen skins will get banned, but that means that there will be a situation of many high-tier and rare skins being lost forever, and we would have to see how Cs.Money will be compensating their users. Nobody knows anything yet, but we will inform you as soon as there are new updates to the case. We’ll probably get to know something within the coming days.
In a TwitLonger, one of the owners stated that Cs.Money will “Prioritize returning skins and compensating the users once we have restored Cs.Money to a fully-functioning state”.
CS.Money’s website is temporarily down
The Cs.Money team is still working on resetting their password and MA files to invalidate the compromised authorization data. At the same time, they’re also doing their best to secure all the data critical to their services. This means that their platform has been temporarily shut down as a security measure and they will have to patch and secure the system before it can be brought back online.
Cs.Money have said that their support is always ready to answer any users of their concerns.