CS.Money, one of the biggest websites for trading CS:GO skins, has been compromised, with attackers looting over 20,000 items.
According to the chief communication officer at CS.MONEY, the platform was hacked by the attackers stealing their mobile authenticator files (MA) that were used for Steam authorization. This allowed them to take over their bots and steal over $6 million worth of CS:GO skins.
“We got hacked. By stealing our MA-files, someone took control over our bots. The hackers already stole around $6M worth of skins,” said Timofey Sobolevky, CS.MONEY’s head of public relations.
“I am consciously describing only the past events, talking about the hack and the damage estimates that have already happened, without disclosing our future actions,” he added. “It’s very difficult to make any promises of forward-looking statements in the present situation, while the security exploit has not been fixed.”
Following the attack, the website has been taken offline. However, the attackers managed to carry out 1,000 transactions with just 100 user accounts during the first day of the attack.
The platform has been down since Aug 13, with the following message greeting any users who want to visit it:
According to an ongoing investigation, the attackers tried to hide their tracks using bot messages, generating fake ones alluding to third-party platforms “to get us thinking that the problem had something to do with authorization on 3rdparty platforms.”
CS.MONEY also thanked the CS:GO community for alerting them to suspicious trade offers.
The platform also said it will prioritize skin returns and compensation once it can restore its systems. Until then, CS.MONEY is providing a bounty of $100,000 for forensic analysis of the attack to help them understand how the malicious actors infiltrated their systems.
“We will prioritize returning these and compensating the users once we have restored CS.MONEY to a fully-functioning state,” said Timofey Sobolevky, CS.MONEY’s head of public relations. “All of the skins that have been transferred are in trade-lock now, so they couldn’t have been moved further, and we hope to be able to get these back. Moreover, the community has been instrumental in identifying everyone who has received these skins.”
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsNovember 14, 2024
September 06, 2024