A critical system vulnerability has enabled malicious actors to compromise and reset multiple player accounts.
Recently, a number of Escape from Tarkov players were abruptly disconnected from their sessions. While server instability is not unheard of, the situation took a dark turn when players reconnected only to find their entire character progress had been completely erased.
Initial community theories suggested a massive database breach. However, technical analyst Chilljones1125 revealed a much simpler truth: the security measures implemented by Battlestate Games were fundamentally flawed and easily bypassed.
“This is an incredibly amateurish oversight and a massive security flaw on BSG’s part. No data was actually compromised or leaked; it is strictly a login bypass exploit.”
Investigations revealed that the Steam OpenID authentication system failed to adequately verify digital signatures and return signals from Steam’s servers.
Exploiting this loophole, attackers were able to spoof the response URL from Steam and replace it with the ID of any account they wished to hijack. Because the exploit occurs at the authentication handshake level, even two-factor authentication (2FA) offered no protection.
Consequently, any Escape from Tarkov players who had linked their profiles to Steam were vulnerable to these targeted account wipes.
Source: iXBT.games