GTA V Online for PC exploit; CVE-2023-24059

[Ink]

Content source

https://www.bleepingcomputer.com/news/security/gta-online-bug-exploited-to-ban-corrupt-players-accounts/

Reportedly, a new "remote code execution" vulnerability in the PC game client was abused by the developer of the 'North' Grand Theft Auto V cheat to remotely change player's account attributes (like zero their money balance), corrupt accounts, and even ban players from the game.

According to the user reports, the exploit can impact even players not in the same multiplayer lobby as the attackers, so anyone, as long as they're online, is susceptible to attacks.

According to a changelog seen by BleepingComputer, the North GTA Online cheat developer added these new "features on January 20th, 2023, as part of its 2.0.0 release.

The developer of the North GTA Online cheat removed these abusive features on January 21st, apologizing for the mayhem it has caused.

• Removed badsport/corrupt account for players (bad judgement on my part for adding this public)
• Removed take money from player (bad judgement on my part for adding this public)

Unfortunately, the reversal comes too late, as the issue has already affected many gamers.

The Rockstar Games' support forums have been flooded by user reports claiming to have experienced account problems since the cheat's release.

CVE - CVE-2023-24059