Today, Valve Software announced that hackers had stolen the source code to their upcoming game, Half-Life 2. This presents a variety of expensive problems for Valve, and I won’t go into those here, but the interesting part for me was a line from Valve’s explanation:
At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook’s preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve…
Basically, they’re starting to point the finger at Microsoft for the attack – if Microsoft Outlook was more secure, they wouldn’t have been hacked, and their code wouldn’t have been stolen. Hey, if it’s true, then it’s true, and this will definitely get investigated. I’m sure MS has a crew en route to Valve now, not to mention antivirus experts.
I predict that this becomes a watershed event in the computing community. Network admins who want to rid their shops of MS products will use this as a reason: “Boss, if you leave Microsoft Outlook in place, we might get hacked just like Valve did. Remember Valve, that company that went under because they couldn’t sell their games anymore? What if one of our competitors pays some hackers to knock us down just like they did Valve?”
