Rockstar Games account Tez2 (opens in new tab) recently shared evidence of a security vulnerability in Grand Theft Auto Online. Many players have reported that their account progress has been reversed, or that they have been prevented or kicked from joining games on their PCs.Speyedr (opens in new tab), the developer who created the custom firewall tool Guardian (opens in new tab) for GTA 5 (opens in new tab Open) warns that modders using this exploit are on the verge of having their code executed remotely through GTA Online, allowing hackers to remotely launch malware on a PC running the game.

Tez2 reported that Rockstar is aware of the issue and is working on it (opens in new tab) and we have reached out to Rockstar for comment.

In the initial exploit described by Tez2, modders could steal other users' ranks and in-game money, completely reset their account progress, or in a manner similar to the old Dark Souls item hacks so that online play was effectively banned corrupting" them.

One Twitter user, @Bulkiboy (opens in new tab), demonstrated that he was instantly kicked out of a GTA Online session after deactivating the Guardian firewall. Another user @Fluuffball (opens in new tab) demonstrated gameplay with a "corrupted" account: upon connecting to GTA Online, the camera zooms into the air and then does not connect to the game as is.

As a fix for the corrupted account, Tez2 stated (opens in new tab) that deleting the Rockstar Games folder from My Documents and launching GTA Online will refresh the profile data. Of course, until there is an official response from Rockstar, it is best to avoid GTA Online altogether.

Tez2 describes the exploit as a "partial remote code execution," which could lead to further security breaches by hackers. On the other hand, Speyedr, the creator of Guardian, seems to believe that the development of a full remote code execution via GTA Online is imminent.

Speyedr's tool, Guardian, could potentially defend against this exploit, but the developer does not want users, especially those who do not know how to properly deploy it, to take the risk. Speydr has removed Guardian's file temporarily (opens in a new tab) and urges players to stay away from GTA Online until the issue is resolved.

The whole situation is reminiscent of the remote code execution vulnerability that caused Namco Bandai to shut down the Dark Souls series' multiplayer servers (opens in new tab) for over six months. like Speyedr and Guardian, Dark Souls has a Blue Sentinels security tool, and the fact that a network-savvy player discovered and reported the vulnerability spurred Namco Bandai to take action.