While investigating the now-infamous Half-Life 2 hack, Thor Larholm, senior security researcher for security firm PivX Solutions, obtained source code from available resources on the Internet and compiled the game. The program worked and appeared to be Half-Life 2, he said.
While some reports have focused on speculation that the digital thieves wanted a leg up in finding ways to cheat the game, Larholm stressed that the leaked source code could be used by hackers and others to find security holes in the program. This means that people who play the game online may be opening themselves up to attack.
"It is a very serious hack," Larholm stated. "It highlights some loose security policies. I definitely hope they catch these guys."
Valve wasn't the only one affected by the incident.
Components of the source code appear to be from other companies who had licensed the software to Valve, Larholm said. For example, some of the code apparently came from Havok--Dublin, Ireland's creator of software that emulates the physical interaction between in-game characters and their environments.
Steven Collins, chief technology officer for Havok, couldn't confirm whether the stolen code contained the company's software but said his company is investigating the issue. "We are working with Valve," Collins said. "I expect to be in a much more informed position in a few days."
In addition, the code from Valve's game distribution system, Steam, was also obtained online with the Half-Life 2 code, Larholm revealed.