In a concerning turn of events, the popular mod for the video game 'Slay The Spire', known as Downfall, became an unwitting vessel for cybercriminal activities on Christmas Day. The mod was hijacked, leading to the unintentional distribution of malware via the Steam gaming platform. The primary goal of the malware was to steal passwords from users.
When players attempted to initiate Downfall, they were unexpectedly met with a "Unity library installer popup," a clear sign that something was amiss. Unfortunately, during the time of the hijack, any interaction with this popup could have resulted in the installation of malware onto the user's system.
The ominous nature of this particular malware was that it was designed to specifically target and steal passwords. The developers of the mod, in their announcement, pointed out that the malware scanned for passwords saved in various internet browsers and grabbed login details for the messaging platforms Telegram and Discord.
In an alarming revelation, the developers noted that most antivirus programs did not effectively block the activation of the malware. However, they were more successful in preventing the actual transmission of any stolen data across the internet. This meant that unless the malware had successfully transmitted the stolen information, the attack might not have caused immediate damage.
The hackers programmed the malware to scrape and compile passwords from a range of sources. The targeted applications included several well-known web browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, Brave, Vivaldi, and Yandex. Additionally, it was designed to capture the user's Windows local login credentials and search for any files on the hard drive that may contain the word 'password' within their title.
Users who were unfortunate to encounter the malware reported spotting unfamiliar files at different locations on their hard drives. The developers of Downfall have included some of these file locations in their announcement, warning users to proceed with caution. They recommend that users should only search and investigate these files when offline, to avoid potential further breach of personal data.
Additionally, the situation begs a critical action for those affected: altering their passwords. The mod developers are urging players who experienced the Unity popup to change their important passwords, especially for accounts that lack the added security of two-factor authentication (2FA).
The Downfall mod itself is a celebrated expansion within the 'Slay The Spire' game community. It enhances gameplay by introducing new playable characters and modes, contributing significantly to the game's replayability and depth. Following this incident, the creators of the Downfall mod have since begun development on a new project, Tales & Tactics, an independent game inspired by auto-battling Chess and roguelike elements.
The hijacking incident on Christmas was resolved by approximately 1:40 pm Eastern Time (6:40 pm Greenwich Mean Time), with the developers taking swift action to address the breach and reverse the hack. Nonetheless, the occurrence serves as a jarring reminder of the potential for even the most benign gaming content to become a conduit for cyber threats.
Cybersecurity within the gaming community continues to be a significant issue, with mods being particularly vulnerable due to their often open-source nature and integration with official game platforms like Steam. Gamers are constantly advised to practice caution when downloading and installing mods and to maintain up-to-date antivirus software to safeguard against similar breaches.
The developers' transparency and quick response in mitigating this breach highlight a commitment to their community's safety. Moreover, this incident will likely influence mod developers and hosting platforms to re-evaluate and perhaps strengthen their security measures to prevent future occurrences of this nature. While the situation was certainly unsavory, the resolution of the hack points to the resilience of both the developers and the gaming community in facing such challenges.
You must be logged in to post a comment!
