Video game enthusiasts experienced a cyber attack on Christmas day when the widely-used mod, Downfall, for the game Slay The Spire was hijacked to distribute harmful malware through the gaming platform Steam. The attackers aimed to steal users' passwords from several applications, including internet browsers and popular messaging services like Telegram and Discord.
Those who attempted to launch the Downfall mod during the time of the breach encountered an unexpected popup, supposedly for a "Unity library installer." This was a disguise used by the hackers to implement their malware without raising suspicion. According to the developers who maintain Downfall, the breach was successfully reversed by the afternoon of December 25th.
Despite the malware's aggressive attempts to scrape passwords and sensitive data from multiple sources, the developers informed users that most antivirus programs were able to block the malware's payload from being transmitted over the internet. Consequently, users with antivirus protection may not have suffered direct harm from the attack. However, the malware was programmed to seek out and extract passwords, targeting a variety of applications and services. This extensive list included Windows local login credentials, and data saved within several browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, and others, as well as passwords stored in Telegram and Discord, or any file potentially containing 'password' in its title.
Reports emerged from users encountering unfamiliar files on their systems, which were allegedly created by the malware in different locations on their hard drives. With safety in mind, the developers of Downfall recommended that users should explore these suspicious files only while disconnected from the internet to prevent further risk of data theft.
For those affected, particularly users who saw the Unity library installer popup, a crucial step would be to promptly change their passwords. High priority should go towards the modification of critical passwords, especially for accounts that lack two-factor authentication (2FA) – a security measure that adds an extra layer of protection beyond just the password.
As a mod, Downfall added significant content to the base game of Slay The Spire, introducing new characters to play, game modes, and additional features that enriched the gaming experience for players. Following the unfortunate security incident with Downfall, the developers have shifted their focus to developing Tales & Tactics, a new game that is described as a standalone auto-battling Chess roguelike.
For players and mod users, this incident underlines the importance of vigilance in the digital space, particularly within gaming communities where mods and custom content are common. The spread of malware through such platforms serves as a reminder to maintain up-to-date antivirus solutions, to be cautious of unexpected prompts and installations, and to practice secure password management, including the regular updating of passwords and the use of two-factor authentication wherever possible.
For the developers, addressing the malware incident has been a setback, but their prompt response and transparency with the community have aided in mitigating the situation and preventing further dissemination of the malware. Their ongoing work on Tales & Tactics is a testament to their resilience and dedication to provide unique and engaging gaming experiences, despite the challenges posed by cybersecurity threats in the gaming world.
You must be logged in to post a comment!
