On Christmas Day, players of a beloved mod for the card game Slay The Spire experienced an unexpected and unwelcome surprise. The mod known as Downfall fell victim to a security breach, which alarmingly allowed hackers to disseminate malware through Steam, the online gaming platform where it is hosted.
This piece of malware was nefariously designed to extract the passwords from users' browsers and to compromise accounts on popular messaging services such as Telegram and Discord. Those unfortunate enough to be affected by this incident would find themselves greeted with a "Unity library installer popup" upon initiating Downfall. This troubling interruption signaled that the malware had taken root in the system and was primed to carry out its malicious intent.
The incident was well-handled, and by 1:40 PM Eastern Time on December 25th, developers announced a reversal of the hack. Acknowledging the severity of the situation, the developers informed players that most antivirus programs had failed to halt the execution of the malware; however, they were successful in stopping the harvested data from being transmitted over the internet. This meant that the attack did not inevitably result in damage to the affected users.
However, the malware had an insidious aim: to harvest and compile passwords not only from internet browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, Brave, and Vivaldi, but also from users' Windows local login, the messaging apps Telegram and Discord, and any file whose name contained the word 'password.'
Many affected users reported seeing files, which were believed to be associated with the malware, appearing in various locations on their computer drives. The developers took the initiative to include some of these file locations in their announcement, offering players a guide to recognizing the potential signs of infection.
Caution was advised by the developers concerning the investigation of these suspicious files. They recommended that users do so while their computers were disconnected from the internet to prevent any additional unauthorized transmission of data. Moreover, the developers urged anyone who had encountered the Unity popup to promptly change their most crucial passwords, with particular attention to those which were not protected by two-factor authentication, to mitigate the risk of their accounts being compromised.
The Downfall mod of Slay The Spire holds a special place in the hearts of its players. Not only does it introduce fresh, playable characters and a new mode, but it adds a rich variety of content that breathes new life into the beloved base game. Despite this setback, the developers have worked diligently to address the issues and are dedicating their efforts to their next project – Tales & Tactics, a standalone auto-battling Chess roguelike.
This incident serves as a stark reminder of the potential vulnerabilities that can be encountered when participating in digital entertainment and the importance of digital security. The modding community is often built on trust and shared passion for gaming; however, moments like these highlight how quickly this trust can be undermined by malicious actors. Gamers are encouraged to maintain vigilant security practices, including regular updates of antivirus software and employing the use of strong, unique passwords complemented by two-factor authentication whenever possible. It is through these practices that the integrity of gaming experiences like those offered by Downfall can be preserved against the threats posed in the digital age.
You must be logged in to post a comment!
