Hackers used this popular Steam game to spread malware and steal data

The attackers took advantage of a vulnerability in a mod to steal passwords

Hackers used this popular Steam game to spread malware and steal data

The attackers took advantage of a vulnerability in a mod to steal passwords

The hackers do not stop and now they put at risk several Steam users. What happens is that they found a vulnerability in a mod for a popular game on the platform and took advantage of it to spread malware.

As you can imagine, their intentions were not good, since their goal was to steal players' passwords and other confidential information. Below, we tell you all the details of this new attack so that you know if you are at risk.

Slay the Spire mod was used to attack players

Slay the Spire mod spread malware among Steam users
Slay the Spire mod spread malware among Steam users

Since its debut in 2017, Slay the Spire became a resounding success and its popularity has not waned. For such a reason, it has a dedicated community that creates interesting and ambitious mods to add novelties to MegaCrit's title.

Unfortunately, something went wrong in recent days, as hackers found a vulnerability in the Downfall mod, one of the most downloaded mods for the roguelike. The creators of the modification reported the problem at Christmas, when their project was the victim of an attack.

According to the details, the attackers took advantage of the vulnerability to upload a malicious file to the mod. They also tapped into the Steam and Discord accounts of the project's developers, who found it difficult to act quickly.

The report claims that the mod along with the malicious file could be downloaded for about 1 hour. The issue is that players who did so may be at risk, as the malware will attempt to steal their passwords from Discord, Telegram and other platforms.

It is known that players who open the infected mod will see a pop-up window from the Unity library. For this reason, if you recently downloaded the mod, we recommend you to take every precaution to avoid a possible attack.

If you were affected, you can change your passwords and activate additional security measures, such as 2-step authentication. Finally, you should know that the mod has already received a patch, so it is now safe to download it.

Comments

 
 
  • Best

  • New