Password protected zip file is also a way to deliver content an indie dev might use to lock content, so that on its own is not enough, but also the “payload” was connecting to a remote server, which is not indication of bad behavior, lots of games connect to remote servers and receive commands from there, e.g. event X starts now, or something. Except in this case it allowed a reverse shell.
pulsewidth@lemmy.world 2 days ago
Citation please for any indie dev using passworded zip files to lock game content. That would be a pretty dumb approach given all retail security suites / antiviruses will flag a password-protected archive as suspect by default (because they’re so commonly used in the past to distribute malware).
Nibodhika@lemmy.world 1 day ago
Here’s a steam forum of someone asking why some devs do that from a year ago: steamcommunity.com/…/4423184558852867037/ so it is done by other devs.
pulsewidth@lemmy.world 1 day ago
Thanks for the effort digging. This does not actually point out any game doing it in particular though, and it’s actually a perfect example of a working antivirus picking up a suspect file (a password protected archive) in a game’s install tree.
This is from Aug 2024 and could even be from one of the games that distributed malware. Its absolutely something that Steam should be blocking/flagging for manual review, and a huge red flag that any developer would use this as a tool for distributing their game content.
Nibodhika@lemmy.world 1 day ago
How is a password protected zip file different from an encrypted blob? And a quick Google will show you dozens of devs asking how to do this in different engines, because it’s a very simple way to delay access to something, it won’t be permanent, but it can allow you to do stuff like pre-loading that game/DLC and activate them remotely.