Comment on malicious backdoor found in widely used game mod by Low Level [YouTube]
Telorand@reddthat.com 1 month ago
Tldr: it’s a crypto wallet stealer.
Always be wary of unknown code. Check comments on sites like Nexus. Run installers through virus checks.
Poopfeast420@discuss.tchncs.de 1 month ago
If I understand it correctly from the reddit post, this was a popular mod, that you could get directly in-game, so probably available through the Steam Workshop or something. In that case you assume everything is fine and don’t really check out, if there’s something wrong.
circuitfarmer@lemmy.sdf.org 1 month ago
It is a CS2 mod – CS2 lacks Steam Workshop support. Paradox did not put it in, in favor of their own mod platform.
There was a lot of beef about the lack of workshop support, but it means it was on Paradox’s platform, if anything.
teawrecks@sopuli.xyz 1 month ago
Wonder if steam workshop scans for this kind of thing, or if it would have otherwise been found quicker.
thingsiplay@beehaw.org 1 month ago
This mod had some clever tricks to avoid detection from Antivir scanner. Not sure how deep and complex the Steam Workshop antivir scanner goes (if any). Hard to say if they would have found and prevented it. However, all antivir and other scanner software learned from this and now every malware using this technique could be detected instantly. At least in theory.
Telorand@reddthat.com 1 month ago
Man if that’s the case, that really sucks.