On Christmas day, the renowned Slay The Spire mod, Downfall, was the unfortunate victim of a “security breach” that allowed hackers to exploit Steam and distribute malware. The consequences of this breach have been significant and have raised concerns among Slay The Spire players. The malware in question targets users’ passwords, ranging from internet browsers to messaging services such as Telegram and Discord. Affected users would have noticed a peculiar “Unity library installer popup” when launching Downfall, signaling the intrusion.
The Aftermath: Reversing the Hack
According to an announcement made by the developers, the breach was successfully reversed around 1:40pm ET (6:40pm GMT) on December 25th. However, it is worth noting that most antivirus programs did not prevent the malware from executing but did manage to hinder its ability to transmit data over the internet. This somewhat alleviates the immediate damage caused by the attack. The developers explain that the malware’s primary objective is to scrape and generate passwords related to various applications and services, which includes Windows local login, Google Chrome, Yandex, Microsoft Edge, Mozilla Firefox, Brave, Vivaldi, Telegram, Discord, and even files that contain the term “password” in their filenames.
Reports from affected users indicate that the malware has created suspicious files in various locations on their hard drives, some of which have been detailed in the official announcement. To mitigate further risks, the developers advise users to exercise caution and only investigate files that appear suspicious while disconnected from the internet.
For those who encountered the Unity popup, it is strongly recommended that you change your “important passwords,” especially those that do not have 2FA (2-factor authentication) enabled. This additional layer of security can provide an extra barrier against unauthorized access and potential data breaches.
The Impact on Downfall and Its Developers
Downfall, beloved by many Slay The Spire enthusiasts, is a significant mod that introduced exciting features like new playable characters and game modes. However, with this unfortunate security breach, the developers’ attention has shifted towards tackling the aftermath and ensuring the safety of their community. As a result, they have already begun working on a new project called Tales & Tactics, a standalone auto-battling Chess roguelike, which showcases their commitment to delivering innovative gaming experiences despite the setback.
The Christmas day security breach of the Downfall mod for Slay The Spire has highlighted the vulnerabilities that can exist within online gaming platforms. The developers’ swift response in reversing the hack is commendable, but the incident serves as a reminder to remain cautious while interacting with user-generated content. By regularly updating passwords, enabling two-factor authentication, and staying informed about potential security risks, players can help protect themselves from similar incidents in the future.
Leave a Reply