Dark Souls 3 bug could let hackers seize control of your PC
Online servers have been shut down as the team investigates
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
As ifDark Souls 3wasn’t already difficult enough, playing it online could open up your computer for malicious actors to swoop in, steal sensitive data, and brick it completely, if they so wished.
A report from Dexerto claims that playing the popular game online comes with a Remote Code Execution (RCE) vulnerability. RCEs are usually considered among the most dangerous vulnerabilities, as they allow third parties to run any code on the affected device, which includesransomware,malware, infostealers, and pretty much anything else.
The vulnerability was demonstrated on a live stream from The__Grim__Sleeper, who was streaming the game for his 70,000+ viewers on Twitch when the game crashed, aMicrosoftPowerShell opened up by itself, and thetext-to-speechfeature was triggered, causing Microsoft’s robotic voice to start criticizing the streamer’s skills.
Drawing attention to the problem
As comedic and harmless as the scene may appear, the message was received loud and clear. In fact, it turns out that delivering the message was the whole point, as the hacker behind the attack first tried to contact FromSoftware, Dark Souls developers, to raise awareness about the issue, but was met with silence.
Only then, did the hacker decide to demonstrate the power of the vulnerability in front of a large audience, and it seems to have worked.
FromSoftware has now shut down its servers for Dark Souls, Dark Souls 2, and Dark Souls 3, which all seem to be vulnerable to the flaw.
There are even worries that its premiere upcoming gameElden Ringcould also be vulnerable, with the company promising to investogate.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
According to a report on The Verge, the anti-cheat mod for Dark Souls 3, called Blue Sentinel, which was developed by the game’s community, was patched to protectendpointsagainst the vulnerability, while Bandai Namco, the game’s publisher, took to Reddit to thank the community for drawing their attention to the flaw.
The servers are expected to come back online once the issue is permanently fixed.
Via:The Verge
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Quordle today – hints and answers for Saturday, November 9 (game #1020)
