Malicious Software is Being Installed on Players Computers Through Unofficial Dota 2 Game Modifications

Security experts have discovered four malicious game mods for the popular MOBA game Dota 2 that were used by a threat actor to backdoor players' systems. The attacker published the mods on Steam, and included a file called evil.lua which was used to check the viability of server-side Lua execution. This code fragment could be used to log, run arbitrary system commands, build coroutines, and send HTTP GET requests. The malicious code in the three more recent game mods was harder to detect than the packed backdoor that was included in the initial game mode. This backdoor allowed the threat actor to execute commands remotely on the infected machines, and even potentially install further malware. It was also used to download a Chrome exploit known as CVE-2021-38003, which was discovered as a zero-day vulnerability in October 2021 and patched. The exploit was hidden in a legal file that adds scoreboard features to the game, making it difficult to find. Valve, the developer of Dota 2, was informed of the findings and updated the vulnerable V8 version in January. They removed the malicious game mods and informed anyone who had been affected, with under 200 players being impacted.

This Cyber News was published on heimdalsecurity.com. Publication date: Thu, 09 Feb 2023 09:44:03 +0000


Cyber News related to Malicious Software is Being Installed on Players Computers Through Unofficial Dota 2 Game Modifications

Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
6 months ago Securelist.com
Malicious Software is Being Installed on Players Computers Through Unofficial Dota 2 Game Modifications - Security experts have discovered four malicious game mods for the popular MOBA game Dota 2 that were used by a threat actor to backdoor players' systems. The attacker published the mods on Steam, and included a file called evil.lua which was used to ...
1 year ago Heimdalsecurity.com
Threat landscape for industrial automation systems, Q1 2024 - In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Percentage of ICS ...
4 months ago Securelist.com
GTA Online Bug Grants Players the Ability to Ban Corrupt Accounts - A new bug discovered in the popular game “Grand Theft Auto Online” (GTA Online) has granted players the ability to ban corrupt accounts. The exploit was discovered by a group of players who had been frustrated by the fact that some players were ...
1 year ago Bleepingcomputer.com
Dota 2 Players Unknowingly Downloaded Malware Through Game Modes - Security researchers have uncovered four malicious game modes for the popular Dota 2 video game that were used by a malicious actor to gain access to players' systems. The attacker created the game modes and posted them on the Steam store, as ...
1 year ago Bleepingcomputer.com
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters | Imperva - In recent research on compromised and malicious PyPI packages, Imperva Threat Research has identified an ongoing malware campaign specifically targeting Roblox hackers. Over time, vast communities have assembled on various platforms such as Reddit, ...
1 week ago Imperva.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
Apex Legends pro tourney canned following cheaty cyberattack The Register - Esports pros competing in the Apex Legends Global Series Pro League tournament were forced to abandon their match today due to a suspected cyberattack. In the early hours of Monday morning, two professional Apex Legends players competing in two ...
6 months ago Go.theregister.com
Apex Legends players worried about RCE flaw after ALGS hacks - Electronic Arts has postponed the North American finals of the ongoing Apex Legends Global Series after hackers compromised players mid-match during the tournament. ALGS is an esports tournament series where players compete in a fast-paced, strategic ...
6 months ago Bleepingcomputer.com
Dota 2 Players Unknowingly Downloaded Malicious Mods Containing Malware - Security researchers have uncovered four malicious modifications for the popular Dota 2 multiplayer online battle arena video game that were created by a malicious actor and uploaded to the Steam store. Jan Vojtěšek, a malware researcher at Avast ...
1 year ago Bleepingcomputer.com
5 Valuable Skills Kids Can Gain by Playing Video Games - Video games come in all shapes and sizes and can be very educational for children of all ages. Video games can provide children with valuable skills that can help them in their everyday lives. From problem-solving abilities to self-control, learning ...
1 year ago Welivesecurity.com
Regenerate and Conquer: Wolverine's Real-Time Damage System to Dominate the Gaming Landscape - Marvel's Wolverine has leaked details which suggest that the game will use advanced features, even those that are not available on current PlayStation 5 hardware, to play the game. In the recent Insomniac data breach, a new rumour has been ...
9 months ago Cysecurity.news
What is Word Unscrambler In Gaming? - Are you tired of getting stuck on those tricky word puzzles in your favourite mobile game? Have you ever wished for a tool to help unscramble those seemingly impossible words? Look no further because the word unscrambler is here to save the day! This ...
1 year ago Hackread.com
Apex Legends esports final delayed by hack claims - Apex Legends is a battle royale-style online multiplayer game launched as a competitor to Fortnite. The North American esports final of online shooter Apex Legends has been postponed following claims of hacking. Clips shared by players show unwanted ...
6 months ago Packetstormsecurity.com
Fragging: The Subscription Model Comes for Gamers - The video game industry is undergoing the same concerning changes we've seen before with film and TV, and it underscores the need for meaningful digital ownership. Twenty years ago you owned DVDs. Ten years ago you probably had a Netflix subscription ...
8 months ago Eff.org
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters | Imperva - In recent research on compromised and malicious PyPI packages, Imperva Threat Research has identified an ongoing malware campaign specifically targeting Roblox hackers. Over time, vast communities have assembled on various platforms such as Reddit, ...
1 week ago Imperva.com
Ransomware attack on indie game maker wiped all player accounts - A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. Ethyrial: Echoes of Yore is a free-to-play old-school MMORPG developed by indie game ...
10 months ago Bleepingcomputer.com
4 Best War Games You Should Play - Online gaming is a luxury, especially if you are interested in strategic war games. Let this format be better expressed within the framework of games and films and people will perceive it at the multimedia level, and not take part in real combat ...
9 months ago Hackread.com
Game mod on Steam breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
9 months ago Bleepingcomputer.com
Steam game mod breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
9 months ago Bleepingcomputer.com
Hackers Breach Steam Discord Accounts, Launch Malware - On Christmas Day, the popular indie strategy game Slay the Spire's fan expansion, Downfall, was compromised, allowing Epsilon information stealer malware to be distributed over the Steam update system. Developer Michael Mayhem revealed that the ...
9 months ago Cysecurity.news
Gaming PCs as Silent Storytellers: Why Privacy Is Crucial - Online games and video games are incredibly popular as a way to connect with people and interact with them. Many people enjoy playing games online, either on gaming consoles, computers, or mobile devices. Online gaming also poses some risks, such as ...
9 months ago Cysecurity.news
Is Hybrid Play Leveling the Playing Field for Online Video Gaming? - As technology continues to evolve, the market for online video gaming has grown exponentially. With the advent of hybrid play, we have seen the emergence of digital console gaming and increasing proficiency in a variety of gaming platforms. This ...
1 year ago Welivesecurity.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
10 months ago Pandasecurity.com
How Hackers are Auctioning Off the Alleged Source Code for League of Legends - An alarming security risk has surfaced as hackers are auctioning off an alleged source code for the popular video game League of Legends (LoL). It is reported that the hackers have accessed this code through illegally obtaining administrator access ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)