Dark Souls 3 Online bug leaves you exposed to cyber attacks

News

2 min. read

Published on January 25, 2022

by Alexandru Poloboc

published on January 25, 2022

Readers help support Windows Report. We may get a commission if you buy through our links.

Key notes

If you enjoy playing Dark Souls 3 online, you might want to stop for now.
It was discovered that a bug could open up your computer for attackers.
This vulnerability can lead to cybercriminals actually bricking your PC.
Developers and game creators are now trying to come up with a solution.

Dark Souls players out there will surely agree that the game is already difficult enough, without any bugs or glitches transforming into literal hell, as some users so elegantly put it.

And, as if the difficulty alone hasn’t deterred tens, maybe hundreds of users from playing it, it turns out that playing it online could open up your computer for malicious third parties.

Furthermore, cybercriminals can swoop in, steal sensitive data, and brick it completely if that’s what they choose to do.

Dark Soul online servers are currently down

Dexerto reports that playing the popular game online comes with a Remote Code Execution (RCE) vulnerability.

As you might know, RCEs are usually considered among the most dangerous vulnerabilities, as they allow third parties to run any code on the affected device, which includes ransomware, malware, and infostealers.

This vulnerability was demonstrated on a live stream from The__Grim__Sleeper, who was playing the game for his 70,000+ viewers on Twitch when the game crashed.

Much to his surprise, immediately after, a Microsoft PowerShell opened up by itself, and the text-to-speech feature was triggered, causing Microsoft’s robotic voice to start criticizing the streamer’s performance.

like a Trojan Horse. And more nasty stuff.

It's highly suggested to NOT PLAY ONLINE DARK SOULS 3 in it's current state. Avoid any online activity from Ds3.

In addition, if you haven't already everybody and their mother can recommend the Blue Sentinel modhttps://t.co/lposZRzbr1
— 💛🤍 Skele₊ 💜🖤 (@SkeleMann) January 22, 2022

The actual story here is, believe it or not, that delivering the message was the whole point of the whole Twitch demonstration.

Apparently, the hacker responsible for the attack first tried to contact FromSoftware, Dark Souls developers, to raise awareness about the issue, but wasn’t taken seriously.

Thus, FromSoftware has now shut down its servers for Dark Souls, Dark Souls 2, and Dark Souls 3, which all seem to be vulnerable to the flaw.

Fans are even worried that the premiere of upcoming game Elden Ring could also be vulnerable, but creators did promise that they will look into it.

There is, allegedly, an anti-cheat mod for Dark Souls 3, called Blue Sentinel, which was developed by the game’s community, and was patched to protect endpoints against the vulnerability.

Bandai Namco, the game’s publisher, took to Reddit to thank the community for drawing their attention to the flaw. The servers are expected to come back online once the issue is permanently fixed.

Alexandru Poloboc

Tech Journalist

With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host. A certified gadget freak, he always feels the need to surround himself with next-generation electronics. When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.