You must log in or register to comment.
I had the mod installed in the timeframe were it had the malware. Fuck me.
But what really pisses me off is that i read about it first here on lemmy. Not on the Beamng forums/repository, not in the game, not in the steam announcments of the game. Like you distributed malware over your platform and the policy of you fucks is just to stay silent? Meh.
Why would it be in-game or a steam announcement? The malware was in a mod, not the base game. Mod authors can’t post game announcements. So, at best you get a comment of the workshop or on nexus.
Because Beamng runs their own mod repository which is even accessible ingame. This isnt about some random mod hosted on a randrom 3rd party site. This mod was released and distributed over servers and a services which Beamng as a company runs themselves. So reading a whole ass month after the incident my system and my passwords were potentially compromised fucking sucks. I’m not blaming them that the mod got uploaded. I’m blaming them that they made no attempts to publicly communicate: “yo, a mod containing malware got uploaded to our service and 3000 users downloaded it before we got informed that it was infected. If you happen to have downloaded the mod in x timeframe your system was likely compromised. Sorry yadda yadda”
Because it’s supposed to reach affected users as quickly as possible, and a Steam/ingame announcement is the best way to do that? Slay The Spire made such an announcement when a popular mod was infected, and even though I didn’t use that mod, I still appreciated the outreach and care.
Why are you acting like it’s such a crazy idea to use broad announcement channels to reach all affected users?
This made me think, okay, this particular exploit uses malicious code in a mod that targets an old embedded chromium vulnerability, and can be fixed by updating the game’s dependencies. This game started a dozen years ago, but it’s still being worked on.
How many retro games that are not still in development could have vulnerabilities like that? Especially moddable games.
Outdated chromium…Like the steam overlay?
Or electron
