Downfall, a popular mod for Slay The Spire, was hijacked by attackers. The developer of the mod has published some details about what happened.
While it is not the first time a mod on
Steam Workshop has been infected, this is perhaps the most notable security incident related to mods available on the platform. It is kind of shocking that hackers have targeted a free mod to distribute malware. Naturally, some users are worried whether such issues could arise with other games. Some people have questioned how this was possible in the first place, and why Valve did not have a security system in place to prevent such risks.
The main problem with software and games distributed on Steam, is auto-updates. While automatic installation of updates is usually beneficial, i.e. you get bug fixes faster, sometimes these can become a pain, if they introduce more bugs, or in this case an actual security risk. Sadly, there is no option to disable auto-updates on Steam, so once a game or a mod is updated, it is automatically downloaded to your PC. And, without installing the latest update, you cannot launch the game.
Coming back to the mod that had been hijacked, it appears that not all users of the Downfall mod were impacted by the attack. The announcement by the mod's developer has some details about how users were affected by the malware.
