Rendered at 18:24:40 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
galad87 1 days ago [-]
Games are an almost perfect type of software to be run in a sandbox. The question is, why aren't they already run in a sandbox?
ux266478 1 days ago [-]
SteamOS leverages namespaces via pressure-vessel already. The problem exists exclusively on Windows. Paravirtualized drivers introduce API incompatibility issues and decades of cumulative engine infrastructure made for Windows using the Win32 API means nobody wants to swap over to using UWP and thus AppContainers are a non-starter (and that's without getting to sacrificing Wine/Proton compatibility).
The native isolation mechanisms like silos are things that require wrangling by professional sysadmins, I didn't even know they existed until I started writing this post. The real question to be asking is why is sandboxing so bad on Windows? Despite some searching, I still have no conclusive answer as to how to go about filesystem isolation in Win32-space, or if it's even possible.
malkia 1 days ago [-]
Sandboxing is quite easy (user-wise), once you install the sandbox system. By default it allows only a single sandbox, and with small `.wsb` file you can drive what's visible from the host, whether the GPU should be active, etc. - https://learn.microsoft.com/en-us/windows/security/applicati...
It's great for testing, and Sandbox is just the tip of the iceberg of what Windows Containers support
- e.g. maybe someone can come up with "launcher" that goes through it (somehow).
subscribed 23 hours ago [-]
Ummm, yeah, but Windows Containers is windows Pro and Enterprise only (security is an optional, paid extra on windows), and only for these using Hyper-V (meaning Virtual Box users are excluded).
Personally I'm coping with sandboxie.
Aerroon 1 days ago [-]
They are? Games need pretty much all the performance they can possibly get. Can you sandbox them without having a performance impact?
Consider that people pay a $300 premium to get ~10% better performance (buying an RTX 5080 instead of a 5070 Ti).
Personally I know that sometimes closing the web browser in the background makes my game run better - that web browser doesn't even interact with the game! Would a sandbox have a smaller impact?
blueg3 1 days ago [-]
It certainly could.
Buying a better GPU improves your graphics performance and that's basically unrelated to the area where a sandbox impacts performance.
Killing your web browser is probably just lowering memory pressure?
Sandboxes add overhead to syscalls. It's kind of similar to running under Wine, which also adds significant syscalls overhead. Wine also has a much more impactful DirectX translation layer, so your sandbox performance would be probably be much better than the Wine performance.
devmor 1 days ago [-]
> your sandbox performance would be probably be much better than the Wine performance.
That’s hard to believe, given that many games run better under WINE than native Windows.
blueg3 1 days ago [-]
AIUI, this is relatively rare, and is because of DXVK on games that use old DirectX APIs.
chainingsolid 1 days ago [-]
Most of the sandboxing you need for a game is less full sandbox and more a whitelist on file access and local network communication.
Levitating 1 days ago [-]
> Can you sandbox them without having a performance impact?
On Linux certainly so, and I think if Steam is installed as a flatpak all games naturally are sandboxed.
pjc50 1 days ago [-]
PC games tend to be the reverse: they demand control over the machine, in order to try to detect or prevent being run alongside various forms of cheating software.
They also need low-latency access to the GPU, which I suspect is a fertile vector for privilege escape exploits.
blueg3 1 days ago [-]
Only a relatively small (but popular) subset of games use anticheat. Most games -- including the one in this article -- could theoretically run in a sandbox.
jasomill 1 days ago [-]
Even games with strong anticheat could benefit from sandboxing, as the anticheat mechanisms that need access outside the sandbox represent a much smaller surface area for exploits than the entire game.
In theory, sandboxing mechanisms could even be used to improve anticheat.
What I always sort of assume the endgame could be for highly competitive Windows games is something akin to cartridge or bootable floppy games from the 8-bit era, where games would install into or be supplied as disk images containing locked-down Windows installations that only permit signed (and possibly whitelisted) drivers and whitelisted applications, which would include the game and a small number of other approved applications like Discord, MS Edge and possibly selected third-party browsers, and support software for hardware like GPUs and gaming input devices, which Windows would then boot to run the game, either on bare metal or in an isolated VM.
1bpp 1 days ago [-]
Every Xbox game runs in a HyperV container, maybe it's not a crazy idea for PC
wao0uuno 1 days ago [-]
Running games on Linux via Proton provides some isolation. It’s not technically a proper sandbox though.
parasense 1 days ago [-]
Proton is just emulation, and it will happily expose the underlying host system to the running game software. In particular the filesystem and some peripheral devices. However, Valve is moving towards sandboxing in Steam. You can already run the whole thing with a flatpak sandbox, and valve themselves are using ostree. With srvio is possible to run the whole thing in a throwaway windows vm while the graphics card is passed through
sophrosyne42 1 days ago [-]
This is why it was foolish to give a new name to it. It was originally called Wine Is Not an Emulator.
zufallsheld 1 days ago [-]
It's not a new name. Proton is Valve's fork of wine. They also contribute patches to wine.
unethical_ban 1 days ago [-]
I think their point is proton is not an emulator.
tazard 14 hours ago [-]
P. I. N. E. from here on out then
q3k 1 days ago [-]
You can just use Linux syscalls from an .exe executed by Wine. There is no sandboxing.
Anything that wants to traverse your filesystem could do so trivially from a wineprefix, but stuff like sniffing your browser extensions might be harder depending on the technique.
sph 1 days ago [-]
I run Proton in Steam flatpak, as well as itch.io from flatpak. That is reasonable enough isolation for my use case.
Is this not just an artifact of windows not sandboxing anything meaningfully and that itself is an artifact of punch cards?
WorldMaker 24 hours ago [-]
Windows has a lot of powerful sandboxes. A lot of them Windows maybe made too easy to opt-out from and/or defaulted them to opt-in rather than opt-out which makes them things that developers need to learn or developers try to avoid or developers don't think they need.
subscribed 23 hours ago [-]
Linux doesn't sandbox anything at all, unless you go out of your way for Bazzite or accidently run something from Flatpak/Snap.
nubinetwork 1 days ago [-]
Some anti piracy is already a sandbox.
SuperNinKenDo 1 days ago [-]
I've formally studied gamedev, but haven't done anything in over a decade, but even before you get to the thorny issue of anti-cheat sustems, games rely on running at a(n often very) low level and doing unconventional things. I imagine they're one of the hardest things there are to sandbox without causing massive levels of breakage. But someone more knowledgeable about either side of the equation (sandboxing and/or game development) might be able to shed more light.
wotsdat 1 days ago [-]
[dead]
cassianoleal 1 days ago [-]
What about all the other games with malware, like Denuvo and similar?
giancarlostoro 1 days ago [-]
I recommend installing Linux. If it wont play on Linux even with Proton, you shouldn't give them a single penny.
cassianoleal 10 hours ago [-]
I only game on Linux. I don’t run Windows, period.
I like that it keeps those kinds of malware out of my reach, and I don’t mind skipping games that use them.
I would like for it to go away entirely though. Both because I find it an appalling practice, and because I want more gamers playing more games on Linux.
freedomben 1 days ago [-]
I agree, although I've made exceptions for a very small number of games with Denuvo (actually, just Hogwarts Legacy, which in hindsight I'm glad I did even though it still hurts my soul a bit) and they can run on Linux (I have nothing else but Linux). It's mostly kernel-level anti-cheat that won't run from what I've read.
giancarlostoro 1 days ago [-]
If it plays on Linux I don't personally care if its got Denuvo, its isolated by Proton, so not really a big deal. I do think its really pointless, because none of these tools ever truly stop game cheating.
freedomben 1 days ago [-]
Oh yeah completely agree. They don't even stop warez either as it only takes a little while for it to be broken. Mainly all it does is punish paying users, and cost them sales (from people like me) who don't want the potential headache.
fleroviumna 1 days ago [-]
[dead]
nosioptar 1 days ago [-]
Gog.com only sells games without DRM.
Most games on itch.io are not DRMed.
7bit 1 days ago [-]
[flagged]
nekzn 1 days ago [-]
"drm is malware" is so 2005.
4chandaily 1 days ago [-]
"We have to stop the nazis" is so 1940s.
"Congress is engaged in a witch hunt" is so 1950s.
"Civil rights should be applied to everyone" is so 1960s.
"Fossil Fuels are destroying the plant" is so 1970s.
"Unregulated free trade is dangerous" is so 1980s.
"The police are out of control and unduly target minorities" is so 1990s.
Something being old doesn't make it less relevant or important.
It means we need to say it louder, because for some reason the point hasn't been made clearly enough yet.
avazhi 1 days ago [-]
Get the help you need, 4ChanDaily.
4chandaily 1 days ago [-]
:-*
nekzn 1 days ago [-]
[flagged]
nosioptar 1 days ago [-]
Dude, nothing they said had anything to do with left handedness...
freedomben 1 days ago [-]
Every day there are new people coming online and/or of age who weren't aware or even alive in 2005. They too need to know that DRM is malware.
wanzg 1 days ago [-]
"rootkits are malware" is in fact eternal.
blueg3 1 days ago [-]
Usually when people complain about Denuvo, they're talking about Denuvo Anti-Tamper, which (perhaps surprisingly) is not a rootkit.
willis936 1 days ago [-]
When people complain about denuvo rootkits they are complaining about denuvo anti-cheat, which is a rootkit.
mschuster91 1 days ago [-]
Well, Riot Games just today (!) admitted to hard-bricking cheating hardware [1]. This kind of stuff definitely is malware, and your comment aged like milk.
Malware is deceitful, you're not aware of its presence. Anti-Cheat does what it's promises, and I've personally found Riot fairly transparent regarding Vanguard.
You don't have to play Valorant, but if you do you probably want to play without cheaters. It's either get hated for having cheaters (like CS2) or get hated for having invasive Anti-Cheat (Valorant). There's no third option.
Ferret7446 17 hours ago [-]
So if malware announces itself, it is no longer malware but anticheat?
"If you do not wire the money, the anticheat will activate and delete all your data"
Levitating 3 hours ago [-]
> So if malware announces itself, it is no longer malware but anticheat?
If it announces itself after installation it would obviously be malware. But if the software does exactly what the user expects it to do, and the user installs it with consent, why would it be malware?
Otherwise BitLocker or a disk eraser would be malware just because it performs a destructive action.
Wikipedia goes by the same definition, it's harmful software that operates without the owners knowledge.
It may seem like a weird hill to die on, but calling every Anti-Cheat or DRM a "rootkit" or malware kind of takes any meaning away from the term. And is also just misinformative to the workings of DRM and Anti-Cheat.
mschuster91 2 hours ago [-]
> It may seem like a weird hill to die on, but calling every Anti-Cheat or DRM a "rootkit" or malware kind of takes any meaning away from the term.
It's not the first time that DRM has caused damage. The Valorant one is particularly bad as no user should expect hardware damage or data loss even if they cheat, but I still 'member Sony's DRM that was a legitimate rootkit [1].
It's not a hard-brick. Reinstalling Windows fixes it.
1 days ago [-]
1 days ago [-]
nekzn 1 days ago [-]
You are confusing drm with anti cheats.
In any case, good for Riot, and good especially for their players!
john_strinlai 1 days ago [-]
anti-cheat is not perfect. they will brick a legitimate user's pc. that is the opposite of "good for their players".
and even if someone is cheating on a riot game, bricking their pc is obviously fucked, and will end up biting riot in the ass (i.e. not good for riot, either).
Rohansi 1 days ago [-]
Which anti-cheat has bricked users' PCs? The Riot example above specifically targets DMA cards (cheating hardware) which no legitimate user will have.
john_strinlai 1 days ago [-]
>Which anti-cheat has bricked users' PCs?
the one we're talking about, where riot tweeted "congrats on your $6k paperweights".
>The Riot example above specifically targets DMA cards (cheating hardware) which no legitimate user will have.
you can play league/valorant legitimately, be using dma for whatever else, and apparently riot will still gladly brick your pc.
you apparently don't even need the games currently installed! if you have vanguard leftover from months ago when you did play, remove all the games, and then decide to tinker around with dma for fun/learning/who cares, riot will still come after you, despite not even playing their games.
even if that seems unlikely, refer back to sentence #2 of my comment: "and even if someone is cheating on a riot game, bricking their pc is obviously fucked, and will end up biting riot in the ass (i.e. not good for riot, either)."
Rohansi 1 days ago [-]
Where does it say Riot bricked anything? They referred to the cards as paperweights but they don't need to be bricked to be a paperweight, being useless to the cheater due to Vanguard protections is enough. They definitely didn't brick anyone's PC.
> you can play league/valorant legitimately, be using dma for whatever else
I don't think there's a way to check what memory a DMA card is accessing. I also don't see why legitimate users would have a DMA card. I think it's fair for them to assume a connection is there and react.
john_strinlai 1 days ago [-]
>They referred to the cards as paperweights
DMA cards are not $6k, so it is obvious that riot is not talking about the DMA card specifically. they are ~$300 - ~$700. the image they tweeted alongside was that of broken computers, not of broken DMA cards.
i am not sure why riot would admit to bricking $6k PCs if they werent. that would also be exceptionally stupid.
admittedly, the more i look into it, it appears the reports are soft-bricking (i.e., requiring a complete wipe and reinstallation of the OS, not hard-bricking). which is less awful, but still really awful.
>I also don't see why legitimate users would have a DMA card.
doesn't matter at all. if its not being used to interact with riot games, its none of riot's business and not on riot to determine the legitimacy of owning one.
>I think it's fair for them to assume a connection is there and react.
i think this is a wild take. this is effectively giving ownership of your software and hardware to riot.
if the reaction was simply to ban you from riot servers and games, sure, i could be convinced that's acceptable. but the reaction is beyond that.
Rohansi 1 days ago [-]
> the image they tweeted alongside was that of broken computers, not of broken DMA cards.
Actually, the image they tweeted shows a ton of PCIe cards.
> reports are soft-bricking (i.e., requiring a complete wipe and reinstallation of the OS, not hard-bricking)
I still don't think anything is actually bricked. They are just enabling and enforcing IOMMU, HVCI, etc. which prevents them from using their DMA card to cheat. I'm sure they could restore functionality by removing Riot's games and anticheat, disabling IOMMU and HVCI, etc.
matheusmoreira 1 days ago [-]
No confusion at all. Same unacceptable "we own your machine now" nonsense.
_imnothere 1 days ago [-]
A saying being old doesn’t make it invalid anyway. What’s your point?
nekzn 1 days ago [-]
My point is that this saying is the tritest of the trite, and therefore not worth being posted.
malkia 1 days ago [-]
There is a game - Beyond The Darkness - released few weeks before the name change
"Beyond the Dark" (the malware) was released (ahem, renamed) on Dec 28 2024
Frieren 1 days ago [-]
> However, someone reportedly hijacked the developer’s Steam account and quickly transformed it into Beyond The Dark – changing its name, screenshots, and other store details. As Steam does not fully verify every patch made to a game, the modified version was reportedly able to go live without raising immediate red flags.
It is interesting that it seems to easier to take over a legit game than trying to create a new one. I have seen this with youtube channels, inactive during a long period of time and suddenly showing mostly scams. Or the original owner became a criminal, or more probably were taken over criminals.
> The malware allegedly searched for cryptocurrency wallet browser extensions, including MetaMask, before connecting to external servers and downloading additional tools. These tools were reportedly capable of stealing browser information, passwords, and cryptocurrency wallet data.
Cryptocurrencies are the most insecure currency that we have even invented. It is paradoxical that is being marketed as actually safe.
ASalazarMX 22 hours ago [-]
Now it makes sense why someone in a game development group mentioned he received an offer of $100 USD for his indie game. The buyer plainly stated that they were specifically looking to buy underperforming games. The developer didn't sell, but sadly $100 was more than he made in sales a year after launch, so it must have been tempting.
Maybe that's why they changed the game's name post-malware, to spam, er "promote" it as a new one and gain users quickly.
embedding-shape 1 days ago [-]
> What’s interesting is that while the game itself often crashed during launch, the malicious software continued running quietly in the background.
Wonder how much longer it could have remain undetected if it actually fired up a shovelware game that could run properly, things like crashing probably gave it away way faster than it could've.
Levitating 1 days ago [-]
> things like crashing probably gave it away way faster than it could've
Theres a lot of games on Steam that outright don't work. It wouldn't raise a flag with me.
ChoGGi 1 days ago [-]
Huh. There is the occasional paid game on steam that has a 100% off deal. Guess it's time to start being suspicion of those as well.
I'm thinking of the scenario where the original devs sell the game rights off since sales are bottomed out.
zamadatix 1 days ago [-]
The best place to put malware is wherever people don't think they need to be suspicious of the software they run. Free games, paid games, supply chain - it doesn't really matter so long as they think they can trust it blindly.
2OEH8eoCRo0 1 days ago [-]
Surprised this or malicious games and updates hasn't happened sooner.
I remember, ~20 years ago, there was some free Christmas elf game (Flash?) that went viral and everyone was playing it. Struck me as a perfect vector for malware, I was a little surprised that didn’t happen.
ASalazarMX 22 hours ago [-]
~20 years ago it was still not rare for someone to email his friends a little Flash game or greeting card wrapped in an .EXE so they could run it straight from Outlook. In retrospective, those were crazy times. We knew about viruses from the time of MS-DOS, and still happily emailed executables that not even Hotmail or Google bothered to block.
All our network traffic was unencrypted, which enabled all kinds of shenanigans until the security culture seeped into corporations and the public.
When stories talk about time travelers that hijack old technology instantly, it makes complete sense. Someone with modern hardware, software, and knowledge could completely break most technology back then. They better not forget their modem, though.
flamesofphx 20 hours ago [-]
ELF ELF BABY.... Elf Bowling, and Frog-a-pult... I wish NSTORM Games was a big market player now.. I guess someone let him borrow the canoe he was looking for...
1 days ago [-]
gorgmah 1 days ago [-]
This is bound to become more and more pervasive, with supply chain attacks happening extremely frequently now. My cooleagues and me almost got caught in the latest Shai-Hulud attack due to some tanstack packages. Noone is safe now.
qskousen 1 days ago [-]
Not sure if it was a typo or not but "colleagues" is a great word, I'm going to start using it.
dude250711 1 days ago [-]
I am starting to think that perhaps their fee is not entirely justified.
Ember_Wipe 1 days ago [-]
[flagged]
herpdyderp 1 days ago [-]
And yet games like Subnautica 2 do similar things and nobody stops them because it’s in the EULA.
therealunreal 1 days ago [-]
What does Subnautica 2 have?
john_strinlai 1 days ago [-]
i assume they are referring to denuvo.
and, while denuvo and other drm for games is indeed awful, i find it silly to equate it with cryptocurrency stealing malware.
Cthulhu_ 1 days ago [-]
Exactly because it's known - malware is only considered malware if you install it without knowing about it.
But if you know about it you have a choice not to buy / install it, like with games like Subnautica 2.
butvacuum 1 days ago [-]
[flagged]
skinfaxi 1 days ago [-]
Not for nothing but have we all forgotten the sony rootkit? Actually, that would be a perfect front. Start a game company backed by a nation state, put in rootkit anti-cheat, profit.
The native isolation mechanisms like silos are things that require wrangling by professional sysadmins, I didn't even know they existed until I started writing this post. The real question to be asking is why is sandboxing so bad on Windows? Despite some searching, I still have no conclusive answer as to how to go about filesystem isolation in Win32-space, or if it's even possible.
It's great for testing, and Sandbox is just the tip of the iceberg of what Windows Containers support
- e.g. maybe someone can come up with "launcher" that goes through it (somehow).
Personally I'm coping with sandboxie.
Consider that people pay a $300 premium to get ~10% better performance (buying an RTX 5080 instead of a 5070 Ti).
Personally I know that sometimes closing the web browser in the background makes my game run better - that web browser doesn't even interact with the game! Would a sandbox have a smaller impact?
Buying a better GPU improves your graphics performance and that's basically unrelated to the area where a sandbox impacts performance.
Killing your web browser is probably just lowering memory pressure?
Sandboxes add overhead to syscalls. It's kind of similar to running under Wine, which also adds significant syscalls overhead. Wine also has a much more impactful DirectX translation layer, so your sandbox performance would be probably be much better than the Wine performance.
That’s hard to believe, given that many games run better under WINE than native Windows.
On Linux certainly so, and I think if Steam is installed as a flatpak all games naturally are sandboxed.
They also need low-latency access to the GPU, which I suspect is a fertile vector for privilege escape exploits.
In theory, sandboxing mechanisms could even be used to improve anticheat.
What I always sort of assume the endgame could be for highly competitive Windows games is something akin to cartridge or bootable floppy games from the 8-bit era, where games would install into or be supplied as disk images containing locked-down Windows installations that only permit signed (and possibly whitelisted) drivers and whitelisted applications, which would include the game and a small number of other approved applications like Discord, MS Edge and possibly selected third-party browsers, and support software for hardware like GPUs and gaming input devices, which Windows would then boot to run the game, either on bare metal or in an isolated VM.
https://gist.github.com/q3k/e5952111283ea59ee78a7699919a055b
I like that it keeps those kinds of malware out of my reach, and I don’t mind skipping games that use them.
I would like for it to go away entirely though. Both because I find it an appalling practice, and because I want more gamers playing more games on Linux.
Most games on itch.io are not DRMed.
"Congress is engaged in a witch hunt" is so 1950s.
"Civil rights should be applied to everyone" is so 1960s.
"Fossil Fuels are destroying the plant" is so 1970s.
"Unregulated free trade is dangerous" is so 1980s.
"The police are out of control and unduly target minorities" is so 1990s.
Something being old doesn't make it less relevant or important.
It means we need to say it louder, because for some reason the point hasn't been made clearly enough yet.
[1] https://videocardz.com/newz/riot-games-on-valorant-dma-cheat...
You don't have to play Valorant, but if you do you probably want to play without cheaters. It's either get hated for having cheaters (like CS2) or get hated for having invasive Anti-Cheat (Valorant). There's no third option.
"If you do not wire the money, the anticheat will activate and delete all your data"
If it announces itself after installation it would obviously be malware. But if the software does exactly what the user expects it to do, and the user installs it with consent, why would it be malware?
Otherwise BitLocker or a disk eraser would be malware just because it performs a destructive action.
Wikipedia goes by the same definition, it's harmful software that operates without the owners knowledge.
It may seem like a weird hill to die on, but calling every Anti-Cheat or DRM a "rootkit" or malware kind of takes any meaning away from the term. And is also just misinformative to the workings of DRM and Anti-Cheat.
It's not the first time that DRM has caused damage. The Valorant one is particularly bad as no user should expect hardware damage or data loss even if they cheat, but I still 'member Sony's DRM that was a legitimate rootkit [1].
[1] https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootk...
In any case, good for Riot, and good especially for their players!
and even if someone is cheating on a riot game, bricking their pc is obviously fucked, and will end up biting riot in the ass (i.e. not good for riot, either).
the one we're talking about, where riot tweeted "congrats on your $6k paperweights".
>The Riot example above specifically targets DMA cards (cheating hardware) which no legitimate user will have.
you can play league/valorant legitimately, be using dma for whatever else, and apparently riot will still gladly brick your pc.
you apparently don't even need the games currently installed! if you have vanguard leftover from months ago when you did play, remove all the games, and then decide to tinker around with dma for fun/learning/who cares, riot will still come after you, despite not even playing their games.
even if that seems unlikely, refer back to sentence #2 of my comment: "and even if someone is cheating on a riot game, bricking their pc is obviously fucked, and will end up biting riot in the ass (i.e. not good for riot, either)."
> you can play league/valorant legitimately, be using dma for whatever else
I don't think there's a way to check what memory a DMA card is accessing. I also don't see why legitimate users would have a DMA card. I think it's fair for them to assume a connection is there and react.
DMA cards are not $6k, so it is obvious that riot is not talking about the DMA card specifically. they are ~$300 - ~$700. the image they tweeted alongside was that of broken computers, not of broken DMA cards.
i am not sure why riot would admit to bricking $6k PCs if they werent. that would also be exceptionally stupid.
admittedly, the more i look into it, it appears the reports are soft-bricking (i.e., requiring a complete wipe and reinstallation of the OS, not hard-bricking). which is less awful, but still really awful.
>I also don't see why legitimate users would have a DMA card.
doesn't matter at all. if its not being used to interact with riot games, its none of riot's business and not on riot to determine the legitimacy of owning one.
>I think it's fair for them to assume a connection is there and react.
i think this is a wild take. this is effectively giving ownership of your software and hardware to riot.
if the reaction was simply to ban you from riot servers and games, sure, i could be convinced that's acceptable. but the reaction is beyond that.
Actually, the image they tweeted shows a ton of PCIe cards.
> DMA cards are not $6k
The ones shown in the image they tweeted are! ($5,800 USD -> https://www.heinodma.com/)
> reports are soft-bricking (i.e., requiring a complete wipe and reinstallation of the OS, not hard-bricking)
I still don't think anything is actually bricked. They are just enabling and enforcing IOMMU, HVCI, etc. which prevents them from using their DMA card to cheat. I'm sure they could restore functionality by removing Riot's games and anticheat, disabling IOMMU and HVCI, etc.
"Beyond the Darkness" was released on Nov 14 2024 - https://store.steampowered.com/app/1728610/Beyond_The_Darkne...
"Beyond the Dark" (the malware) was released (ahem, renamed) on Dec 28 2024
It is interesting that it seems to easier to take over a legit game than trying to create a new one. I have seen this with youtube channels, inactive during a long period of time and suddenly showing mostly scams. Or the original owner became a criminal, or more probably were taken over criminals.
> The malware allegedly searched for cryptocurrency wallet browser extensions, including MetaMask, before connecting to external servers and downloading additional tools. These tools were reportedly capable of stealing browser information, passwords, and cryptocurrency wallet data.
Cryptocurrencies are the most insecure currency that we have even invented. It is paradoxical that is being marketed as actually safe.
Maybe that's why they changed the game's name post-malware, to spam, er "promote" it as a new one and gain users quickly.
Wonder how much longer it could have remain undetected if it actually fired up a shovelware game that could run properly, things like crashing probably gave it away way faster than it could've.
Theres a lot of games on Steam that outright don't work. It wouldn't raise a flag with me.
I'm thinking of the scenario where the original devs sell the game rights off since sales are bottomed out.
The FBI were seeking victims for ~8 "games" earlier this year: https://forms.fbi.gov/victims/Steam_Malware/view
All our network traffic was unencrypted, which enabled all kinds of shenanigans until the security culture seeped into corporations and the public.
When stories talk about time travelers that hijack old technology instantly, it makes complete sense. Someone with modern hardware, software, and knowledge could completely break most technology back then. They better not forget their modem, though.
and, while denuvo and other drm for games is indeed awful, i find it silly to equate it with cryptocurrency stealing malware.
But if you know about it you have a choice not to buy / install it, like with games like Subnautica 2.