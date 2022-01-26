From Software shut down its game servers to deal with the major glitch

From Software was forced to shut down Dark Souls series servers on PC last Sunday (23) after the discovery of a serious security breach. A loophole present in all games in the series allowed an attacker to run remote code on anyone’s machine and take full control over it.

The problem was first discovered in dark souls 3but it also affects dark souls 2, Dark Souls: Remasteredand the version Dark Souls: Prepare to Die Edition, which is no longer sold by Bandai Namco. In a message posted on Twitter, From Software said it is investigating reports and that you should turn online mode back on once a solution is found.

The security issue was publicly aired during a The_Grim_Sleeper player broadcastwho saw your PC freeze and then received a voicemail criticizing the way he played. According to the player, soon after, his PC started to run the Microsoft PowerShella means used by the attacker to trigger the Windows speech-to-text system.

Fault is still little known

According to a publication on Discord SpeedSouls, the invasion made to the player’s system was not intended to harm him, but rather alert From Software developer of the severity of the problem. The official says that, before accessing The_Grim_Slepper’s system, he tried to warn the company about the issue, but had his messages ignored.



On the Reddit dedicated to Dark Souls 3, a user stated that only four people know how to activate the remote access loophole present in the game. Two of them belong to the Blue Sentinel group, which unofficially develops anti-cheat systems for the game — and has already released a patch against the vulnerability.

The issue only affects the PC version of Dark Souls series titles, which means that no intervention was required on the console servers. Until the moment, From Software hasn’t released a prediction of when the game’s servers should go live.nor are there any reports that the breach had already been used by malicious actors.

Source: The Verge