Dark Souls Servers Taken Down To Prevent Hacks Using Critical Remote Execution Bug

Dark Souls, the popular video game, has reportedly taken down their servers to prevent hacks via some critical bugs that could allow bad actors to take control of your PC. According to reports on Reddit, the vulnerability is a remote code execution, which could allow attackers to take control of users’ systems, gain access to sensitive info, plant malware or use resources for crypto mining. Dark Souls confirmed the temporary deactivation of Twitter.

There is currently no indication when things will come back online.

I have a pair of comments to share. First is from Saryu Nayyar, CEO and Founder, Gurucul:

“The risk of remote worker networks is very apparent from this attack. As we connect our gaming systems to the same network as resources that attach to the corporate network, the infection can easily spread from home to a much bigger operation. It is critical for security teams to understand how users are accessing network resources but incorporate that information into risks and severity associated with attack campaigns. This is where identity and specifically access analytics incorporated into next generation SIEM can narrow down indicators of compromise and determine malicious behaviors hiding as authorized user activity.”

The second is from Jorge Orchilles, CTO, SCYTHE:

Remote code execution (RCE) vulnerabilities aren’t new or rare but they are dangerous when no one knows they exist. We see threat actors use RCEs all the time, especially when the vulnerabilities do not have a patch available. Cybercriminals can use these vulnerabilities to execute malicious code in the application to gain access to the underlying system for fun and profit. Companies impacted by these types of vulnerabilities need to take immediate action to protect their customers by releasing patches. Meanwhile, gamers affected should monitor their systems for abnormal activity such as crypto-miners.

Taking this game offline, at least partially is the right move. Hopefully that Bandai Namco who make the game are able to fix this issue, bring the service back online, and assure users that the only pwnage that will take place is related to the game.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: