The app affected is the prepackaged version of the Downfall Mod with Slay the Spire, not the Steam Workshop version, apparently. (I have the Downfall mod but didn’t know the pre-packaged version was a thing!)
“The breach window was roughly 1:30 PM-2:30 PM Eastern (1830-1930 UTC+0) on 12/25. If you did launch Downfall on 12/25 during the breach window and got a Unity library installer popup, please continue to read. You may be also at risk. The security breach allowed a malicious upload to replace the Downfall packaged game,” Mayhem said in a statement published on Wednesday.
Shit, I don’t remember if I downloaded that or not. I think I was trying to beat the hell out of vanilla first.
Make sure you check the statement. You’d have to have launched the mod in a specific way during a specific time window
Man I have been clear of any real issues for a long time, this one has my anxiety spiking as someone who installed a lot of steam games…
Use 2fa and you should be fine.
That has nothing to do with this situation tho
Shit, my bad. Classic case of “rtfa”.
I love Steam and wouldn’t lay the blame for this on them but this is why you need to use trusted software sources and isolate machines that use less trustable software.
Steam was not even involved. This didn’t affect the Steam version.
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system.
The publisher got pwnd and the malware got pushed out over Steam. No different from someone publishing a malicious game directly.