Skip to main content

Dark Souls Remote Code Execution

| Jared Schultz

Imagine you’re playing an online video game with your friends, streaming online, or whatever you do to pass the time with your favorite online game, when out of nowhere an image takes over your computer and starts issuing threatening messages with a robotic voice. Normally, this sort of thing only happens on TV, but on January 21st, this happened during a livestream to a streamer named ‘The__Grim__Sleeper.’ Two days later, the developers of the Dark Souls franchise announced that multiplayer for all of the Dark Souls games, including their upcoming Elden Rings game, has been taken offline until the issue is resolved.

The game’s multiplayer code apparently has a Remote Code Execution (RCE) which allows any attacker to execute arbitrary code while anyone playing the game is online. In the streamer’s case, the attacker ran PowerShell on their computer to spawn the threatening image and message, but it is easy to imagine how this could have been even worse for any user running the game with this exploit. The developer of the Remote Code Execution claims to have been trying to report the issue to the developers for a while without any success. The developer did report the issue to a third-party anti-cheat tool which has since built in prevention of the exploit. 

While exploit code is not out in the wild yet, this is another reminder of simple ways to protect your computer even when things like this come out of nowhere. Easy ways to mitigate these sorts of issues are to ensure that you don’t run applications as a user with administrative rights, backup sensitive files regularly (an at-home network-attached storage (NAS), or cloud storage are both easy options, just make sure they are not only on your computer at home!), and ensure your antivirus and operating system are up to date.

Source: https://threatpost.com/dark-souls-servers-down-rce-bug/177896/
Source: https://www.kaspersky.com/blog/dark-souls-dangerous-vulnerability/43436/