Exploited, the vulnerability can cause serious damage to players’ PCs.
The official account of Dark Souls communicates on Twitter that the PVP servers of Dark Souls 3, Dark Souls 2 and Dark Souls: Remastered have been temporarily closed on PC. It is added that those of Dark Souls: Prepare to Die Edition will follow” soon “.
dark souls online not available on PC
Very few details are provided on the reason for this abrupt decision, but we learn more about it on Reddit. In recent days, a critical security flaw has been discovered in the source code of the multiplayer section of titles from the FromSoftware studio.
This is a type vulnerability Remote Code Execution (RCE), which can allow hackers to remotely execute malicious code on a computer without prior authorization, and therefore to take control of the machine, to render it unusable, or to steal sensitive personal data (logins , banking information…).
The security flaw exploited live on Twitch
On a Twitch stream from The__Grim__Sleeper channel (starting at 1:20:20 in the video below), we can see an application of the exploit of this security flaw. The game starts out crashing, then we hear the robotic voice of the Windows diction tool attacking the streamer’s way of playing. The latter indicates that a PowerShell window has opened on his computer, confirming a remote control takeover.
According to the first elements available, the hacker behind this action has no harmful intentions. He would have warned FromSoftware of this vulnerability and in the absence of reaction from the studio, would have decided to hack live streamers to force the hand of the developers and push them to react.
Bandai Namco, the publisher of Dark Souls, commented on the Reddit thread in question: “ Thank you very much for the warning, a report on this subject was submitted to the internal teams concerned earlier today “. A few hours later, the announcement of the closure of the servers was made official.
Sources: Dark Souls