Old games on Steam functioning as virus vectors?

Gobermental Supervisor · Tuesday at 6:22 AM

I just stumbled over this video showing officially available older game titles on Steam are now functioning as malware vectors for hackers.

Does anyone have experience with this issue?
Is this real?

TheArtilleryman · Tuesday at 6:27 AM

I have only heard of this happening to the Call of Duty games, I was sternly warned against playing World at War on PC for this reason.

I know that at least Modern Warfare 2 has a community driven custom client called IW4X which works great, allows custom lobbies and sees much fewer hackers.

Gobermental Supervisor · Tuesday at 6:31 AM

I'd say Steam should remove those games, disable them, and force refunds on the publisher.
Let's hope someone shows this to Gabe.

Dick Lickieta · Tuesday at 6:31 AM

This is a specific issue with older COD games because Activision never bothered patching exploits rather then a Stream issue. Valve should probably do something about it though.

Dreamland · Tuesday at 6:31 AM

Now imagine this kind of RCE happening while running the game's hypervisor anticheat shit. Just replace the UEFI with a message about being owned by gang weed or haxxors.

Breadbassket · Tuesday at 6:51 AM

Multiplayer for old Call of Duty games are and will sadly continue to be a hellscape. They have the gall to keep the games up at full price to.

TheArtilleryman · Tuesday at 6:56 AM

Gobermental Supervisor said:
I'd say Steam should remove those games, disable them, and force refunds on the publisher.
Let's hope someone shows this to Gabe.

I'm pretty sure one important part of IW4X and other custom client's ability to keep existing is that they stipulate you must own the game on Steam first, so they aren't condoning piracy. Completely disabling the games is sure to cause a lot chaos, especially for those few autists who went the extra mile to download and set up other shit just to have a decent experience in the game. Allow those who've bought them already to keep access, but no new purchases until somebody fixes the official game, and until then refunds automatically accepted. That's what should be done.

Gobermental Supervisor · Tuesday at 6:58 AM

TheArtilleryman said:
I'm pretty sure one important part of IW4X and other custom client's ability to keep existing is that they stipulate you must own the game on Steam first, so they aren't condoning piracy. Completely disabling the games is sure to cause a lot chaos, especially for those few autists who went the extra mile to download and set up other shit just to have a decent experience in the game. Allow those who've bought them already to keep access, but no new purchases until somebody fixes the official game. Refunds automatically accepted.

It isn't about piracy, it is about an official store selling games that compromise your computer if you launch them.
If nothing else, it is a huge liability issue for the platform.

Dick Lickieta said:
This is a specific issue with older COD games because Activision never bothered patching exploits rather then a Stream issue. Valve should probably do something about it though.

Yes, I understand that it is NOT an issue caused by Steam. But they are selling the games, and I'd say this opens them up to liability too.

Civillian 18 · Tuesday at 7:25 AM

I also saw that video in my feed, but I thought you were talking about how patches on Steam are apparently not vetted to the same level as initial upload/releases. Eric Parker covers them every now and then.
Recently there was one where a game was hijacked, developers account compromised and they converted the whole game into malware by completely converting it to a different thing entirely. SteamDB is odd to dig through but you can see the last update by the legit dev was in 2024 (as 'Rodent Race') and then it became 'Beyond the Dark'.
Edit: there was another one, 8 months ago, whole game was malware apparently. Some poor cancer survivor got fleeced for his crypto wallet.

As for CoD games being known to be malware and still sold, yeah that shit is fucked. It is basically 'installing WinXP raw on the open internet' levels of broken/pwnable.

Gobermental Supervisor · Tuesday at 7:32 AM

Civillian 18 said:
I thought you were talking about how patches on Steam are apparently not vetted to the same level as initial upload/releases

I think this is the original game being compromised, and despite the developer/publisher knowing this, still offering the game for sale.
Valve should act on this, since they are taking a cut of the revenue they are also liable to ensure the software sold isn't malware.

Tablet County · Tuesday at 9:31 AM

Campaignchads win again.

Parasite Paracide · Tuesday at 9:47 AM

This has been a prevalent issue since 2022 I believe. A friend over in the UK told me once how many inbound connection attempts he had on Wireshark just playing MW2 TDM. Fun fact: Activision copyright striked a fan-hosted version of MW2 that fixed this vulnerability and had virtually no cheaters and even modern graphical settings, only to continue to keep these broken versions listed.
I hear from CoD channels currently too that Warzone has started getting similar stuff happen.

Gobermental Supervisor · Tuesday at 9:54 AM

OS Ghost said:
This has been a prevalent issue since 2022 I believe. A friend over in the UK told me once how many inbound connection attempts he had on Wireshark just playing MW2 TDM. Fun fact: Activision copyright striked a fan-hosted version of MW2 that fixed this vulnerability and had virtually no cheaters and even modern graphical settings, only to continue to keep these broken versions listed.
I hear from CoD channels currently too that Warzone has started getting similar stuff happen.

I am sure the game companies will bring this up as an excuse to kill games.
Just horrifying what companies can get away with.

They were once men · Tuesday at 9:55 AM

you can use plutonium on the older cod games it's basically a replacement to the multiplayer that adds in an anti cheat and dedicated servers, It even works on pirated copies.

Stephen Rothman · Tuesday at 1:59 PM

Yes, this happens on occasion, but only Activision really lets it go unchecked. All the Dark Souls servers were offline due to an RCE exploit for over 6 months in 2022.

Here's another vector that I haven't seen mentioned yet. Depending on how a game handles mods, Steam Workshop items might contain all kinds of things.
Cultist Simulator just let you rawdog DLL files because why not
Rimworld may or may not have malware mods in the workshop, but I haven't found any confirmation or analysis of what the mods in question actually did. This was posted less than 24 hours ago.

⋖ cørdion ⋗ · Tuesday at 2:14 PM

Oh, oh, Bricky made a video on this specifically with CoD. It's such a fucking fever dream to think an old ported game on Steam can just.. expose you entirely. Only thing more absurd is how nintendo handhelds only get hacked because an indie game forgot a little hole and suddenly people are emulating it on pc.

Judge Dredd · Wednesday at 4:49 AM

Going to have an unpopular take, but unless it's extremely bad (like "games" that are just malware), Valve shouldn't do anything.

I can see this kind of thing being used as an excuse to kill games now that Stop Killing Games is a thing. "Oh, we had to remove CoD 4 from your Steam library. It's to protect you! You can buy or shitty remake for 20% off!"

TrainWreckWatcher · Wednesday at 5:04 AM

I thought this was into reference of hackers stealing old game dev accounts and totally reworking the games with vibecode into new titles and distributing malware through them.
Which has also been happening a lot lately.

Gobermental Supervisor · Wednesday at 5:19 AM

Judge Dredd said:
Going to have an unpopular take, but unless it's extremely bad (like "games" that are just malware), Valve shouldn't do anything.

I can see this kind of thing being used as an excuse to kill games now that Stop Killing Games is a thing. "Oh, we had to remove CoD 4 from your Steam library. It's to protect you! You can buy or shitty remake for 20% off!"

No, this is a case of software sold by the company having a critical exploit.
They are legally required to fix that exploit, or refund their customers.

This is like saying "We are sorry, but you car has to be put down. It is 7 years old and we found an issue that could harm you, so we are going to just retire it for you."

Let companies make the argument please, this needs to be addressed right away.
Consumer protection already covers this, if the product is faulty, I have a right to a refund and the company remains liable.

Dick Lickieta · Wednesday at 5:30 AM

Judge Dredd said:
Going to have an unpopular take, but unless it's extremely bad (like "games" that are just malware), Valve shouldn't do anything.

I can see this kind of thing being used as an excuse to kill games now that Stop Killing Games is a thing. "Oh, we had to remove CoD 4 from your Steam library. It's to protect you! You can buy or shitty remake for 20% off!"

One doesn't have to remove the game from the steam library of those who purchased it, rather they could just stop selling it

Old games on Steam functioning as virus vectors?

Gobermental Supervisor

Live from the Goobybunker.

TheArtilleryman

Tremendously Miraculous Astoundingly Sensational

Gobermental Supervisor

Live from the Goobybunker.

Dick Lickieta

Dreamland

Boo!

Breadbassket

TheArtilleryman

Tremendously Miraculous Astoundingly Sensational

Gobermental Supervisor

Live from the Goobybunker.

Civillian 18

Good people

Gobermental Supervisor

Live from the Goobybunker.

Tablet County

Kill yourself.™

Parasite Paracide

LART-EN043

Gobermental Supervisor

Live from the Goobybunker.

They were once men

Aragorn Heir of Isildur

Stephen Rothman

⋖ cørdion ⋗

Coughing for Cash

Judge Dredd

Senior Layout Artist

TrainWreckWatcher

Gobermental Supervisor

Live from the Goobybunker.

Dick Lickieta