Support us on Patreon
PayPalLatest Comments by redneckdrow
Flathub now has over one million active users
7 Feb 2024 at 8:40 pm UTC Likes: 2
Here's the info at the time:
UPDATE 12/29 - While there is no new alerts regarding the Steam product or risk of downloads, the Discord account remains compromised. I have reports that the account is trying to DM people and either send malware to them impersonating themselves as a developer, or trying to gain sensitive information. Do not engage with this account and absolutely do not click on any links sent.
(Update 7:19 PM Eastern 12/27, 0020 UTC+0 12/28) - We just updated the game intentionally, switching to a fresh clean depot for future use. Do not be alarmed if you see an automatic update.
Hello everyone. I bring some unfortunate news today. Yesterday, Christmas Day, at roughly 12:30 PM Eastern time, we experienced a security breach. At roughly 1:20 PM (1820 UTC+0 on 25/12) , that breach allowed a malicious upload to overtake our game on Steam's library for a period of roughly one hour. Our steam and discord accounts were hijacked, and though the Steam accounts were able to be recovered late in the evening, we were limited in our ability to warn or communicate immediately following the breach. Fortunately, we were able to contain the actual breach much more quickly than the amount of time it took to recover the accounts. The important parts you need to know are:
-The breach window was roughly 1:30 PM-2:30 PM Eastern (1830-1930 UTC+0) on 12/25.
-Downfall is safe to launch once more, and has been since roughly 2:30-2:40 PM Eastern on 12/25 (1920 UTC+0 on 12/25).
-If you did not launch Downfall in the breach window, you're clear.
-If you got an automatic update for Downfall on 12/25 but did NOT launch, you're clear.
-If you launched Downfall via the Steam Workshop (meaning you actually launched Slay the Spire), you're clear.
-If you did launch Downfall on 12/25 and succeeded and everything looked normal, you're clear.
-If you did launch Downfall on 12/25 and saw a command-prompt like screen, that starting spitting out a bunch of text after about 10 seconds, you're in the clear. That was actually just the Java log which we usually keep hidden, but accidentally left visible when we restored the game.
-If you did launch Downfall on 12/25 and got a 'no .exe found' type of error, you're clear. That was us exploding the game to prevent anyone else from being affected.
-If you did launch Downfall on 12/25 during the breach window and got a Unity library installer popup, please continue to read. You may be also at risk.
The security breach allowed a malicious upload to replace the Downfall packaged game. If you were one who saw that Unity library popup, here is the information we have at this time involving the malware that may have affected you:
Most Antiviruses seem to have not stopped the malware specifically from executing, but do stop its payload from being sent across the internet. This means you aren't automatically damaged by the attack.
The payload it tries to scrape and generate involves passwords, specifically from your browsers, Discord, and a few other applications: Windows local login, Google Chrome, Yandex, Microsoft Edge, Mozilla Firefox, Brave, Vivaldi, Telegram, Discord, and files that might contain the word 'password' (if 'password' is in the filename).
If you saw the Unity popup or otherwise feel you may be breached, we recommend you changing important passwords, particularly ones that are not set up for 2FA (2-factor authentification). Any account that is set up for mobile 2FA should be immune. You should also be sure your live protection is active and run scans. Though, for full peace of mind, I personally am electing to reset and wipe all of my drives from my affected hardware.
The payload included the installation of a "WindowsBootManager as an application under my user's AppData folder. Also "Windows Boot Manager is a video game".
One user reported: In your users/[username]/AppData/Local/Temp folder, there will be several files the Trojan creates. One will be called epsilon-[username].zip, which contains everything the Trojan has stolen -- Discord info, autocomplete, saved passwords, network info, cookies, saved credit cards, steam info. WARNING: If you go investigating these files for yourself, to do so without being connected to the internet, just in case there is still some possibility of retriggering an event.
Another user reports: "It was under Local\microsoft\windows\0 for me. It said it was a video game, and from a name i didnt know. I checked on another computer on windows 11 and this file didnt exist. I deleted it and i had no problem restarting the computer afterward, but it was scary.
The other file was named unitylibmanager and was found under local\temp\ and i think this one was the original offender.
I also had a problem with Discord, can't say it was linked but it said the .exe was infected, so i deleted everything."
Also can confirm: "I found WindowsBootManager as an application under my user's AppData folder. Also "Windows Boot Manager is a video game" lmao. I deleted all of them manually."
(UPDATE 12.27.23 2:29 AM) Another user has reported: it looks like in my (user)/AppData/Roaming folder there is a folder named 'UnityLibManager' which was created at the time of all the other malicous folders/files and that was what windows defender detected ('UnityLibManager.exe')
We are still working with any affected users to gather and share as much data as we possibly can. We are also communicating with Valve on the nature and timing of the breach so they can also help from their end.
For those concerned about future breaches, we purged the affected hardware that was breached completely, a full hard drive wipe. We've also added additional security and are in the process of transferring ownership of Downfall to a dedicated Steam account that solely is responsible for uploading to it and is never used or logged in for any other purpose. As much as we like to think we're safe, the reality is that any account that is actively used (that is, logged into frequently) is always at risk to a malware attack, and in this case, Downfall was owned by an active account. When that active account become compromised, so did Downfall. The act of the account being logged in at all was all that was needed for the breach to happen in this case.
I can't apologize enough to the affected users. The thought that someone would hijack a free passion project for malicious intent is truly vile. Downfall is nothing without its players and the joy surrounding it and I am appalled at the attack.
Thank you all for your understanding. I will continue to update as any more information comes my way.
-Michael Mayhem
7 Feb 2024 at 8:40 pm UTC Likes: 2
Quoting: slaapliedjeIt happened with their Downfall mod for Slay the Spire too. Were I a betting man, I'd say they used the same password for both accounts.Quoting: redneckdrowThe recent Tales & Tactics malicious update in Steam, thanks to their discord being compromised, is a good reason why updates should be checked before install. Admittedly, the devs fixed that pretty quickly, before the Winter update. Thank God I checked the forum when I couldn't find release notes at the time.Huh, what happened with this? How does getting their discord compromised lead to a malicious update on Steam?
Here's the info at the time:
Spoiler, click me
UPDATE 12/29 - While there is no new alerts regarding the Steam product or risk of downloads, the Discord account remains compromised. I have reports that the account is trying to DM people and either send malware to them impersonating themselves as a developer, or trying to gain sensitive information. Do not engage with this account and absolutely do not click on any links sent.
(Update 7:19 PM Eastern 12/27, 0020 UTC+0 12/28) - We just updated the game intentionally, switching to a fresh clean depot for future use. Do not be alarmed if you see an automatic update.
Hello everyone. I bring some unfortunate news today. Yesterday, Christmas Day, at roughly 12:30 PM Eastern time, we experienced a security breach. At roughly 1:20 PM (1820 UTC+0 on 25/12) , that breach allowed a malicious upload to overtake our game on Steam's library for a period of roughly one hour. Our steam and discord accounts were hijacked, and though the Steam accounts were able to be recovered late in the evening, we were limited in our ability to warn or communicate immediately following the breach. Fortunately, we were able to contain the actual breach much more quickly than the amount of time it took to recover the accounts. The important parts you need to know are:
-The breach window was roughly 1:30 PM-2:30 PM Eastern (1830-1930 UTC+0) on 12/25.
-Downfall is safe to launch once more, and has been since roughly 2:30-2:40 PM Eastern on 12/25 (1920 UTC+0 on 12/25).
-If you did not launch Downfall in the breach window, you're clear.
-If you got an automatic update for Downfall on 12/25 but did NOT launch, you're clear.
-If you launched Downfall via the Steam Workshop (meaning you actually launched Slay the Spire), you're clear.
-If you did launch Downfall on 12/25 and succeeded and everything looked normal, you're clear.
-If you did launch Downfall on 12/25 and saw a command-prompt like screen, that starting spitting out a bunch of text after about 10 seconds, you're in the clear. That was actually just the Java log which we usually keep hidden, but accidentally left visible when we restored the game.
-If you did launch Downfall on 12/25 and got a 'no .exe found' type of error, you're clear. That was us exploding the game to prevent anyone else from being affected.
-If you did launch Downfall on 12/25 during the breach window and got a Unity library installer popup, please continue to read. You may be also at risk.
The security breach allowed a malicious upload to replace the Downfall packaged game. If you were one who saw that Unity library popup, here is the information we have at this time involving the malware that may have affected you:
Most Antiviruses seem to have not stopped the malware specifically from executing, but do stop its payload from being sent across the internet. This means you aren't automatically damaged by the attack.
The payload it tries to scrape and generate involves passwords, specifically from your browsers, Discord, and a few other applications: Windows local login, Google Chrome, Yandex, Microsoft Edge, Mozilla Firefox, Brave, Vivaldi, Telegram, Discord, and files that might contain the word 'password' (if 'password' is in the filename).
If you saw the Unity popup or otherwise feel you may be breached, we recommend you changing important passwords, particularly ones that are not set up for 2FA (2-factor authentification). Any account that is set up for mobile 2FA should be immune. You should also be sure your live protection is active and run scans. Though, for full peace of mind, I personally am electing to reset and wipe all of my drives from my affected hardware.
The payload included the installation of a "WindowsBootManager as an application under my user's AppData folder. Also "Windows Boot Manager is a video game".
One user reported: In your users/[username]/AppData/Local/Temp folder, there will be several files the Trojan creates. One will be called epsilon-[username].zip, which contains everything the Trojan has stolen -- Discord info, autocomplete, saved passwords, network info, cookies, saved credit cards, steam info. WARNING: If you go investigating these files for yourself, to do so without being connected to the internet, just in case there is still some possibility of retriggering an event.
Another user reports: "It was under Local\microsoft\windows\0 for me. It said it was a video game, and from a name i didnt know. I checked on another computer on windows 11 and this file didnt exist. I deleted it and i had no problem restarting the computer afterward, but it was scary.
The other file was named unitylibmanager and was found under local\temp\ and i think this one was the original offender.
I also had a problem with Discord, can't say it was linked but it said the .exe was infected, so i deleted everything."
Also can confirm: "I found WindowsBootManager as an application under my user's AppData folder. Also "Windows Boot Manager is a video game" lmao. I deleted all of them manually."
(UPDATE 12.27.23 2:29 AM) Another user has reported: it looks like in my (user)/AppData/Roaming folder there is a folder named 'UnityLibManager' which was created at the time of all the other malicous folders/files and that was what windows defender detected ('UnityLibManager.exe')
We are still working with any affected users to gather and share as much data as we possibly can. We are also communicating with Valve on the nature and timing of the breach so they can also help from their end.
For those concerned about future breaches, we purged the affected hardware that was breached completely, a full hard drive wipe. We've also added additional security and are in the process of transferring ownership of Downfall to a dedicated Steam account that solely is responsible for uploading to it and is never used or logged in for any other purpose. As much as we like to think we're safe, the reality is that any account that is actively used (that is, logged into frequently) is always at risk to a malware attack, and in this case, Downfall was owned by an active account. When that active account become compromised, so did Downfall. The act of the account being logged in at all was all that was needed for the breach to happen in this case.
I can't apologize enough to the affected users. The thought that someone would hijack a free passion project for malicious intent is truly vile. Downfall is nothing without its players and the joy surrounding it and I am appalled at the attack.
Thank you all for your understanding. I will continue to update as any more information comes my way.
-Michael Mayhem
Crusader Kings III is about to get a lot of extra exciting content
7 Feb 2024 at 8:34 pm UTC Likes: 2
7 Feb 2024 at 8:34 pm UTC Likes: 2
They buried the lead with the ability to play as an unlanded mercenary; people have been asking for that since CK2 released!
It gets a lot less expensive when you spend 700+ hours in-game. CK2 is still my most played game, but CK3's catching up.
Right now, I'm playing my third playthrough of the Mass Effect games (first was the original release on PC years ago, then on PS3), since the Legendary edition was 6 bucks during the winter sale.
Also, Like A Dragon, because like heck was I going to pay Sony $80 to keep a few games and multiplayer after they raised the price of PS+.
It gets a lot less expensive when you spend 700+ hours in-game. CK2 is still my most played game, but CK3's catching up.
Right now, I'm playing my third playthrough of the Mass Effect games (first was the original release on PC years ago, then on PS3), since the Legendary edition was 6 bucks during the winter sale.
Also, Like A Dragon, because like heck was I going to pay Sony $80 to keep a few games and multiplayer after they raised the price of PS+.
Flathub now has over one million active users
27 Jan 2024 at 7:53 pm UTC
Especially since it broke my profile when I copied it and edited profiles.ini as usual. Fortunately, that's why I keep backups.
An OS should not make assumptions about the competency of the user; that's one of the main reasons I ditched Windows! Anything that updates itself in the background, without asking for input, is tantamount to a benign rootkit.
The recent Tales & Tactics malicious update in Steam, thanks to their discord being compromised, is a good reason why updates should be checked before install. Admittedly, the devs fixed that pretty quickly, before the Winter update. Thank God I checked the forum when I couldn't find release notes at the time.
27 Jan 2024 at 7:53 pm UTC
Quoting: tuubiYes, but Mint deliberately ignoring security updates and shipping packages years out of date irks me. It's why I switched to Arch on my desktop in '14.Quoting: redneckdrow[...] to something not Ubuntu-based for a sane out-of-the-box FirefoxJust a reminder that Ubuntu-based does not automatically mean Snaps. Mint's native Firefox package is sane and up to date.
Quoting: DorritUbuntu proper is very easy to de-snap too.Well, the last time I tried using the PPA and forcing the .deb for Firefox (disabling the snap entirely by pinning the package first) it still managed to reinstall itself and auto-update. That was the last straw! :angry:
But to be honest most users don't care, or simply don't know, if they're using snaps/flatpacks or not.
Especially since it broke my profile when I copied it and edited profiles.ini as usual. Fortunately, that's why I keep backups.
An OS should not make assumptions about the competency of the user; that's one of the main reasons I ditched Windows! Anything that updates itself in the background, without asking for input, is tantamount to a benign rootkit.
The recent Tales & Tactics malicious update in Steam, thanks to their discord being compromised, is a good reason why updates should be checked before install. Admittedly, the devs fixed that pretty quickly, before the Winter update. Thank God I checked the forum when I couldn't find release notes at the time.
Flathub now has over one million active users
27 Jan 2024 at 11:22 am UTC Likes: 1
27 Jan 2024 at 11:22 am UTC Likes: 1
I have to say, flatpak is painless compared to snaps. Snaps tend to have a noticeable impact on performance. I finally had to switch my aging laptop (RAM and storage are at a premium on that thing) to something not Ubuntu-based for a sane out-of-the-box Firefox (and yes, I do like Green Eggs and Ham):tongue: install.
The Pokémon Company confirm investigation into Palworld
27 Jan 2024 at 10:25 am UTC Likes: 2
I love the original trilogy. Everything after
As the books go on, they seem to be leaning science-fantasy more than your bog-standard story. It gets way too dark later on. The fact that Shannara's world is 4000 AD post-apocalyptic Illinois is hilarious, though.
Menion Leah is still my favorite character. Keeping all the Ohmsfords straight is a nightmare.
27 Jan 2024 at 10:25 am UTC Likes: 2
Quoting: Purple Library GuyApropos of nothing, I've still got a first edition of Sword of Shannara, both in hardback and paperback. I bought them at a flea-market for $1.50. Someone didn't know they were selling what was, at the time, a ~$50 collectible hardcover for peanuts.Quoting: PenglingAnd I mean, something being a transparent ripoff doesn't necessarily make it bad. I quite enjoyed The Sword of Shannara even though it was clear to me from the start of reading it that it was a transparent and inferior ripoff of Lord of the Rings.Quoting: Purple Library GuyGotta say, when I first saw a piece of an episode of Digimon on TV my first thought was "Whoa, now there's a transparent ripoff of Pokemon!"I remember thinking the same thing when the Digimon virtual pet keychains first came along (they pre-dated the show by a couple of years, and had little to do with it except for some of the monsters and their evolutionary paths). But with that original context, it was also a lot clearer that they were taking the monster-collecting idea into a raising-focussed direction instead.
Not that I cared, or thought about whether it was actionable or anything, but that was what instantly came to mind.
They still make them, too. I've got one of the modern ones on my desk at the moment, and it can even connect to the classic one I have, as well. :grin:
I love the original trilogy. Everything after
Spoiler, click me
Walker Boh's death just seems downhill to me.
As the books go on, they seem to be leaning science-fantasy more than your bog-standard story. It gets way too dark later on. The fact that Shannara's world is 4000 AD post-apocalyptic Illinois is hilarious, though.
Menion Leah is still my favorite character. Keeping all the Ohmsfords straight is a nightmare.
The Pokémon Company confirm investigation into Palworld
26 Jan 2024 at 7:04 pm UTC Likes: 2
26 Jan 2024 at 7:04 pm UTC Likes: 2
Somehow, people are forgetting:
Digimon
Monster Rancher (Both of these together with Pokémon make up the "Big Three" "mon" series.)
Devil Summoner - Shin Megami Tensei (The Ur example for a "mon" game. I hate SMT, but even I know that.)
Medabots
Spectrobes
Fighting Foodons (Am I the only one who remembers this show?:tongue:)
Telefang
Dragon Quest Monsters
Monster Hunter Stories
Many of these are huge franchises in their own right. Are we gonna call them ripoffs now too?:huh:
I love Pokémon and Nintendo, but I'm not blind. That said, one of 'em does look like Electvire with a nose.
People need to cool down. Sending the Palworld devs death threats? That's beyond insane.
Edit: Forgot the original three Makai Toushi Saga (AKA The Final Fantasy Legend) games.
Digimon
Monster Rancher (Both of these together with Pokémon make up the "Big Three" "mon" series.)
Devil Summoner - Shin Megami Tensei (The Ur example for a "mon" game. I hate SMT, but even I know that.)
Medabots
Spectrobes
Fighting Foodons (Am I the only one who remembers this show?:tongue:)
Telefang
Dragon Quest Monsters
Monster Hunter Stories
Many of these are huge franchises in their own right. Are we gonna call them ripoffs now too?:huh:
I love Pokémon and Nintendo, but I'm not blind. That said, one of 'em does look like Electvire with a nose.
People need to cool down. Sending the Palworld devs death threats? That's beyond insane.
Edit: Forgot the original three Makai Toushi Saga (AKA The Final Fantasy Legend) games.
Palworld overtakes Counter-Strike 2 for most players on Steam and hits 5 million sales
26 Jan 2024 at 6:49 pm UTC Likes: 1
26 Jan 2024 at 6:49 pm UTC Likes: 1
Quoting: officerniceWhat could possibly go wrong? :DQuoting: redneckdrowAfter watching Quill18 play this for three hours, I bit the bullet, despite my post-holiday budget being tight.Ahhh good old Quill18. I guess I should go see how he's doing. ;)
My name for the game:
Skymon: Personal Mining, Breath of the RimFactorio Saga :grin:
Former dev on Stardew Valley reveals their life-sim Sunkissed City
26 Jan 2024 at 6:48 pm UTC
26 Jan 2024 at 6:48 pm UTC
Wait a darn minute, I thought ConcernedApe was a one-man show?
I highly doubt this guy has any right to use these assets. They've barely been modified.
I highly doubt this guy has any right to use these assets. They've barely been modified.
Palworld overtakes Counter-Strike 2 for most players on Steam and hits 5 million sales
23 Jan 2024 at 12:42 am UTC Likes: 3
23 Jan 2024 at 12:42 am UTC Likes: 3
After watching Quill18 play this for three hours, I bit the bullet, despite my post-holiday budget being tight.
My name for the game:
Skymon: Personal Mining, Breath of the RimFactorio Saga :grin:
My name for the game:
Skymon: Personal Mining, Breath of the RimFactorio Saga :grin:
Celebrate Economic Strategy with the Steam Capitalism and Economy Fest
10 Jan 2024 at 3:37 am UTC
10 Jan 2024 at 3:37 am UTC
If a shop sim/dungeon-crawler sounds like a fun concept to y'all, Recettear is one of my personal favorites. It helps that most of the characters are absolutely adorable.:wub:
Gameplay loop is buy items/find in dungeons → choose items for sale → haggle → sell for a decent profit → repay debt → don't wind up in a cardboard box → repeat. :dizzy:
Also, your creditor is a literal money fairy. In the story mode, you have 36 days to pay the debt off. If you lose, you can restart with most of your stuff intact. After beating the game, you can play endless mode without the debt. Or survival mode, if you hate yourself and like soul-crushing debt.
Also, I hate Euria [External Link].
It really is a warm-fuzzies type of ruthless tycoon game.
Capitalism, ho!:grin:
Gameplay loop is buy items/find in dungeons → choose items for sale → haggle → sell for a decent profit → repay debt → don't wind up in a cardboard box → repeat. :dizzy:
Also, your creditor is a literal money fairy. In the story mode, you have 36 days to pay the debt off. If you lose, you can restart with most of your stuff intact. After beating the game, you can play endless mode without the debt. Or survival mode, if you hate yourself and like soul-crushing debt.
Also, I hate Euria [External Link].
It really is a warm-fuzzies type of ruthless tycoon game.
Capitalism, ho!:grin:
- The "video game preservation service" Myrient is shutting down in March
- California law to require operating systems to check your age
- The OrangePi Neo gaming handheld with Manjaro Linux is now "on ice" due to component prices
- Heroic Games Launcher v2.20.1 brings more essential bug fixes
- Running With Scissors announced horror first person shooter Flesh & Wire
- > See more over 30 days here
How to setup OpenMW for modern Morrowind on Linux / SteamOS and Steam Deck
How to install Hollow Knight: Silksong mods on Linux, SteamOS and Steam Deck