Mod News - Tumblr Posts

thestartome
1 year ago

!Important Warning!

These Days some Mods containing Malware have been uploaded on various Sites.

The Sims After Dark Discord Server has posted the following Info regarding the Issue:

+++

Malware Update: What We Know Now To recap, here are the mods we know for sure were affected by the recent malware outbreak: "Cult Mod v2" uploaded to ModTheSims by PimpMySims (impostor account) "Social Events - Unlimited Time" uploaded to CurseForge by MySims4 (single-use account) "Weather and Forecast Cheat Menu" uploaded to The Sims Resource by MSQSIMS (hacked, real account) "Seasons Cheats Menu" uploaded to The Sims Resource by MSQSIMS (hacked, real account)

Due to this malware using an exe file, we believe that anyone using a Mac or Linux device is completely unaffected by this.

If the exe file was downloaded and executed on your Windows device, it has likely stolen a vast amount of your data and saved passwords from your operating system, your internet browser (Chrome, Edge, Opera, Firefox, and more all affected), Discord, Steam, Telegram, and certain crypto wallets. Thank you to anadius for decompiling the exe.

To quickly check if you have been compromised, press Windows + R on your keyboard to open the Run window. Enter %AppData%/Microsoft/Internet Explorer/UserData in the prompt and hit OK. This will open up the folder the malware was using. If there is a file in this folder called Updater.exe, you have unfortunately fallen victim to the malware. We are unware at this time if the malware has any function which would delete the file at a later time to cover its tracks.

To quickly remove the malware from your computer, Overwolf has put together a cleaner program to deal with it. This program should work even if you downloaded the malware outside of CurseForge. Download SimsVirusCleaner.exe from their github page linked here and run it. Once it has finished, it will give you an output about whether any files have been removed.

+++

For more Information please check the Sims After Dark Server News Channel!

CurseForge took actions and added mechanics to prevent such Files to be uploaded, so downloading there should be safe.

In general be careful, where and what you download, and do not download my Mods at any other Places than my own Sites and my CurseForge Page.

Tags :
sims 4 sims 4 simblr sims 4 news mod news cc updates the sims 4 custom content sims 4 warning!
1K notes View Post
thestartome
1 year ago

⚠️ ADVISORY: Malicious Mods, Identity Theft, Malware, and You ⚠️

Hey, all! Not sure how many people will see this, but if you do, please reblog. This is a 'little' post regarding a potentially big problem affecting the Sims 4 community. If you download mods/CC at all (and yes I know CC is a type of mod), this applies to you.

TL;DR: For the sake of your personal info, identity, bank account, et cetera, please STOP downloading any mods/CC for the time being. Especially from the following sites: CurseForge, ModTheSims, The Sims Resource. It doesn't matter if you know the creator or not. Give it at least a week while we all figure out what's going on. If you must, I would recommend only downloading directly from a creator's Patreon (assuming they have one).

Other people have written at length about the mods in question, so I'll just share their posts below.

What's going on?

From the Sims 4 After Dark Discord server (a server you should join if you're not in it already):

ADVISORY: Malicious Mods, Identity Theft, Malware, And You
ADVISORY: Malicious Mods, Identity Theft, Malware, And You

⚠️If you downloaded any mod listed in the above post and played the game with them installed, this is the cleaner program Kuttoe (creator of the Home Regions and Townie Demographics mods) mentioned in their post: GitHub - overwolf/sims4-social-events-cleaner: Source files and exe release for a tool to clean up your machine if you have downloaded the "Social Events - Unlimited Time" Sims 4 mod ⚠️

ADVISORY: Malicious Mods, Identity Theft, Malware, And You

Got confirmation from Kuttoe that as long as you didn't boot up the game with the malicious mods installed (or deleted them completely from your computer before playing the game), you *should* be fine. Still, I recommend that anyone who thinks they might have downloaded any of them run the cleaner program.

Here's an explanation from @anadius2 (reposted by Kuttoe) in the Sims 4 After Dark server (not providing a link to prevent brigading or spam, but you can DM me and I'll give you the link) about what the malware will do to your computer:

ADVISORY: Malicious Mods, Identity Theft, Malware, And You
ADVISORY: Malicious Mods, Identity Theft, Malware, And You

And a little dive into the back-end coding stuff for the more tech-savvy Simmers out there:

ADVISORY: Malicious Mods, Identity Theft, Malware, And You

So, to recap:

Fake mods were uploaded to Curseforge, ModTheSims, and The Sims Resource

@msqsimsofficial had their account compromised on 2 of those sites (they are a victim of hacking, so do not send them hate!)

If downloaded, these malicious mods have the ability to steal very sensitive info (your passwords, credit card info if saved somewhere in your browser, data)

As of right now, antivirus software may not be able to detect the malware

Mac and Linux users seem to be safe; Windows users are the ones that could be affected

Why is this happening?

Unsure. Lots of theories are being made by people far more knowledgeable than me, but from the looks of things, could be crypto bullshit and/or an attempt to steal your data and sell it. This is very, very serious, and could wreck your life if said data/personal info falls into the wrong hands.

Identity Theft: What It Is, How to Prevent It, Warning Signs and Tips - NerdWallet

It's always a good idea to change passwords every couple of months or so, but if you think you've been affected, you also need to change your passwords for things like online banking, email and social media accounts, healthcare sites AFTER running the cleaner.

What now?

I want to talk about how we approach modding our games and downloading files in general.

Please STOP downloading mod file folders from people who did not create the specific mods. Period. This includes Sim dumps, building/lots with CC, mod folders promoted on YouTube, etc. This does not mean that anyone sharing them is doing so maliciously. In fact, I appreciate the amount of effort people put into compiling these resources! But unless you're super careful (and super knowledgeable), you run the risk of downloading malware like this on your computer. Make no mistake, the malicious files in question look like run-of-the-mill, everyday mods. Two of them were even posted from a trustworthy creator's actual account! The only way to know what they actually do is to peek into the code, and idk about you, but I don't know Python. So even after this issue is resolved, you really should only download files from the creators themselves.

But what about CC shopping?

Here's how I like to approach it: I stick to lookbooks and combing through the Patreons/accounts of creators who make items I like. If I see a Sim dump with CC that I'm interested, I try to reach out to the poster and ask where they got specific CC. If I can't do that, I see if it was shared via Drive, look at the individual files themselves, then head to the original CC creator's official download page and get it from the source.

That's all I have for you! Stay safe, and happy Simming! 🫶🏾

Tags :
sims 4 sims 4 simblr ts4 simblr sims the sims 4 sims news the sims 4 news mod news news sims 4 mods sims 4 cc TS4 CC cc s4 custom content ts4 custom content the sims 4 custom content custom content sims 4 custom content
8K notes View Post