This month, Mediatonic and Devolver Digital launched a new fun battle royale game called Fall Guys: Ultimate Knockdown. It has every recipe of a great game, and people are now getting addicted to it on PS4 or PC. But, here's a warning from security experts: an npm package was recently blocked by their system after it contains malicious files linked to the interface of the game.
Fall Guys warning everyone!
Before you are overconfident to play the newest PS4 craze Fall Guys, experts have warned that the game might be targeted over malicious malware.
ZDNet first reported that npm software security team had found a suspicious JavaScript library in one of their systems. To ease your worries, the library was already removed on the npm portal.
But, as the investigation started, it was found that the JavaScript library is named "fallguys" that claimed to provide an interface to the "Fall Guys: Ultimate Knockout" game API.
The malicious software, once installed in your gadgets, can steal sensitive files from the infected users' browser and their Discord application.
As also explained by npm, the code would attempt to open your data on your gadgets, including local files. Once opened, it will force to read your files' content, and then post the data inside a Discord channel.
What's more alarming is that the JavaScript library was already available on the site for over two weeks. At this time, it was estimated by ZDNet that it might already be downloaded over 300 times by unknown sources.
Here are the npm packages you should be alarmed with
In order to warn everyone on installing anything online, here are the full list of the five possible packages that the malware would be accessing from your device:
- /AppData/Local/Google/Chrome/User\x20Data/Default/Local\x20Storage/leveldb
- /AppData/Roaming/Opera\x20Software/Opera\x20Stable/Local\x20Storage/leveldb
- /AppData/Local/Yandex/YandexBrowser/User\x20Data/Default/Local\x20Storage/leveldb
- /AppData/Local/BraveSoftware/Brave-Browser/User\x20Data/Default/Local\x20Storage/leveldb
- /AppData/Roaming/discord/Local\x20Storage/leveldb
As you can see above, four out of five the files were specifically connected to browsers like Chrome, Opera, Yandex Browser, and Brave. This means once you have the malware, hackers can easily know your browser's history.
The only thing's different was the last file storage that once infiltrated, may steal your session cookies or other online content inside your devices.
For now, as advised, it is better to download anything online through trusted sources, not just rough patches.
This article is owned by Tech Times
Written by Jamie Pancho
